We are anonymous inside the hacker world of lulzse

More documents

Recommendations

Info

2011, however, we held our first real interview on IRC and he became more forthcoming. It is unclear if “Christopher Ellison,” the name associated with AVunit in Backtrace’s final document, was correct or not. There have been no press reports or police announcements related to the arrest of someone connected to the nickname, and no information about the whereabouts of the real AVunit as of mid-April 2012. The study by Francois Paget was published on October 21, 2011, in a McAfee blog post entitled “The Rise and Fall of Anonymous.” The detail about the FBI contacting Jennifer Emick comes from conversations with Emick. The additional point that the FBI needed to wait to corroborate Sabu’s identity and gather enough evidence to threaten him with a long sentence was sourced from the FoxNews.com report “Infamous International Hacking Group LulzSec Brought Down by Own Leader,” published on March 6, 2012. Laurelai Bailey hadn’t been the only log leaker. Less damaging, though still embarrassing, was a leak from freelance television and Web journalist Matthew Keys, who had been given access to #InternetFeds from December of 2010 to January 6, 2011, when he was banned after the channel’s members suspected him of leaking information to the Guardian. Sabu later claimed that Keys had given away administrator access to the online publishing system of Tribune, his former employer, in return for the chance to “hang out in our channel.” Keys denies this. A note on making IRC channels: generally, the person who comes up with the idea for a channel is the person who creates the channel. Creators can make channels more secure by adding commands like +isPu and +k to gain more control of who comes in. But sometimes the best way to make a channel secure is to make it completely open, with no invite policy at all, and to keep switching between different channels every day or two. Making a channel “invite only” is “like holding a red flag in front of a bull,” according to AVunit, who added that this was why he and his the team avoided invite-only policies. To find each other, team members would use normal IRC queries, check which channel was active, or just type in the relevant channel in IRC and rejoin the discussion. It’s worth noting that Backtrace itself was the subject of numerous doxing episodes. From at least the spring of 2011, a number of Anonymous supporters unveiled its members as Jennifer Emick, Jin-Soo Byun, and John Rubenstein, publishing their home addresses, telephone numbers, some family details, and other online profiles on the web tool Pastebin. Chapter 15: Breaking Away The descriptions of “three ways to respond to a dox” were derived from my conversations with Topiary and my observations of the way Anonymous supporters, such as Ryan Cleary, reacted to having their true identities unveiled. Further details about “drama” in Anonymous and the culture bred through the morass of channels on IRC were sourced from my conversations with adherents of Anonymous and my own observations. The detail about Aaron Barr’s idea for getting into private coding channels, as well as the description in this chapter of “No,” come from Topiary’s testimony. The details of Renee Haefer’s FBI raid were sourced from an interview that Haefer gave to Gawker for an online story entitled “An Interview with a Target of the FBI’s Anonymous Probe,” published on February 11, 2011. Details on the five Britons arrested on January 27 are sourced from a Metropolitan Police announcement and from news reports. The paragraphs detailing Topiary’s elaborate getaway were sourced from interviews with Topiary himself. I have edited the faked log substantially for brevity; the log had mentioned that Topiary’s wireless router had been left on. This was meant to cause further confusion among the hundreds of regular users on AnonOps, because routers were the number one item that was looked for in a raid. The ruse almost got too elaborate. One online female friend was already freaking out so much that she had tried contacting Topiary’s then-girlfriend, a Canadian girl he had met online about three years prior. Problematically, this friend then let slip to others that Topiary’s girlfriend existed. Until then, he had been trying to insulate his girlfriend from his activities with Anonymous, so that she would not be roped in as a co-conspirator if he were ever arrested. To fix this problem, he wrote up another faked message, this time from his girlfriend, hinting that she was suddenly jealous of the worried female friend. The suggestion distracted the girl enough from suspecting the truth: that Topiary had not been arrested but had broken away from Anonymous. Quotes from the Anonymous press release directed at Sony were sourced from the press release itself, which is still available on AnonNews.org. Details of William’s involvement in OpSony come from interviews with him. William also e-mailed me a link to some of the handiwork of SonyRecon, including Sony CEO Howard Stringer’s old and current home addresses in New York, his wife’s name, the names of his children, and the name of his son’s old school. The post is still online at JustPaste. The details about Sony’s lawsuit against George Hotz come from various mainstream news reports. “Angering