LulzSec turns its hacking sights on Nintendo, FBI
Fresh off a hack of the Sony Pictures website last week, hacking group LulzSec turned its attention elsewhere. FBI related websites were attacked on Friday night, and it was revealed this weekend that the US web servers of Nintendo had been hit by the group several weeks ago.
In the Nintendo hack, LulzSec took no information. "Re: Nintendo, we just got a config file and made it clear that we didn't mean any harm. Nintendo had already fixed it anyway. <3 them!" the group tweeted on Sunday.
Nintendo's hack certainly comes at a bad time. With E3 starting this week, and the company announcing its new console Tuesday, the company would rather not have the distraction that could take away from the buzz surrounding the announcement.
As for the FBI related hacks, the group only came away with login information. "We'd like to take the time to point out that all of them are affiliated with the FBI in some way," LulzSec said in a press release. "Most of them reuse their passwords in other places, which is heavily frowned upon in the FBI/Infragard handbook and generally everywhere else too."
Two sites attacked were Infragard and Unveillance, which are contracted by the FBI for work against hackers. Infragard is a public-private partnership that works to prevent critical infrastructure from attacks, while Unveillance is contracted by the FBI to assist in work against botnets and data breaches.
Infragard's website for its Atlanta chapter was defaced, and about 180 logins taken. In the case of the Unveillance hack, the personal e-mails of CEO Karim Hijazi were exposed. LulzSec contacted Hijazi to inform him of the hack, but what happened after that is unknown.
Hijazi claims that LulzSec attempted to extort money from Unveillance in exchange for them not publicly releasing his information, although the hacking group claimed that Hijazi wanted LulzSec to hack his competitors. Hijazi maintains that no sensitive information was disclose about his company's anti-hacking efforts, since the e-mails were of a personal and work nature.
Either way, the hacking group needs to watch it, as it takes on higher and higher profile groups and companies. "Lulz Security is playing a dangerous game, however. As it continues to gain public attention through high profile hacks it is surely at risk of being investigated by the computer crime authorities," Sophos' Graham Cluley said in a blog post Monday.