We are anonymous inside the hacker world of lulzse

More documents

Recommendations

Info

them that he was back. Topiary at first didn’t care that Sabu might have been lying—he was just glad to speak to him again. Not long after, Sabu changed his story and said that it had actually been the anniversary of his grandmother’s death. When they had first spoken, Sabu had probably changed his voice deliberately to make his story sound more genuine. By then, the FBI was logging everything that Sabu said online to LulzSec’s members, as well as everything he said on the phone to Topiary. Sabu would end up being offline more than usual for the next few days as he began collaborating with the FBI, even working out of their office on a daily basis. Sabu occasionally kept his group abreast of other developments, but the still oblivious Topiary took more responsibility for the team. As a precaution, Topiary deleted more files, then he redid all his passwords and encryptions to make them ultra-protected. He kept all passwords in a file on an encrypted SD card, with one character in each swapped around. Only he knew which characters were swapped. Still, he couldn’t help constantly looking outside his window and jumping whenever a van drove past. For the first time, he started seriously wondering if a couple of men in police uniforms would splinter his door at dawn the next morning. A few days earlier when he had been out to buy some food, one of the local druggies had approached Topiary on his way home. “Hey,” the man had said, waving as Topiary took out his earbuds. “There were some police knocking on your door the other day,” the man said in a thick Scottish accent. Topiary’s heart had started to pound. “Really. What did they do?” “They drove by in their car. Then a couple of them came out and knocked on your door, but there was no answer,” he said, shrugging. Topiary played it cool. The druggie might have been lying, but the police might also have stopped by while he was at his thinking spot, looking over the sea. And it was just as likely that they were doing a drug sweep of the area. Still, he resolved to wipe every shred of Topiary and Anonymous from his laptop, encrypt whatever he kept, and send it to all to himself in an e-mail via Hushmail. Eventually he would wipe his laptop completely. If the police came to his door, they’d find a clean house with one rarely used desktop computer and his innocuous-looking Dell laptop, a couple of extra monitors for watching films, and one phone line going over his living room with clips. None of the empty pizza boxes associated with basement-dwelling hackers. Any documents the police might find about Anonymous on either of his computers could be passed off as research Topiary was doing for a book. They’d find some pirated music and a handful of databases holding a few hundred thousand names and passwords he had acquired from acquaintances or from his own scanning for LulzSec. Topiary called it his personal collection. Sometimes he used it for his own attempts at doxing people, but for the most part it was just nice to have. He tried not to think that his virtual private network provider, HideMyAss, would ever turn him in to the authorities. His logic was that if customers of HideMyAss ever found out the company had turned in one of its users, they’d leave in droves, and HideMyAss would go out of business. They would surely never give him up. As Sabu remained offline on the pretext of dealing with family matters, a familiar face came back into the LulzSec fold: Ryan. It made little sense at first, considering Ryan’s temperamental behavior in the past and his cyber attacks on the LulzSec communication channels, but that was hacker life for you. Even the most explosive of disputes could be remedied when someone needed something. In this case Ryan needed some friends, and LulzSec could use Ryan’s mammoth botnet, which infected computers via a rogue Facebook app. Ryan was well connected in the underground hacker scene and served as an administrator of Pastebin, the text application tool that LulzSec used to publish all its leaks, and Encyclopedia Dramatica. Ryan was like the kid in school that people didn’t necessarily like but whom they were compelled to befriend because he had a brand-new Hummer and a house with a pool. Ryan wasn’t rich in real life, but online he seemed loaded; he had spent years building up an impressive array of assets, from servers to his botnet. His servers helped host Encyclopedia Dramatica, and after he had reconnected with a member of the LulzSec crew in the previous week, they also hosted LulzSec’s new IRC