Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Anonymous stumbles, but hackers still hazardous

Taylor Armerding | Sept. 17, 2012
It hasn't been the best of months for Anonymous, the loose hacktivist collective that likes to view itself as the most potent threat on the Web

It hasn't been the best of months for Anonymous, the loose hacktivist collective that likes to view itself as the most potent threat on the Web to big government, big business, and those who do not share its views on pretty much anything -- law enforcement, the environment, internet freedom, copyright laws, politics etc.

Several of its recent claims have been exposed as not just inflated, but outright fabrications.

FBI hack refuted

Earlier this month, AntiSec, an offshoot of Anonymous, posted more than 1 million Apple Unique Device Identifiers (UDID) to Pastebin, and claimed it had stolen more than 12 million of them from an FBI agent's laptop in March.

The group claimed to have personal mailing addresses and phone numbers besides the UDIDs, plus device tokens for the Apple Push Notification Service (APNS) for numerous types of Apple devices such as iPhones, iPads and iPod Touches.

The FBI immediately denied that any of its computers had been compromised. Apple said it had never provided UDIDs to the FBI. And, as Michael Mimoso noted on the Kaspersky Labs blog Threatpost, David Schuetz, a senior consultant with Intrepidus Group, found that the real source of the breach was BlueToad, a Florida based technology provider for digital publishers.

"[Schuetz] found a password dump online for BlueToad dated March 14, the same week AntiSec said it had breached the FBI computer. Any hesitancy Schuetz had regarding BlueToad's connection to the breach was evaporating," Mimoso wrote.

Earlier this week, BlueToad CEO Paul DeHart publicly confirmed via the company's blog that it was the source of the breach, that it had contacted law enforcement and was cooperating in the investigation.

GoDaddy's outage claimed

There was also the recent boast by Twitter user @AnonymousOwn3r that he had shut down the website provider and domain name registrar GoDaddy on Sunday with a distributed denial-of-service (DDoS) attack.

Wrong again, said GoDaddy interim CEO Scott Wagner, who explained on the company website that the problem was a "service outage due to a series of internal network events that corrupted router data tables."

Then there was the claim last month that Anonymous was looking to break into the communication system between NASA and the Mars rover Curiosity.

That didn't even pass the laugh test for most security professionals, who viewed it as a bad joke or a weak attempt at trolling.

Last March, LulzSec, which operated under the Anonymous umbrella, after the FBI arrested and then flipped its leader, Hector Xavier Monsegur, who went by the hacker name of "Sabu."

Does all this mean that the Anonymous brand has been undermined? Do its boasts and threats have any credibility in the security community?

Anonymous uneven


1  2  Next Page 

Sign up for MIS Asia eNewsletters.