It’s been a whirlwind few months for LulzSecurity (LulzSec), bursting onto the tech scene with the high-profile hacks of US TV network Fox, moving on to compound Japanese electronics giant Sony, taunting its detractors as they sought to expose row after row of SQL database entries in high-profile government and agency websites.
On Saturday, LulzSec announced on Twitter that after 50 days of “anarchic lulz” it was to cease operations, dropping its largest collection of compromised data in torrent file posted to The Pirate Bay. The 457.84MB download contained information including AOL internal data, AT&T internal data and the “FBI being silly” among its contents.
In 50 days, the group dominated headlines of nearly every print and online news agency across the world, distanced itself from the arrest of Ryan Cleary by the Metropolitan Police and antagonized whoever it could, simply “for the lulz”. With each day, we got to know more about the group; what its motivations were, how it was able to steal so much data and the identities of its members were supposedly revealed on a number of occasions.
With the group now apparently disbanded, here’s a look back at 50 days of LulzSec’s exploits.
X-Factor, Fox and PBS
On May 7, LulzSecurity emerged on Twitter, registering the @LulzSec username. Posting its first tweet, the group detailed the compromise of Fox.com with the message:
“FOX.COM HACKED! # MySQL version: (5.1.47-log) running on 10.96.57.102 (www.fox.com) #Fox #hacked –> #XFACTOR <–”
Ironically, we reported news of the attack five days before LulzSec announced its haul, not knowing at the time who was behind the hack that was designed to expose details of applicants to The X Factor. The group didn’t have its own website at the time, so it took to the world’s most well-known torrent hosting website The Pirate Bay to release hundreds of thousands of names, email addresses, telephone numbers and street addresses of people wanting a shot at becoming the next big star.
In its first day, the group was happy to have amassed 50 followers, little did it know that it would be a drop in the ocean compared to now many followers it would accumulate in the days that followed.
Three days passed between The X Factor leak and its next big release, Fox.com’s “innerworkings” and a database drop of Fox’s sales database. During this time, “The Lulz Boat” was coined, ASCII art was drawn up, UK ATM details released and the group highlighted the password used by the Vice President of Fox.
On May 12, LulzSec announced it was contemplating creating its own website to host its releases and give it a proper presence on the web, predicting at the time that Twitter might not take kindly to the LulzSec Twitter account. As the next two days passed, the group released more Fox user credentials, teasing that it had data from an FBI affiliate and then announced that LulzSec had three people maintaining its Twitter account.
It was all quiet on the LulzSec front until it would become one of a long list of attackers that leaked Sony’s details, compromising databases hosted by Sony Japan and releasing them on Pastebin.
LulzSec finally got the press coverage it craved when it posted a seemingly innocuous link on its Twitter feed, linking to US TV network PBS. The tweet “http://www.pbs.org/lulz/ Oh shit, what just happened @PBS?“ linked to a newly created page on the PBS domain but its decision to create a fake news article stating that “2Pac still alive in New Zealand” thrust the group into the spotlight, with every technology and online news outlet linking to the hack and LulzSec’s announcements.
The group had gained access to PBS’s internal hosts, its database list, staff database, authors database, pressroom users database, stations database and MySQL users database – which, at the time was its biggest overall haul of company-wide data. It was believed that the group took action after the network aired a show which was seen to paint whistleblowing website WikiLeaks in a bad light.
To make things worse, LulzSec adopted the theme-song from the Love Boat, all the while soliciting for Bitcoin donations.
LulzSec Enemies, LulzSecurity.com and More Sony “Ownage”
With more high-profile hacks, LulzSec found itself the target of other members of the Internet (in)-security scene, most notably @th3j35t3r, an attacker (or group of attackers) which was hellbent on exposing the identities of LulzSec members. Realizing that this was the case, LulzSec immediately began DDOS’ing the IRC servers used by th3j35t3r and also servers used by hacking magazine 2600.
On June 2, LulzSec released what it referred to as “Sownage”, a complete dump of Sony Pictures’ codes, coupons and user databases, stating that it had released details on “1,000,000 users’ personal information, including passwords, email addresses, home addresses, dates of birth, and all Sony opt-in data associated with their accounts”.
The following day, the group announced it had hacked Nintendo but did not release data stolen in the attack. However, a more notable release was issued the same day, an attack on InfraGard Atlanta’s user database, a company that was affiliated with the FBI.
The group issued a press release to accompany the hack, stating:
“It has come to our unfortunate attention that NATO and our good friend Barrack Osama-Llama 24th-century Obama have recently upped the stakes with regard to hacking.
They now treat hacking as an act of war. So, we just hacked an FBI-affiliated website (InfraGard, specifically the Atlanta chapter) and leaked its user base. We also took complete control over the site and defaced it, check it out if it’s still up: http://infragardatlanta.org/.”
Details emerged that the companies’ owner Karim Hijazi asked LulzSec to help him “eliminate [his] competitors”, which the group didn’t take kindly to. The group decided to release nearly 1,000 of Hijazi’s personal emails, as well as the IRC log where he spoke with the group.
At the beginning of June, LulzSec started releasing details of its exploits on LulzSecurity.com, presenting a united presence for its releases, making sure that copycats where unable to utilize Pastebin to piggyback of its name.
On June 6, the group crossed the 75,000 Twitter followers milestone:
Compromising The NHS, The Senate And Getting The Taiwan News Treatment
June 9 saw LulzSec admit it had managed to infiltrate the servers of the National Health Service (NHS) in the UK, but in a move away from its typical policy, the group decided to email NHS administrators and alert them to security holes in their online portal.
This gained LulzSec more press coverage, helping to boost the group’s Twitter following to above 100,000 followers.
This is a two page report, please click the button below to read the article in its entirety or to read the second page.
Generated by BlogIt
BlogIt - Auto Blogging Software for YOU!