network, lulzco.org. After Topiary first reconnected with Ryan on IRC, he wanted to hear what the new ally sounded like in voice to better suss him out, so the two became contacts on Skype. When Ryan’s voice came through, his English accent was so strong, he sounded almost Australian. Ryan spoke at a rapid-fire pace, openly bragging about his botnet, his hacking, and how he was making money on the underground; he littered his prose with swearwords then described at great length a farmhouse-bread ham sandwich his mother had once made him. Ryan seemed pretty unhinged and insecure, but Topiary’s opinion of him softened when he explained why he’d leaked hundreds of names from AnonOps months before. The network operators had been hassling him, and then someone else had gathered all the data and given it to him to leak. It was water under the bridge. Oh, he added, and that dox of his full name, address, and phone number that had been posted online? That was based on fake information he had created four years ago. Ryan assured Topiary that he had made the false documents and spread them everywhere so that his real information would remain hidden. Topiary figured he could tell when someone was bullshitting, especially when it was in voice. Ryan, he believed, was genuine. In fact, Topiary started to feel sorry for the guy. People on AnonOps had accused Ryan of being a perpetually angry cretin who logged and attacked everything. But he wasn’t really angry; he was just passionate. Perhaps he came across as rude, but he worked hard and got into things, Topiary thought. With Sabu gone, Topiary missed having someone passionate and a little crazy to talk to, to counteract his laid back personality. Ryan promised not to log any of the chats, and said he would give the LulzSec crew complete control over his logging ability. He also said the team could use his botnet any time they wanted. He had used it in the past to prank DDoS sites of the U.S. Air Force and then call them afterward to mock them. He could also make hundreds of dollars a day by subletting the botnet to others who wanted to use it for nefarious purposes like extortion and hacker skirmishes. But LulzSec could use it for free. This was like fresh meat to a ravenous dog: with Ryan’s botnet, LulzSec could bring down almost any website it wanted at the drop of a hat. During one of Sabu’s occasional drop-ins on IRC, he mentioned to Topiary that he did not like having Ryan as a supporter. LulzSec was making too many contacts, he added. (It is unclear if this was the case, or why that might have concerned him now that he had started working as an FBI informant.) Topiary argued back that Sabu himself had been inviting his trusted associates into #pure-elite, including log leaker M_nerva. Topiary won the argument, and Ryan stayed. With Sabu mostly away now, Topiary was enjoying the funnier side of what LulzSec could do with its growing stable of Twitter followers. After he released the administrative passwords of fifty-five porn sites and twenty-six thousand porn passwords, he got replies from people on Twitter saying they had used the data dump to hack into other people’s e-
twenty-six thousand porn passwords, he got replies from people on Twitter saying they had used the data dump to hack into other people’s emails or, in one case, find out a guy was “cheating on his girlfriend.” Topiary realized he could start making things more interactive. He could send a hundred thousand people to a YouTube video and grant the account holder a huge increase in views, or he could send the horde to crash a small website or IRC network. LulzSec’s attacks would become a lot more fun. He and Ryan started talking and doing some prank calls on Skype with some of Ryan’s friends as an audience. Then Ryan set them up with a joint Skype Unlimited account so they could call anywhere in the world, dropping eighty dollars in credit without blinking an eye. Topiary had an idea. Instead of making prank calls, what if they got LulzSec’s Twitter followers to call them? Topiary suggested setting up a Google Voice number so that anyone in the world could call LulzSec (or at least himself). He wanted the number to spell out the group’s name, as in 1-800-LULZSEC, but he couldn’t find an area code where the number would work. Eager to prove himself, Ryan spent hours going through every possible U.S. number till he found that 614, the area code for Columbus, Ohio, was available with the corresponding digits. They now had a telephone hotline: 1-614-LULZSEC. It was a free Google number that directed to their new Skype Unlimited-World-Extra number that in turn could bypass to two other potential numbers registered to fake IP addresses. The pair created two voice-mail messages, using voice alteration and over-the-top French accents for the fictional names Pierre Dubois and Francois Deluxe, saying they couldn’t come to the phone because “We are busy raping your Internets.” Once Topiary announced the hotline on LulzSec’s public chat room, they got several calls a minute; they answered a few and joked with their callers. Without giving any hints, Topiary stated there would be a $1,000 prize for anyone who called in with the magic word —lemonade—but nobody guessed correctly, and around forty people thought it was please. At the end of the day they’d received 450 calls. In between fielding calls, Topiary wrote up an announcement of the group’s latest drop: a directory listing of every single file on the U.S. Senate’s web server, which had come to them thanks to another black hat. This was a serious attack that could earn someone five to twenty years in prison, but Topiary was mostly eager to get back to his LulzSec hotline. “This is a small, just-for-kicks release of some internal data from Senate.gov,” Topiary had written. “Is this an act of war, gentlemen? Problem?” Along with that release was a dump of the source code and database passwords of the gaming company Bethesda—a topic totally unrelated to the Senate, just one of the leaks they were sitting on. They also had a database of two hundred thousand users stored on the servers of gaming company Brink, but they wouldn’t release that because “We actually like this company and would like for them to speed up the production of Skyrim. You’re welcome!” At the top of each release was now a short list of contact and donation details for LulzSec, including the telephone hotline and the IRC chat room. “It is unclear why LulzSec decided to attempt to embarrass yet another video game company other than to show off,” said Naked Security journalist Chester Wisniewski. “It is difficult to explain random acts of sabotage and defacement, so I am not going to attempt to get into the heads of those behind these attacks.” Yet this was not a matter of motivation, but of circumstance. Back when Kayla had used her botnet to scan the Web for vulnerabilities, hooking it up to an IRC channel and using basic chat commands to run it, she had stumbled on a vulnerability in the network of Bethesda that had given her access to its servers. Since the company was so big, the team chose not to root around for databases right away, using Bethesda’s bandwidth to help search for other sites to hack into and using it as a safe location to hide bots. The gaming company had no idea it was effectively being used to hack other sites. When the servers outlived their usefulness, it was time to dump the data stored on them. Now the hacks were about to get even more arbitrary. Knowing that Ryan’s botnet could take out anything, Topiary announced the LulzSec hotline on Twitter and told the public: “Pick a target and we’ll obliterate it.” The hotline was suddenly inundated with calls, and the three people that initially got through all requested gaming companies: Eve, Minecraft, and League of Legends. Within minutes, Ryan’s botnet had hit all three, as well as a site called FinFisher.com, “because apparently they sell monitoring software to the government or some shit like that.” DDoSing sites like this was nothing new, and neither was one or two hours of downtime, but it was the first time anyone had boasted about it to a hundred fifty thousand Twitter followers or referred to it as a DDoS party called Titanic Takeover Tuesday. “If you’re mad about Minecraft, we’d love to laugh at you over the phone,” Topiary announced. “Call 614-LULZSEC for your chance to reach Pierre Dubois!” When Topiary started thinking about the Internet meme phrase “How do magnets work?” made famous by the hip-hop duo Insane Clown Posse, he called up the offices at Magnets.com. He asked the woman who answered that question and got a bemused response, hung up, then redirected the LulzSec hotline to the main switchboard of Magnets.com. “Everyone call 614-LULZSEC for a fun surprise,” he tweeted. About three minutes later he called the number again and heard dozens of phones going off at the same time with answers of “This is Magnets.com…Uh…” He asked to speak to a manager. When a man’s voice came on, Topiary explained the reason for the flood of strange calls. To his credit, the manager took it in good humor. “How did you do it?” he asked. “We’re testing out our new Lulz Phone Cannon,” Topiary said. “How are you feeling?” “I’m a little out of breath.” Magnets.com