Wednesday, June 22, 2011

LulzSec Profiled As U.K. Arrests Suspected Member

Busted? With handles such as Sabu, Tflow and Topiary, the fun-loving hacksters at LulzSec may have met their matches as cybersecurity researchers begin to put together a profile of the group that has launched denial-of-service attacks against the U.S. Senate, the Central Intelligence Agency, Sony, a British law-enforcement unit and a slew of other sites.

Suspect Arrested in England

The profile was made public as Britain's Scotland Yard arrested a 19-year-old from Wickford, Essex, suspected of being connected to the group. The BBC reported that e-crime unit investigators are studying the computer Relevant Products/Services of Ryan Cleary to see if he was involved in the attack on Sony and others. At press time they had yet to bring charges against him.

"Whether he's significant or not is not clear to anyone not involved in the police investigation at the moment," said Graham Cluley of Sophos security Relevant Products/Services in the U.K. "What is clear is that by arresting this guy it's not the end of LulzSec -- they're still tweeting, and it wouldn't be a surprise if they attempted more attacks."

Based on his own research and that of others, security firm Imperva lead researcher Tal Be'ery has deduced that LulzSec is small, with less than 10 members, and appears to be a spin-off of the hacktivist Anonymous organization that may be trying to gain independence after hacking the security company hbGary and the web site Gawker under the umbrella of Anonymous. Be'ery said the same nicknames are used in hacking discussions from early this year until the present. His findings were published on Imperva's data Relevant Products/Services security blog.

Those nicknames include Sabu, the apparent ringleader; Nakomis, a coder; Topiary, who handles donations and payment for services; and hackers Tflow and Kayla. Be'ery identified Joepie91 as the group's web administrator.

Joining Forces

On Monday, LulzSec announced it was joining forces with Anonymous to launch Operation Anti-Security, aimed at governments and corporations, which the hackers claim to be doing to point out security flaws but which appears to be more for their amusement. LulzSec has been relentlessly tweeting about its exploits and targets, and last week posted what it said was stolen log-in information for 62,000 private e-mail and other accounts.

Anonymous supports WikiLeaks and its founder, Julian Assange, and its aim is to expose any classified information it can acquire, claiming it is a service to the public, according to Euronews.

Be'ery said the hackers primarily communicate via private IRC channels, publish via Twitter and Pastebin, and use web application Relevant Products/Services vulnerabilities such as SQL injection.

Will the Essex arrest scare anyone off?

"We simply don't know how significant this guy is," said Cluley. "I'm sure the computer-crime authorities will be hoping that the chap they have arrested will help them with their further investigations, though."
 

Artikel yang Berkaitan

0 komentar:

Post a Comment