Back For More Lulz?

Posted July 22nd, 2011 at 8:02 pm (UTC-4)
1 comment

And Spreading Malware Hits Big and Small Alike

Periodically we like to share a few of the stories and posts from across the web that caught our eye.  There are no editorial threads implied connecting these items together, other than being interesting.

#1: LulzSec vs. NewsCorp: After very publicly disbanding just a few weeks ago, it seems the LulzSec hackers have come out of retirement and have a new target – Rupert Murdoch.

The “lulz” began early this week with a hack of The Sun, one of News Corporation’s many newspapers and sister publication to the recently shuttered News of the World.  “Media moguls body discovered” yelled the headline of a phony story, mocking Mr. Murdoch and the recent troubles of his News Corporation.

The bogus article was quickly erased, but the hackers warned of more serious problems to come.  Specifically, the LulzSec Twitter feed claimed the group has up to 4 gigabytes of private emails from the Sun’s servers – which they may, or may not, begin releasing, depending on which Twitter claim you believe.

@AnonymousSabu, thought to be one of LulzSec’s founders, tweeted that “We’re releasing something we found in The Sun’s mail server, shortly. Ouch. Ready for the media storm?”  But when that release failed to occur, @AnonymousIRC, associated with a hybrid LulzSec/Anonymous offshoot, tweeted this: “We think, actually we may not release emails from The Sun, simply because it may compromise the court case.”  That was quickly followed by this tweet from @LulzSec: “We’re currently working with certain media outlets who have been granted exclusive access to some of the News of the World emails we have.”

So far, no media organization has admitted to any partnerships with LulzSec, AnonOps, AntiSec or any of the other heads of the larger Anonymous hydra.  But  in an interview with British newspaper The Independent this weeek, Sabu warns that The Sun hack was “simply phase 1” of a larger operation that hackers intend to launch against other News Corporation’s properties – and Murdoch himself.  Not content to stop there, Sabu then suggested additional targets, warning: “New York Times, Forbes, LA Times, we’re going in.”

Does all this mean LulzSec is back sailing the hacker seas?  Over at, Peter Finnochiarro had a chat-room interview with “Topiary,” yet another semi-anonymous hacker believed to be a member of LulzSec:

Salon: I was actually wondering if you were at liberty to discuss LulzSec’s reemergence from early retirement?
Salon: Like, what was the impetus?
Topiary: ah okay,
Topiary: The main motivation behind our return to the proxseas was the wrinkly-faced walnut Rupert Murdoch. We decided to rock up a storm from afar in conjunction with the media surrounding him, hoping to increase his frown more.
Topiary: LulzSec is not back, persay (sic), but all of us are still here and we’re watching — if there’s a special event, we may take action for high-quality entertainment purposes.

A coda: you might think a hacker group would take care of its own security first, but maybe not so much.  AnonPlus, a social network set up by AnonOps (which in turn is a subsection of Anonymous), was hacked late this week by a rival hacker group.  “CyberWarrior,” a Turkish hacktivist group, replaced the Anonymous logo with an image of a dog, taunting in Turkish and English “This logo suits you more.”

Talk about your lulz


#2: Spreading Malware Infections:  Say what you like about the Internet Goliath Google, but few would argue that they’re one of the more transparently operated firms out there, at least on matters of privacy and security.  Their “Transparency Report” launched last year details all the requests Google receives from governments around the world, and Google’s subsequent actions.  And their “Online Security Blog” lays bare a lot of many of the threats it faces , some of them occasionally embarrassing.

This week the security blog had an alarming report of what began as “unusual search traffic” on some of its search platforms.  In fact it turned out to be “…a particular strain of malicious software, or ‘malware.'”

“The Internet brings remarkable benefits to society,” noted Google security engineer Damian Menscher in the post.  “Unfortunately, some people use it for harm and their own gain at the expense of others.”

Screenshot of the warning appearing on some Google user's computers

The virus was apparently spread over some Google servers via a fake anti-virus download.  Once installed on a computer, the hidden virus  sent Internet traffic to Google through a small number of proxy servers.  While not a huge security breach, it’s unclear what the proxies were doing with the traffic, and how much private data may have been accessed or stolen.

In addition to fixing the problem, some Google users may now see a security warning at the top of their searches, instructing users how to clean up any possible infections.

And while Google may be an obvious target, Infowar Monitor this week reports an infection that’s just the latest example of a growing threat – malware designed to target and disable the websites of opposition groups.

Monitor analysts say they’ve been tracking a particularly nasty bit of malware that appears to have been designed to launch attacks on the website of a Chinese human rights organization.

Analysts believe the bug was distributed through a unnamed Mandarin language news site.  Employing a bug known as Poison Ivy, the virus gave hackers remote access and control of the infected computers – all without the user’s knowledge.  Once control was seized, the infected computers apparently launched a series of attacks on the website of the rights organization, also unnamed.  Infowar reports the attack was contained relatively quickly, but cautions an unknown number of computers may still be infected.


#3: Mobile Phone Warnings: Finally, you may recall the World Health Organization’s recent decision to list electronic radiation from mobile phones as “possibly carcinogenic to humans.”   Although the science is far from clear on this matter, the report was the most recent of a series of medical studies suggesting a possible link between cell phone use and certain forms of cancer (also suggesting, of course, there is no link.)

The WHO report was enough to spur the San Francisco Board of Supervisors to again move legislation requiring cell phone retailers in the city to “prominently display” a large poster in their shops “explaining that cell phones emit radio frequency energy that is absorbed by the head and body, and discussing ways that cell phone users can reduce their exposure.”

This is the second go-around on this matter by the Board.  A similar bill was passed last year but never enforced after the Cellular Telephone and Internet Association, an industry trade group, filed suit to block the law.  The Hill newspaper’s “Hillicon Valley” blog reports the Board has drafted a new version that would bypass legal challenges, but the CTIA isn’t convinced.  “Any further action would fall into the give-me-a-break category,” says a CTIA spokesperson.

The Board of Supervisors could vote on the measure as early as July 29th.

One response to “Back For More Lulz?”

  1. […] late July, “AnonymousSabu”, thought to be one of LulzSec’s founders, threatened more hacks and new collaborations, either with unnamed media outlets or, possibly, with other hacker offshoots […]

Leave a Reply

Your email address will not be published. Required fields are marked *

What’s Digital Frontiers?

What’s Digital Frontiers?

The Internet, mobile phones, tablet computers and other digital devices are transforming our lives in fundamental and often unpredictable ways. “Digital Frontiers” investigates how real world concepts like privacy, identity, security and freedom are evolving in the virtual world.

Find us on twitter


July 2011
« Jun   Aug »