millions of gamers around the world” is my interpretation of myriad angry comments on forums for gamers as well as on the official PlayStation Network website, which contains statements showing that the PSN is used by tens of millions of people. Sony’s eight-page letter to the U.S. House of Representatives dated May 3, 2011, is viewable on Flickr. The publication of 653 nicknames and IP addresses on AnonOps was pasted in a public document online, which I have seen and which was brought to light by various news reporters, including by Forbes’s Andy Greenberg. His story “Mutiny Within Anonymous May Have Exposed Hackers’ IP Addresses” was published on May 9, 2011. I made the point that “AnonOps IRC became a ghost town” as a result of my own and Topiary’s observations of the network. The statement by various AnonOps operators that they were “profoundly sorry for this drama” was posted and reposted on various blogs. The original post also mentioned that AnonOps would “stage a comeback and return to full strength eventually.” Ryan Cleary, who was behind the IP leak, gave an interview to the tech blog thinq_, saying that the operators behind AnonOps were “publicity hungry” and had “begun engaging in operations simply to grab headlines” and “feed their own egos.” “They just like seeing things destroyed,” thinq_ quoted Ryan as saying. I saw the dox file about Ryan when it was first posted online. It included his real address in Wickford, Essex, his cell phone number, and the names and ages of his parents. The dox page said that Ryan had been “owned” by Evo, adding “Who’s the ‘pet’ now, bitch?” The document also gave “shouts,” or acknowledgments, to Sabu, Kayla, Owen, #krack, and all of AnonOps. The assertion that Anonymous was “starting to look like a joke” comes from my own observations as well as discussions with
The assertion that Anonymous was “starting to look like a joke” comes from my own observations as well as discussions with supporters. Chapter 16: Talking About a Revolution Most of the details and descriptions from this chapter were derived from interviews with Topiary and Sabu over the course of several months, including Internet Relay Chat interviews, discussions by phone, and face-to-face meetings. The point about New York mayor Rudy Giuliani increasing the city’s police force to 40,000 was corroborated by the April 11, 2000, Congressional Record for the House of Representatives and by press reports. The details about COINTELPRO were corroborated by information on the FBI’s own website, which states that the project was “rightly criticized by Congress and the American people for abridging first amendment rights and for other reasons.” See http://vault.fbi.gov/cointel-pro The point that Kayla, Tflow, and AVunit had been on “breaks” before the formation of LulzSec was corroborated by Sabu and at least one other LulzSec supporter. The quote “Most professional and high-level hacks are never detected” comes from an interview with a hacker supporting Anonymous who did not wish to be named. Chapter 17: Lulz Security The majority of details in this chapter were sourced from interviews with Topiary, Sabu, and Kayla. Additional details, including dialogue from Pwnsauce, was derived from my observation of discussions among Topiary, Kayla, Tflow, AVunit, and Pwnsauce in the IRC channel #charmy, which was set up for discussions that I could repeat in this book. I also held interviews with some in the group, such as Pwnsauce, in this channel. The assertion that it “took a week for Fox’s IT administrators to notice the breach” was derived from interviews in #charmy. Regarding the original Twitter feed for LulzSec, @LulzLeaks: the original account that contains that first tweet is still online. I corroborated that LulzSec had indeed posted a database of potential contestants for The X Factor by speaking to a spokesman from Fox about twenty-four hours after the hack was first announced. I also saw the published database on Pastebin. Chapter 18: The Resurrection of Topiary and Tupac Details about the PBS hack were sourced from interviews with the hackers involved, as well as from a post that Topiary had put on Pastebin that gave details about what sort of tools, such as Havij, the group had used. According to a March 2012 article on darkreading.com, the tool “favored by hacktivists” was created by Iranian hackers, and its name is derived from the Persian word for “carrot,” also a nickname for the male sexual organ. The statement that “people in the #anonleaks chat room on AnonOps IRC went into a frenzy” when Topiary posted something on Twitter from his personal account was sourced from interviews with Topiary after he visited the chat network. Chapter 19: Hacker War Regarding Pastebin’s boost in traffic, the website’s controllers would later show their appreciation for LulzSec by retweeting @LulzSec’s July 13, 2011, announcement that “If @pastebin reaches 75,000 followers we’ll engage in a mystery operation that will cause mayhem.” (This was one of the rare tweets from @LulzSec after the group officially disbanded.) Hours later, @Pastebin tweeted, “The # of followers @pastebin is growing very rapidly since @lulzsec is sending their love,” followed by “The twitter madness continues thanks to @lulzsec.” That same day, Topiary exchanged e-mails with Pastebin owner Jeroen Vader, a