The list of more than a million unique device identifiers (UDIDs) which hacktivist collective #Antisec said it had stolen from the Federal Bureau of Investigation may have originated from publishing company BlueToad Inc., researcher David Schuetz found over the weekend. Following the FBI's initial denial of #Antisec's claims and Schuetz's research, BlueToad on Monday announced it believed its systems were the ones compromised. It is still unclear who compromised Blue Toad's system, and where #Antisec actually obtained the list.
"I’m still not completely clear on all the technical details," Schuetz wrote in his research blog. "Was BlueToad really the source of the breach? How did the data get to the FBI (if it really did at all)? Or is it possible this is just a secondary breach, not even related to the UDID leak, and it was just a coincidence that I noticed? Finally, why haven’t I noticed any of their applications in the (very few) lists of apps I’ve received?"
#Antisec, The loosely-organized black hat security collective formerly known as Lulzsec has released a file containing a million and one (1,000,001) Apple Unique Device Identifications (UDIDs), and their related APNs (Apple Push Notification Service) tokens, as well as a certain amount of personal user information. The group claims the information was not taken from Apple directly, but rather though a vulnerability exploit on FBI Agent Christopher K. Stangl last March.
The group claims there were actually more than twelve million UDIDs on Stangl's Dell Vostro notebook, as well as an incomplete list of zip codes, mobile phone numbers, home addresses, and whatever personal detail fields could be obtained. Antisec said there were no other files in the same folder that mention the list or its purpose.
VMware has confirmed that a portion the the source code for its ESX hypervisor was compromised, although the code dates back as early as 2003. That said, a fairly significant portion of the company's customers are still using the platform as VMware works to push them towards its newer hypervisor called ESXi.
A hypervisor in the simplest terms is a virtual machine management platform on which several virtual machines can run concurrently. The hypervisor controls the sharing of virtualized hardware resources. ESXi has a far smaller attack surface, which limits the available avenues of attack on a installation.
As if Anonymous didn't have enough to boast about. While cybercriminals accounted for the most breaches, "activist groups created their fair share of misery and mayhem last year as well -- and they stole more data than any other group", according to a report Verizon released today in cooperation with Australian, Dutch, English, Irish and US officials. The study attributes 58 percent of data thefts to hacktivists.
"The most significant change we saw in 2011 was the rise of 'hacktivism' against larger organizations worldwide", Verizon reports. "The frequency and regularity of cases tied to activist groups that came through our doors in 2011 exceeded the number worked in all previous years combined".
LulzSec is gone now following the ratting out of its top members by the group's apparent leader, Hector Xavier Monsegur, aka "Sabu". Charges were filed in US District Court for the Southern District of New York on Tuesday, charging four members with two counts of conspiracy to commit computer hacking.
Those charged on Tuesday include Ryan Ackroyd aka "Kayla" and Jake Davis aka "Topiary" of London; Darren Martyn aka "pwnsauce" and Donncha O’Cearrbhail aka "palladium" of Ireland. A fifth, Jeremy Hammond aka "Anarchaos" of Chicago was also charged, but in connection with the Stratfor hack that occurred last December. He was arraigned separately of the rest of LulzSec.
The joke is on LulzSec this morning following the arrests of three top members of the group, and charges filed against two more. The action follows the cooperation of its leader, Hector Xavier Monsegur, aka "Sabu", who has reportedly worked with authorities since his arrest last June.
Monsegur plead guilty to 12 hacking-related charges in August. Although details of his arraignment have yet to be made public, the charges against four of the five are now available online.
This week’s high-profile hack of the US Chamber of Commerce underscores the inadequacy of today’s security policies and technologies. With the holidays quickly approaching and IT staffs stepping away from offices to spend time with family and friends, we face increased vulnerabilities and security threats. We should be more vigilant than ever, reflecting on national security policies and how we can better protect our sensitive data.
Stories like this continue to point to the fact that we need a broad, across-the-board approach. We need to collaborate and inform when breaches take place. We need diplomatic support to reduce the desire or economic benefit to steal. It is time to have a Y2K approach to cyber protection. That means investment and support from the top down.
A British judge has released Jake Davis -- more commonly known as "Topiary" -- on bail Monday, however he has been banned from using the Internet as a condition of his release. Davis was apprehended last Wednesday by the Metropolitan Police as part of a larger effort against LulzSec and Anonymous.
Topiary originally served as the mouthpiece for the LulzSec hacktivist group, but following its disbandment continued his work for Anonymous. He famously taunted police following the arrests of more than a dozen suspected members of the hacktivist group by claiming "you cannot arrest an idea."
As the law enforcement crackdown against hacktivist groups Anonymous and LulzSec continued, British law enforcement on Wednesday announced the apprehension of "Topiary," a 19-year-old man from the Shetland Islands north of Scotland who has served as the spokesperson for the group.
Police were said to still be searching the residence where the individual was apprehended, as well as talking to a 17-year-old in the municipality of Lincolnshire in east central England in connection with the arrested. The person had not been charged or arrested.
Anonymous and LulzSec issued a joint statement Wednesday, firing back at FBI director Steve Chabinsky over his comments to NPR that Tuesday's arrests of 14 hackers associated with the groups was meant to send a message that "chaos on the Internet is unacceptable." The response strikes a markedly political tone.
Posted to Pastebin, the statement accuses governments of lying to their citizens and "dismantling their freedom piece by piece," governments conspiring with corporations and wasting taxpayer money, and lobbyists having too much control over day-to-day business "and corrupt them enough so the status quo will never change."
There's an irony to today's LulzSec attacks on News Corp. websites. It's bad for newspapers to wiretap, but OK to hack them. That's the message from the hacktivists -- they're justified to break the law but no one else.
Mischievous hacker group LulzSec on Monday repeatedly attacked websites belonging to international media conglomerate News Corporation, calling it "Murdoch Meltdown Monday."
At 5:40pm EST, LulzSec announced on Twitter that it had "owned" the UK news outlet The Sun, and replaced the front page with a fake one which proclaimed that News Corp. Chairman and CEO Rupert Murdoch was found dead.
The alarming tweets that went out a few hours ago are false, according to Fox News. They claimed that President Barack Obama had been shot while campaigning, which itself is red flag something wasn't right. What president would campaign on America's Independence Day nearly 18 months before the election?
"FoxNews.com's Twitter feed for political news, FoxNewspolitics, was hacked early Monday morning", according to a report by Fox News. "Hackers sent out several malicious and false tweets claiming that President Obama had been assassinated. Those reports are incorrect, of course, and the president is spending the July 4 holiday with his family. The hacking is being investigated, and FoxNews.com regrets any distress the false tweets may have created".
Now operating under the #AntiSec banner, the LulzSec hackers are still busy causing trouble. The latest data dump posted to torrent sites goes after several governments worldwide as well as both Viacom and Universal Music Group.
"While the LulzBoat is still sailing with us (albeit not with the LulzSec flag), the objective of #AntiSec is different," the description of the torrent reads. "#AntiSec is more than Lulz and more than even Anonymous: It is our true belief that this movement has the capability to change the world. And should that fail, we will at least rock the world."
LulzSec may have faded off into the hacking annals of history, but Anonymous isn't resting. The group on Monday released a file of what appears to be a cyberterrorism training manual. It is not clear how the group obtained the document.
"Little teaser while we work on the actual release: Ever interested in anti-cyberterrorism training?" a tweet from a Twitter account associated with the group reads. The manual appears to come from FEMA's Counter Terrorism Defense Initiative and is dated from 2009.