

LulzSec: 50 Days of Lulz statement - brodd
http://pastebin.com/1znEGmHa

======
ianterrell
Considering they'd even earlier today advertised a Monday booty release, I
suspect that, rather than abandoning the Lulzsec facade after 50 days, it's
that the fuzz is a little too hot on their trail for comfort.

~~~
46Bit
I'd have to agree. Even now I think that with time they will all be outed - if
they've not already. Some of these 'raids' have just been too daring to expect
to get away with forever.

~~~
redthrowaway
Really though, if all of your traffic is going through TOR to a vpn in eastern
europe, the chances of being tracked down are slim to nil. Sure, there are
_theoretical_ weaknesses in TOR, but you'd need to control quite a few exit
nodes to even begin to have a chance of pinpointing the endpoints. Combine
that with a compromised wifi as a last resort (which you erase the logs of
regularly), and you're pretty damned safe. All of the people who were arrested
for hacking the CIA or DoD were caught many years ago, when anonymization
tools weren't nearly so well developed, and the need for anonymization wasn't
so clearly recognized. I'd like to see a modern story of the authorities
finding someone who was hidden by TOR + vpn. I just don't see it happening any
time soon.

~~~
suking
How do they use Tor for such large projects? I tried using that thing like 5-6
yrs ago and it was slower than 56k...

~~~
romland
What do you mean by large projects? The size of the files they transfer?

Your machine -> TOR -> hacked home user or server -> your target.

This way you only transfer the files between the target and the hacked server,
and from there on to a torrent, and heck, why not let that machine seed it
too.

Chances are that they even used a chain of hacked machines to get to their
target. It gets pretty complicated pretty quickly if you (as in FBI et al)
have to raid several companies to get your hands on machines to do forensics
on.

I doubt these files (or much of anything else) ever touched the criminal's
physical machine. Unless, of course, they fucked up by, say, posting to
pastebin or a tweet or something else that is seemingly insignificant (at the
time) using their own IP.

Most tend to.

~~~
redthrowaway
This mirrors an idea that I had. TOR is a military project, and you know at
least some of the exit nodes are controlled by the US gov't. Why not replicate
TOR with a botnet? Bounce your communications around a plethora of average
joes and you have yourself a more stable tor. If you spread the botnet without
a CnC server and have the infected machines bounce random traffic around, it
would be damned difficult to break. TOR is open source, so it shouldn't be too
hard to modify it to work on a private network. The nice thing about it is
that if you attract to much heat you can always ditch the network and start a
new one.

~~~
getsat
> you know at least some of the exit nodes are controlled by the US gov't

[http://www.google.com/search?q=high+traffic+colluding+tor+ro...](http://www.google.com/search?q=high+traffic+colluding+tor+routers)

~~~
redthrowaway
[http://www.boingboing.net/2007/05/17/report_hightraffic_c.ht...](http://www.boingboing.net/2007/05/17/report_hightraffic_c.html)

~~~
getsat
Oh, neat. I didn't realise the issue had been resolved. Thanks.

------
kristofferR
Damn, the AT&T-release is especially juicy. It contains a lot of highly
confidential information about technology and strategy that their competitors
would love to get their hands on.

I'm a quite technical guy and I barely understand a thing. No wonders AT&T are
having troubles with fixing their network troubles, it looks like a massive,
massive beast of technology.

I found the frequency chart fascinating. It's available publicly here:
<http://www.ntia.doc.gov/osmhome/allochrt.pdf>

~~~
ender7
Given the juiciness of this, I'm surprised that more companies don't have corp
espionage groups to carry out little lulsec attacks.

~~~
afterburner
Because if they ever got caught the company would be sued out of existence
(probably bought by competitors at that point). They have too much to lose in
most cases.

------
aklemm
What about analyzing their writing? They release quite a bit of
text...somebody likes to write. Considering there are efforts to identify
people by typing patterns, I wonder if this is how they'll get caught:
[http://petsymposium.org/2011/papers/hotpets11-final8Chairunn...](http://petsymposium.org/2011/papers/hotpets11-final8Chairunnanda.pdf)

~~~
tsumnia
Unfortunately given the scope of that paper, it doesn't sound like typing
patterns can be used just yet. A sample size of 36 participants doesn't handle
the scale involved when going against 'The Internet'.

Also, the paper collected timestamps of each keystroke, something that'd need
to done on suspects; however, if they are already suspecting you, they
probably have other ways to identify you.

Finally, how in the world does a paper like this get away with having
'nowadays' in it? I know its a legit word, but, just seems awkward.

~~~
wisty
Was it written by an ESL speaker? Sometimes non-English speakers feel insecure
starting a point without "However", "Because of this", and other conjunctions.
If you don't need a conjunctions, you can say "Nowadays", but you don't need
it. It's like the "auto" keyword in C. Because ESL speakers cram a lot of
grammar into a few years, rather than spending years making simple sentences,
they often use advanced patterns when simpler ones would suffice.

------
dmix
NATO press release about the break in to their ebookstore by LulzSec:

[http://www.nato.int/cps/en/SID-40BE0A99-F4F5EB32/natolive/ne...](http://www.nato.int/cps/en/SID-40BE0A99-F4F5EB32/natolive/news_75729.htm)

~~~
jfb
NATO has an ebook store? What are the hell?

~~~
p4bl0
That's also what strikes me in this story. Anyone can explain this?

~~~
jfb
After thinking about it for a few moments, I would guess that they largely
sell books and research papers and suchlike on subjects that are of interest
to those in member militaries, but aren't of sufficient general interest to
make it to Amazon or otherwise.

 _EDIT_ : or, I could've spent a single moment to read the contents of the
aforementioned link.

~~~
p4bl0
My question was badly phrased. I'm not that surprised that there are
books/documents produced by NATO. I'm surprised they sell them. I think
everything (public) produced by NATO should be freely accessible to everyone.
This was so obvious to me that I'm surprised it's not the case, another little
reminder of the world we live in.

------
estel
The torrent appears to contain hacked personal data from:

* EA (Battlefield Heroes) * Hackforums.net * Nato-bookshop.org * Misc other forums

The first of these purports to be 200K+ users.

~~~
Strom
The Battlefield Heroes passwords are unsalted MD5. Way to go EA.

~~~
1880
Hm, are you sure? I have a couple accounts there (and they are appearing in
the dump) and they are not simply md5(password). Of course they were long,
random passwords and I don't play this game anymore, but I'm curious. Where
did you read that?

~~~
Strom
I didn't read it anywhere. I downloaded the database and checked all my
friends against a known password database. They're plain md5(password).

~~~
1880
Then the dump must be old. I have changed my password months ago and the hash
does not match my current password.

------
Zarathust
It seems that there are better people out there that got angrier

[http://www.gamemarshal.com/features/20110622113313/lulzsec-h...](http://www.gamemarshal.com/features/20110622113313/lulzsec-
hacked-by-rival-hackers.html)

------
lhnz
Quitting or rebranding is the question I find myself asking.

~~~
BasDirks
Like a wave they will again become sea, only to rise later as a different
wave.

Or to put my high school poetics into plain English:

They will want to blend in with the Anonymous masses, until they deem it safe
to once again to craft new identities for themselves.

------
skeltoac
Odds that one of the crew is commenting on this thread?

------
cantbecool
Looks like they were a getting a bit anxious that they were going to be outed,
which will ultimately still happen anyway. Regardless, it was a fun reading
their Pastebins and Twitter feeds every few days making a mockery of multiple
corporations information security.

------
Tichy
How is it possible to register a .com domain in an anonymous way?

~~~
trotsky
prepaid visa or just get someone who doesn't know you very well to do it

------
shareme
Yup, fuzz on their tails..

Not too smart either why include the number of Lulzsec members?

~~~
sbierwagen
1.) What useful information does "there are six of them" convey?

2.) What makes you think that they're not lying?

~~~
redthrowaway
1.) What information does the number of columns in a MySQL database convey?
It's not just that there are six of them, but that records could be poured
over for various irc servers in an attempt to link the 6 accounts that
interacted with eachother the most. It allows for deeper inspection, and
perhaps more information. However,

2.) They almost certainly are. I could see them saying how many people they
actually had almost as a bluff, but more than likely they're just throwing out
misinformation.

------
tathagatadg
I was trying to search web cache on who used the words lulz and security
together before Lulzsec ... and then this final release :|

------
mrb
Who is LulzSec?

~~~
redthrowaway
I was going to say something snarky, but I checked your comment history and it
seems you are on here seldom enough to explain an honest lack of knowledge
about them. Basically, LulzSec is a hacking group that has been attacking
_many_ targets _very_ publicly over the past 2 months. They've been all over
HN, /., reddit, etc. They've even earned some mentions in the MSM.

Basically, they're notable for a) the number of targets they've hit, b) how
brazen they are about it (hitting the FBI, CIA, and other law enforcement
agencies), and c) how vigorously they court publicity (270k followers on
Twitter).

~~~
mrb
I was being sarcastic :-)

~~~
redthrowaway
And here I was, sparing you my snark. You've made me re-evaluate humanity,
sir, and I'm not impressed with the results.

~~~
jaremy
I appreciated your brief synopsis. I only know a little bit about LulzSec, and
the added information helped. So your efforts were not entirely lost...

~~~
redthrowaway
I appreciate your appreciation. If you want to learn more, the wikipedia
article on them [1] is pretty decent.

[1]<http://en.wikipedia.org/wiki/Lulzsec>

