Want a website hacked? Email the LulzSec hactivists

By Jerome Taylor

Photo / Thinkstock
Photo / Thinkstock

The posting on Twitter was brief and to the point: "Tango down - cia.gov - for the lulz".

Barely a month seems to go by without some sort of high-profile hack attack making global headlines and June is a cracking month for online mischief makers.

The public homepage of the CIA was briefly taken offline after it was targeted by LulzSecurity, the latest "hactivist" collective to wreak destruction.

LulzSec (as it likes to be known) has claimed successful hacks and disruption attacks against - among others - Sony, the NHS, Fox News, the US Senate, Pron.com and a string of online gaming communities within little more than a month.

It is often difficult to tell whether a website has been truly taken offline by a targeted assault or has to close because the claim that a site has been compromised drives so much extra traffic towards it that it.

Either way, the short assault on the CIA's public homepage is LulzSec's most brazen act and may have earned powerful enemies within America's law enforcement community.

Who LulzSecurity are remains a closely guarded secret. Like Anonymous, the shadowy network that launched dozens of pro-WikiLeaks assaults at the start of the year, it is made up of supporters around the world who lend the combined power of their hard drives and hacking skills to pull-off eye-catching assaults.

While Anonymous has something of a self-important political activist air about it - choosing targets they are ideologically opposed to - LulzSecurity seems to be motivated by a simple desire to cause mischief.

Their method of targeting is erratic and chaotic. There have been overtly political attacks, such as those on Sony, the CIA and the Senate website. But LulzSecurity also has no problem with trying to breach porn and gaming websites.

The movement's figurehead is a fictional character, Pierre Dubois, with a dodgy French accent.

On the dayof the CIA attack, LulzSecurity said it would begin taking requests for where to aim their next distributed denial of service attack, which takes a website temporarily offline by inundating its servers with requests for information.

The group posted a voicemail number for people to leave requests. Those phoning the Ohio-based number got a message in a faux French accent: "You have reached the whistle box of Pierre Dubois. We are not present right now because we are busy ruining your internet. Leave a message, and we will get back to you whenever we can."

The group claims to be exposing security vulnerabilities in websites and organisations purely for "fun". But their willingness to dump the stolen data and details they uncover online is a more serious matter.

"While some people think this is a fun game that can also help point out corporate security weaknesses, the truth is that companies and innocent customers are - in the worst cases - having their personal data exposed," said Graham Cluley, the senior technology consultant at Sophos.

- INDEPENDENT

- NZ Herald

© Copyright 2014, APN New Zealand Limited

Assembled by: (static) on red akl_n3 at 21 Aug 2014 23:37:36 Processing Time: 503ms