had been getting more than two hundred calls a minute to their customer support center. “Okay, I’ll get it to stop,” Topiary said. “Good, because I feel like I’m about to pass out.” With a few clicks he stopped the hotline from redirecting, and he heard all the phones in the background suddenly go silent. It was like a DDoS attack by telephone. It made sense to keep this going. Soon he was redirecting the LulzSec hotline to the World of Warcraft online game, then to the main switchboard for FBI Detroit, and then, naturally, to the offices of HBGary Inc. “You take care of the horde while we’re gone, AaronBarr,” Topiary tweeted to its former executive. “Thanks mate. Bye for now.” In the next twenty-four hours, in between his talking with the other LulzSec hackers and manning a Twitter feed, Topiary’s busy switchboard had received 3,500 missed calls and 1,500 voice mails; the following day, 5,000 missed calls and 2,500 voice mails. Soon, though, Ryan started to get restless. He wanted to do more than just play around with hotline callers; he wanted to go back to hitting websites, bigger ones. He had a rapt audience now, and a gang of people who were willing to go after the big names under this banner of
Page 2 and 3:
Begin Reading Table of Contents Cop
Page 4 and 5:
his HBGary Federal account, possibl
Page 6 and 7:
culture and key figures within it.
Page 8 and 9:
dreadful fascination at his phone a
Page 10 and 11:
Aaron Barr would never have come fa
Page 12 and 13:
“nigger,” “faggot,” or just
Page 14 and 15:
owns my ass.” With his other hand
Page 16 and 17:
In 2008 he helped instigate Operati
Page 18 and 19:
death threats and threatened to bom
Page 20 and 21:
another poster described “Phase 2
Page 22 and 23:
though, they were usurped by what w
Page 24 and 25:
We are Legion We do not forgive We
Page 26 and 27:
day in federal prison. In the meant
Page 28 and 29:
Since childhood, Bailey had harbore
Page 30 and 31:
oughly three hundred regular chat p
Page 32 and 33:
1. Get the latest LOIC from github.
Page 34 and 35: Asperger syndrome, rarely left his
Page 36 and 37: “It’s a troll,” another organ
Page 38 and 39: had joined mentoring program iMento
Page 40 and 41: choose a unique nickname on AnonOps
Page 42 and 43: time. Kayla actually had several IR
Page 44 and 45: was headquartered and where Barr wo
Page 46 and 47: “So are we going to focus on Anon
Page 48 and 49: Starting in early January, many sup
Page 50 and 51: “Well in my lifetime I’ve perfo
Page 52 and 53: uh, actual intelligence.” There w
Page 54 and 55: definitely unimpressed—the claims
Page 56 and 57: nude photos. Four years later, an e
Page 58 and 59: “Is this a new trend :D to see wh
Page 60 and 61: network collapsed, they would move
Page 62 and 63: large notice board with paperwork a
Page 64 and 65: April 2011, while he and Sabu were
Page 66 and 67: since they had a wider array of ski
Page 68 and 69: will get in trouble and might be gr
Page 70 and 71: passwords for almost every journali
Page 72 and 73: or online for most of the day and s
Page 74 and 75: a mixture of Anons, script kiddies,
Page 76 and 77: Sabu hated white hat security firms
Page 78 and 79: “Just looked at this guy’s sour
Page 80 and 81: otnets. Topiary shot back with a se
Page 82 and 83: wasn’t Sabu. “You got the wrong
Page 86 and 87: websites, bigger ones. He had a rap
Page 88 and 89: “Y’all were the inspiration I n
Page 90 and 91: LulzSec. Tflow created a torrent fi
Page 92 and 93: The Fate of Lulz LulzSec’s signif
Page 94 and 95: opposite of Kayla. And yet there wa
Page 96 and 97: one of the LulzSec accounts in resp
Page 98 and 99: on the network. He decided to try t
Page 100 and 101: morning of their meeting, William
Page 102 and 103: techniques like the Cain and Abel p
Page 104 and 105: hackers in private IRC rooms. It wa
Page 106 and 107: the open at the same time: the susp
Page 108 and 109: Kayla’s story had become more imp
Page 110 and 111: Stephane Fitch, who also introduced
Page 112 and 113: writes a spoof news article about t
Page 114 and 115: following twenty names in the ranki
Page 116 and 117: to websites that showed the steps o
Page 118 and 119: Minions.” Another helpful source
Page 120 and 121: “extreme version of Calvinism”
Page 122 and 123: 2011, however, we held our first re
Page 124 and 125: that were first leaked online by Pa
Page 126 and 127: on the CIA. Details about Julian As
Page 128 and 129: Descriptions of Ryan Mark Ackroyd w
Page 130 and 131: Parmy Olson is the London bureau ch
show all

We are anonymous inside the hacker world of lulzse

Create successful ePaper yourself

Delete template?

Save as template?