twentyeight-year-old Dutch entrepreneur, in which Topiary requested a “unique green crown” icon next to his personal “Topiary” account on Pastebin, which, when highlighted, would also say “CEO of consuming pie.” Vader agreed, saying, “I’ll be sure to fix you up with a very special crown. Many thanks for trusting Pastebin with your ‘special’ releases.” Pastebin statements from LulzSec and Anonymous rank among the top-trafficked posts on Pastebin, along with LulzSec’s final “50 Days of Lulz” release on June 25, 2011, which clocked 411,354 page views as of April 3, 2012. (Pastebin hosts ads on its site, so the extra traffic will have aided its bottom line.) Ironically, Vader said in early April of 2012 that he would hire more staff to help police “sensitive information” that got posted onto the site, according to BBC News. Details about The Jester’s hangout on 2600 and the other people who frequented it were sourced from LulzSec’s leaked #pure-elite chat logs, from interviews with Topiary, and from my own observations of the 2600 IRC network. The points about the origins of 2600: The Hacker Quarterly were sourced from various Web articles, including the PCWorld feature story “Hacking’s History,” published on April 10, 2001. The information about the creation of a secondary ring of LulzSec supporters was sourced from conversations with Topiary and Sabu. The detail about Antisec and its original adherents comprising “a few hundred skilled hackers” was sourced from my conversations with Andrew “weev” Auernheimer, who was a hacker during the early days of the Antisec movement, and from various Web articles, including the 2002 Wired story “White-Hat Hate Crimes on the Rise.” The nicknames of “secondary crew members” of LulzSec, such as Neuron and M_nerva, were sourced from the #pure-elite chat logs that were first leaked online by Pastebin on June 5, 2011, in a post entitled “LulzSec Private Log.” The logs were republished by The
Page 2 and 3:
Begin Reading Table of Contents Cop
Page 4 and 5:
his HBGary Federal account, possibl
Page 6 and 7:
culture and key figures within it.
Page 8 and 9:
dreadful fascination at his phone a
Page 10 and 11:
Aaron Barr would never have come fa
Page 12 and 13:
“nigger,” “faggot,” or just
Page 14 and 15:
owns my ass.” With his other hand
Page 16 and 17:
In 2008 he helped instigate Operati
Page 18 and 19:
death threats and threatened to bom
Page 20 and 21:
another poster described “Phase 2
Page 22 and 23:
though, they were usurped by what w
Page 24 and 25:
We are Legion We do not forgive We
Page 26 and 27:
day in federal prison. In the meant
Page 28 and 29:
Since childhood, Bailey had harbore
Page 30 and 31:
oughly three hundred regular chat p
Page 32 and 33:
1. Get the latest LOIC from github.
Page 34 and 35:
Asperger syndrome, rarely left his
Page 36 and 37:
“It’s a troll,” another organ
Page 38 and 39:
had joined mentoring program iMento
Page 40 and 41:
choose a unique nickname on AnonOps
Page 42 and 43:
time. Kayla actually had several IR
Page 44 and 45:
was headquartered and where Barr wo
Page 46 and 47:
“So are we going to focus on Anon
Page 48 and 49:
Starting in early January, many sup
Page 50 and 51:
“Well in my lifetime I’ve perfo
Page 52 and 53:
uh, actual intelligence.” There w
Page 54 and 55:
definitely unimpressed—the claims
Page 56 and 57:
nude photos. Four years later, an e
Page 58 and 59:
“Is this a new trend :D to see wh
Page 60 and 61:
network collapsed, they would move
Page 62 and 63:
large notice board with paperwork a
Page 64 and 65:
April 2011, while he and Sabu were
Page 66 and 67:
since they had a wider array of ski
Page 68 and 69:
will get in trouble and might be gr
Page 70 and 71:
passwords for almost every journali
Page 72 and 73: or online for most of the day and s
Page 74 and 75: a mixture of Anons, script kiddies,
Page 76 and 77: Sabu hated white hat security firms
Page 78 and 79: “Just looked at this guy’s sour
Page 80 and 81: otnets. Topiary shot back with a se
Page 82 and 83: wasn’t Sabu. “You got the wrong
Page 84 and 85: them that he was back. Topiary at f
Page 86 and 87: websites, bigger ones. He had a rap
Page 88 and 89: “Y’all were the inspiration I n
Page 90 and 91: LulzSec. Tflow created a torrent fi
Page 92 and 93: The Fate of Lulz LulzSec’s signif
Page 94 and 95: opposite of Kayla. And yet there wa
Page 96 and 97: one of the LulzSec accounts in resp
Page 98 and 99: on the network. He decided to try t
Page 100 and 101: morning of their meeting, William
Page 102 and 103: techniques like the Cain and Abel p
Page 104 and 105: hackers in private IRC rooms. It wa
Page 106 and 107: the open at the same time: the susp
Page 108 and 109: Kayla’s story had become more imp
Page 110 and 111: Stephane Fitch, who also introduced
Page 112 and 113: writes a spoof news article about t
Page 114 and 115: following twenty names in the ranki
Page 116 and 117: to websites that showed the steps o
Page 118 and 119: Minions.” Another helpful source
Page 120 and 121: “extreme version of Calvinism”
Page 124 and 125: that were first leaked online by Pa
Page 126 and 127: on the CIA. Details about Julian As
Page 128 and 129: Descriptions of Ryan Mark Ackroyd w
Page 130 and 131: Parmy Olson is the London bureau ch
show all

We are anonymous inside the hacker world of lulzse

Create successful ePaper yourself

Delete template?

Save as template?