Sunday, August 7, 2011

AntiSec Hacks US Law Enforcement: 10GB of Emails and Data Made Public

The home page of the website where AntiSec have dumped the leaked data

In retaliation for recent arrests, the AntiSec hacking group say they've released their "largest cache yet" of data stolen from law enforcement agencies in the US, and have dubbed it "Shooting Sheriffs Saturday".

The Leaked Data Contains:

  • Over 300 email accounts from 56 law enforcement domains, totaling more than 200,000 messages.
  • 7000+ home addresses, usernames, passwords, phone numbers, credit card numbers, and SSNs (Social Security Numbers) from the Missouri Sheriff account dump (
  • Online Police Training Academy files (PDFs, videos, HTML files).
  • List of "Report a Crime" informants (60+ entries).
  • Plesk (Website administration tool) server passwords giving access to FTP, SSH, Email, CPanel and .HTACCESS Protected directories.

Recent Arrests
Law enforcement around the globe have arrested several suspected Anonymous members in recent days, including the UK's Jake Davis who is suspected to be LulzSec spokesman Topiary. Before this came the arrests of 16 people in the US, four in the Netherlands, and a 16-year-old in London (suspected to be LulzSec member Tflow) as part of a global investigation into denial-of-service attacks on PayPal late last year in support of WikiLeaks, and other attacks. The AntiSec release says this attack was made "in solidarity with Topiary and the Anonymous PayPal LOIC defendants as well as all other political prisoners who are facing the gun of the crooked court system".

DHS Bulletin
One of the motives for AntiSec seems to be a recent DHS (US Department of Homeland Security) bulletin.

From AntiSec: "A recent DHS bulletin has called us "script kiddies" that lack "any capability to inflict damage to critical infrastructure" yet we continue to get in and out of any system we please, destroying and dropping dox on the mightiest of government systems that are supposed to be protecting their sick nightmare of "law and order". GIVE UP. You are losing the cyberwar, and the attacks against the governments, militaries, and corporations of the world will continue to escalate."

Here are the two relevant passages from the DHS bulletin which seem in particular to have irked AntiSec:

  1. "The actors who make up the hacker group “Anonymous” and several likely related offshoots like “LulzSec”, continue to harass public and private sector entities with rudimentary exploits and tactics, techniques, and procedures (TTPs) commonly associated with less skilled hackers referred to as “Script Kiddies”. [Script Kiddie: Unskilled individuals who use scripts or programs developed by others to attack computer systems and networks and deface websites.] Members of Anonymous routinely claim to have an overt political agenda and have justified at least a portion of their exploits as retaliation for perceived ‘social injustices’ and ‘freedom of speech’ issues.  Attacks by associated groups such as LulzSec have essentially been executed entirely for their and their associates’ personal amusement, or in their own hacker jargon “for the lulz”. 
  2. "So far, Anonymous has not demonstrated any capability to inflict damage to critical infrastructure, instead choosing to harass and embarrass its targets."
How they did it
The initial compromise to the sheriff websites was done about two weeks ago on Arkansas-based web designers Brooks-Jeffrey Marketing (BJM), which hosts sheriff association websites.  The hackers say they were easily able to get back into the compromised servers after they were taken offline to have their security beefed up by the law enforcement agencies. "We were surprised and delighted to see that not only did they relaunch a few sites less than a week later, but that their 'bigger, faster server that offers more security' carried over our backdoors from their original box. This time we were not going to hesitate to pull the trigger: in less than an hour we rooted their new server and defaced all 70+ domains while their root user was still logged in and active."

An internet security expert claims AntiSec may have gone after the sheriffs' offices because their hosting company was an easy target. