Discussion in 'General Discussion' started by Anonymous, May 2, 2011.
could be could be how can one hack with one arm?
so when did we decide we wernt going to take this seriously anymore?
its anonymous..we do it for the lulz.
After the 9000th Sony faggot started baawwing.
Anonymous leaks PSN SSH Logs; Sony is responsible for Data Theft?
Outdated server software may have caused outage Allowing PSN hackers to enter PlayStation Network stealing more than 100 million user data sets from PSN and SOE. Since the allegation itself isn't exactly new, correct, there are new proofs that this rumor is.
Report even claims that Sony lies when it comes to the statement of outdated servers. Computer Bild got an excerpt showing log files that proof that Sony was, as of the hacking attack, using very outdated server software, searchable as OpenSSH 4.4 - current version is 5.7. Back in 2006 there were reports about OpenSSH 3.x and 4.x, and the security issues those versions utilize.
But SSH was not the only open door for hackers: Sony used to outdated version of the Apache webserver as well. Apache server was found on Sony's current version is 2.2.10 while 2.2.17. Sun Sony made it easy for hackers to access sensitive data since summer 2009 as there were bug reports about "dangerous security issues" Mentioned in the version, as Hamburger Press states.
Guido Alt, spokesman for Sony Germany, told Computer Bild that he was not handed any information about Sony using old server software. But since Anonymous' log files show log-ons to Sony-servers, Sony could seriously be in trouble. Although those logs would not be valid evidence in a court unless Sony approve them, community pressure will become a serious topic to Sony. At least for now, they have to tell the truth - now where logs are handed around the press.
Thats sony..At least they will know not to use outdated software
3, 8 & 20 it was
Only when Steroids are in use!
It was Red Herring!
sonova! Lets book him anon!
Sony Ericsson Canada website hacked
In a separate attack on Tuesday, Sony websites were hacked in Greece, Thailand and Indonesia.
It sounds like they should beef up their security a little.
but then they would be even more depressed after they would become hacked again!
O hai gais. Apparently we did 9/11. Any truth to that?
If the US ever gets smart enough to do a proper investigation we are screwed, shush White :O
he's on to us!!
Sony Reply to Congress: We Still Don't Know Who Hacked Us
"We have not yet identified the individual or individuals responsible for the actual intrusion and breach into our systems," said Hirai. "We are continuing to work with the FBI to apprehend those responsible."
"We have information that suggests what the hacker was accessing and what the hacker may have downloaded, but we are unable to determine conclusively whether information was actually taken from all or just a portion of the user accounts," said Hirai. "Unfortunately we cannot confirm whether the hacker was completely successful in taking all of that information off the servers, or just a subset of it; in an abundance of caution, Sony advised all of its customers that it believed that the data had been obtained."
oh my gosh! ill better turn myself in right now
Billion dollar corporation that reeks of everything digital + FBI = lots of fail
Its Lulzsec. it seems we have done a better job than the FBI heh heh
The one thing is some of our fellow anons have sucessfully stopped the psn attacks. But was it right of those anons to ask for demands?
Group Claims Fresh Hack of Sony Accounts, Posts User Info on the Web
A group calling itself "Lulz Security" announced a fresh attack on Thursday, posting online snippets of data it says came from a breach earlier this week of more than 1 million user accounts on Sony's website.
Lulz began posting messages to Twitter on Thursday about its "Sownage" campaign, and around 4:30 p.m. ET it posted links to download what it claimed was a giant cache of Sony user data.
The documents posted include names, passwords, e-mail addresses, home addresses and dates of birth for thousands of people.
Lulz said it grabbed the material by exploiting a vulnerability on a Sony page advertising the company's Ghostbusters franchise.
Lulz posted the website's address in its data dump, and encouraged fellow hackers to "tear the living shit out of it while you can; take from them everything!"
A Sony (SNE) spokeswoman wasn't able to confirm or deny the hack, but Sony quickly took down the webpage identified in Lulz's documents.
If the claim is valid, it would be a devastating blow to Sony, which is trying to recover from major hacks in April and May. Those attacks forced the company to pull its PlayStation, Qriocity and Sony online gaming networks offline.
CNNMoney contacted several of the people whose e-mail addresses were listed in the Lulz documents. One replied that her account, which she created to enter a contest, had been hacked. But she wasn't concerned.
"This is information that, except for the password, can be found by anyone looking on the Internet," Laura Lemons said in an e-mail. "This seems minor to me unless they hacked my credit card numbers or my banking information."
A statement posted on Lulz's site, titled "pretentious press statement," said "SonyPictures.com was owned by a very simple SQL injection." That type of attack exploits a Web application vulnerability.
Lulz's statement said Sony was "asking for it" by storing more than 1 million user passwords in plain text, instead of encrypting them.
"It's just a matter of taking it. This is disgraceful and insecure," Lulz said.
Lulz also said it had compromised "all admin details of Sony Pictures," including passwords, as well as 75,000 music codes and 3.5 million music coupons.
The previously unknown hacker group burst onto the scene this weekend with an attack on the website of PBS, which apparently drew their ire with a documentary on WikiLeaks. Lulz posted a fake story on PBS.org announcing that rapper Tupac Shakur -- who has been dead for almost 15 years -- is alive and living in New Zealand.
Sony is becoming a whipping boy for hackers. The culprits behind the first round of Sony hacks have not yet been identified, but Sony said in a letter to Congress that it believes website-attacking group "Anonymous" was responsible.
Anonymous is a decentralized group that originated on image-board site 4chan.org. It organizes swarms to try to crash the websites of those it deems enemies.
Sony's letter to Congress pointed out that the company recently landed in Anonymous' crosshairs for suing two people who were distributing instructions on how to hack a PlayStation 3 game system -- and then going after identifying details on anyone who ever viewed the instructions.
A purported Anonymous news site, AnonNews.org, posted a statement on April 22 titled "For Once We Didn't Do It." But the poster did acknowledge that since Anonymous is a decentralized group, "it could be the case that other Anons have acted by themselves" -- though the group "does not take responsibility as a whole for whatever has happened."
LulzSec are owning left right and center right now.
Also; I found this vid earlier. Thought it was pretty good personally. http://www.escapistmagazine.com/videos/view/extra-credits/3350-Anonymous
p.s So Sony, massive hack in April, and then another in May. Looks like LulzSec is keeping up the tradition
It was a good video yes. I liked the fact he pointed out sony knew anonymous didn't do the hack but still Lulzsec is still laughing at us behind our backs. Hopefully if we can find out who operates the lulzsec twitter account maybe we could find out who is the leader of lulzsec.
Fox "news", Sony, PBS, so far Lulzsec are hitting not so fair playing corporations so fair play to them.
That video was pretty good White, personally I would have liked them to include Sony's push for peoples details who visted website/watched video as well.
British spy agents reportedly hack Al Qaeda magazine, replacing its bomb-making instructions with recipes for cupcakes
Hackers have been in the news a lot lately with high-profile attacks on Google, PBS and Sony.
Now comes a story by the Associated Press that reports British spy agents “managed to hack into the extremist Inspire magazine, replacing its bombmaking instructions with a recipe for cupcakes.”
Inspire is an English-language magazine that is said to be produced by Al Qaeda in the Arabian Peninsula. According to the AP article, the publication is sent to websites and email addresses as a PDF file.
In its summer edition last year, Inspire featured an article titled "Make a Bomb in the Kitchen of Your Mom." But British spy agents belonging to GCHQ infiltrated the pages and “corrupted” them, erasing the instructions and leaving the cupcake recipe in its place.
The Daily Telegraph in London also ran a story that said "the code, which had been inserted into the original magazine by the British intelligence hackers, was actually a web page of recipes for 'The Best Cupcakes in America' published by the Ellen DeGeneres chat show."
The Telegraph article added that "the cyber attack also removed articles by Osama bin Laden, his deputy Ayman al-Zawahiri and a piece called 'What to expect in Jihad.' "
According to the reports, there was no word on how the hackers did it or when. The stories rely on unnamed British government officials.
lol, there goes any reason for government to criticise others for hacking ^^
Sony Pictures confirms it was hacked, apologizes for inconvenience
In a statement issued late Friday by Sony Pictures, the company confirmed it had been the victim of a cyberattack.
In the statement, chairman and chief executive officer of Sony Pictures Entertainment Michael Lynton, and co-chairman of Sony Pictures Entertainment Amy Pascal, said: “The cybercrime wave that has affected Sony companies and a number of government agencies, businesses and individuals in recent months has hit Sony Pictures as well.”
The statement continued: “Yesterday afternoon a group of criminal hackers known as “LulzSec” claimed to have breached some of our websites. We have confirmed that a breach has occurred and have taken action to protect against further intrusion. We also retained a respected team of experts to conduct the forensic analysis of the attack, which is ongoing. In addition, we have contacted the U.S. Federal Bureau of Investigation and are working with them to assist in the identification and apprehension of those responsible for this crime.”
It ends with, “We deeply regret and apologize for any inconvenience caused to consumers by this cybercrime.”
The statement comes in the wake of claims made on Thursday by a hacker group calling itself LulzSec. It said it had infiltrated the Sonypictures.com website and gained access to information such as e-mail addresses, passwords, home addresses and dates of birth from more than a million user accounts. On its website, LulzSec wrote: “…every bit of data we took wasn’t encrypted. Sony stored over 1,000,000 passwords of its customers in plaintext, which means it’s just a matter of taking it. This is disgraceful and insecure: they were asking for it.”
Earlier this week, LulzSec claimed responsibility for infiltrating the PBS website and putting up a fake story reporting that rapper Tupac Shakur, who died in 1996, was actually “alive and well” and living in New Zealand. LulzSec said it hacked PBS’s website in retaliation for broadcasting a program that was critical of WikiLeaks.
As for Sony, the news of LulzSec’s latest antics comes in the same week that the electronics giant restored its PlayStation Network and Qriocity services, following a long period of downtime due to the massive security breach back in April. That breach, Sony said, will cost it somewhere in the region of $170 million. The company has now created a new position – Chief Information Security Officer – whose job it will be to ensure the protection of the personal details of users and improve customer support, among other things. One must assume that the person who took on this role is the busiest employee in the entire company just now.
The Wrong Guy I like how that article makes no mention of the security Sony had in place to protest their users information or the lol method Lulzsec used to gain access to all that information, slack reporting.
LulzSec hacks FBI affiliate, Infragard
By: Andrew Couts •
June 4, 2011
After hacks on PBS.org and SonyPictures.com, hacker group LulzSec has a new target: The FBI.
Hacker group Lulz Security (aka LulzSec) is on a war path. Following their highly public hacks of the PBS website and SonyPictures.com, LulzSec has now set its sights on the top law enforcement agency in the United State: The Federal Bureau of Investigations.
In a press release posted to anonymous message board PasteBin.com, the group announced that it hacked the website of the Atlanta chapter of Infragard, a non-profit that serves as a partnership between the FBI and private business, which the American Civil Liberties Union describes as “a corporate TIPS program, turning private-sector corporations…into surrogate eyes and ears for the FBI.” LulzSec also uploaded Infragard Atlanta’s user database to the Internet. The group says that the attack was launched in retaliation for NATO and the Pentagon officially declaring hacking an act of war.
“It has come to our unfortunate attention that NATO and our good friend Barrack Osama-Llama 24th-century Obama have recently upped the stakes with regard to hacking. They now treat hacking as an act of war. So, we just hacked an FBI affiliated website (Infragard, specifically the Atlanta chapter) and leaked its user base,” wrote LulzSec. “…Most [Infragard members] reuse their passwords in other places, which is heavily frowned upon in the FBI/Infragard handbook and generally everywhere else too.”
With the user login info at its disposal, LulzSec explains that it then hacked the private Gmail account of one Karim Hijazi, a “whitehat” hacker who owns data security firm Unveillance. LulzSec hacked Unveillance, too, and “briefly took over, among other things, their servers and their botnet control panel,” LulzSec writes.
“After doing so, we contacted Karim and told him what we did. After a few discussions, he offered to pay us to eliminate his competitors through illegal hacking means in return for our silence. Karim, a member of an FBI-related website, was willing to give us money and inside info in order to destroy his opponents in the whitehat world,” writes LulzSec. “We even discussed plans for him to give us insider botnet information.”
This exchange has, in some ways, been confirmed by Hijazi, who posted a statement about the breach and his contact with LulzSec members on the Unveillance website. One glaring difference between the opposing accounts of their discussions remains, however: While LulzSec claims Hijazi tried to pay them to “destroy his opponents,” Hijazi says he was simply extorted by LulzSec.
“Over the last two weeks, my company, Unveillance, has been the target of a sophisticated group of hackers now identified as ‘LulzSec,” writes Hijazi. “During this two week period, I was personally contacted by several members of this group who made threats against me and my company to try to obtain money as well as to force me into revealing sensitive data about my botnet intelligence that would have put many other businesses, government agencies and individuals at risk of massive Distributed Denial of Service (DDoS) attacks.
“In spite of these threats, I refused to pay off LulzSec or to supply them with access to this sensitive botnet information. Had we agreed to provide this data to them, LulzSec would have been able to grow the size and scope of their DDoS attack and fraud capabilities.”
Hijazi also posted a chat log between himself and two members of LulzSec, identified in the chat as “Ninetales” and “hamster_nipples.” The back-and-forth explicitly shows Ninetales mention the word “extortion,” and shows the pair’s attempts to be paid for their “silence.”
“While I do get great enjoyment from obliterating whitehats from cyberspace, I can save this pleasure for other targets,” writes LulzSec’s Ninetails. “Let’s just simplify: you have lots of money, we want more money.”
LulzSec says they were simply trying to “stringing [Hijazi] along to further expose the corruption of whitehats.”
Regardless of who’s telling the truth, it would seem that LulzSec’s war has only just begun, so stay tuned.
From here: http://www.digitaltrends.com/computing/lulzsec-hacks-fbi-affiliate-infragard/
That doesn't sound like it'll end well.
Meh. Not my problem.
Found this comment on a Yahoo article about the latest Sony hack.
I'm sure if Lulz wanted money they could gather quite an amount easily, they seem content with the bitcoin donations which makes me think that the guys statement has a large element of bullshit namely "Over the last two weeks, my company, Unveillance, has been the target of a sophisticated group of hackers now identified as ‘LulzSec"
I found this to be extremely interesting:http://jadedsecurity.net/2011/06/04/who-is-to-blame-for-the-success-of-the-latest-round-of-attacks/
Much more and better at the link.
So the Jadesecurity person thinks the Karim guy did approach Lulzsec with an offer to hack their competition inorder to create a falseflag situation so people would come to him for his services, but then lulzsec just decided to fuck with him :S
My head hurts
not my problem ill enjoy watching it waiter, popcorn & coke pls!
Choose a color via Color picker or click the predefined style names!