The LulzSec hacker group struck at Sony yet again yesterday and released 54MB of Sony Computer Entertainment Developer Network source code and internal network maps of Sony BMG. LulzSec's Konichiwa posted on the Pirate Bay,"ACHIEVEMENT UNLOCKED: HACK SONY 6 TIMES!...Enjoy this 54MB collection of SVN Sony Developer source code. That's hackers 16, Sony 0. Your move!" If you can't keep up with the attacks on Sony, attrition.org has a "complete history."
Last week, LulzSec published the stolen e-mail addresses and passwords of about 50,000 consumers. The infamous group definitely has gained notoriety, some fans, but it seems to be stacking up quite a list of enemies. The group has only been at it for about a month, but LulzSec's digital wreckage can be seen piling in corners of cyberspace.
LulzSec took credit for hacking Fox, for cracking PBS, has warred with Hacker Magazine 2600, and even hacked an FBI affiliate called InfraGard. InfraGard assists the FBI with analysis and information sharing between the FBI and various law enforcement agencies. ArsTechnica stated, "The hackers compromised around 180 login accounts, all belonging to FBI agents or private sector companies that work with the FBI, many of them with passwords reused in multiple systems." While attacking Karim Hijazi, the founder of Unveillance, LulzSec seemed to make it clear the group dislikes at least some, if not all, whitehats.
Paul Ducklin of Sophos, told Computerworld Australia, "They claim to say they love Nintendo and they hack for them." The group even published details of a "minor" security issue on Nintendo's servers, which has since been fixed and no customer data allegedly was leaked. Ducklin said, "They've got a little bit up themselves with this hacking, so who can say who will be next? Cybercriminals generally don't care. They will go after anyone who is vulnerable and the weaker you are, the more likely they are to do something bad to you."
On the Full Disclosure security e-mail list, perhaps posted by the FBI fighting back, there was a report that a LulzSec member (xyz/ev0) had been arrested, the group's IRC forum had been exposed and log files had been released to the public. Then several websites started reporting that a LulzSec member had been arrested, yet the group vehemently disagreed with that claim.
LulzSec released a statement, denying the hacker was a part of their crew or their subcrew, saying they didn't even know the dude. The group claimed the "exposed" logs were not from the LulzSec core chatting channel, but were instead "where we gather potential backup/subcrew research and development battle fleet members, i.e. we were using that channel only to recruit talent for side-operations." According to LulzSec, they take care of their subcrew and the person who had leaked the logs has been destroyed, "completely hacked inside and out." Furthermore, the group said, "Our core chatting channel remains unaffected. Our core LulzSec team is at full strength. The Lulz Boat sails stronger than ever, nice try though."
Meanwhile, the Guardian reported, and several others followed, that one in four hackers is an FBI mole. The post pointed at hacker turned informant Adrian Lamo, and then Cryptome's John Young and 2600's Eric Corley seemed to agree that the FBI and Secret Service use the threat of prison to turn hackers into snitches. Even NATO is getting in on the action, vowing to infiltrate and persecute Anonymous. LulzSec has made it clear many times that their group is separate from Anonymous.
Whether LulzSec's antics aggravate or amuse you, it's highly doubtful the Lulz Boat has sailed for the last time. What would you call this group? Hacktivisits? Crackers? Grey hat griefers? If this wasn't a national security matter before, going after the FBI no doubt made it one. Hopefully, this won't give the government something to point at and yell "cyberwar" before tightening digital surveillance and stripping away more of our freedom and our rights.
After checking out all those tweets, the dang "Love Boat" aka Lulz Boat song won't get out of my head! Careful please, LulzSec, with things that might be considered "maniac" like aggression, anger, or poor judgment. I for one don't want lithium being added to our drinking water for any reason.
Lulz Boat image credit: LulzSec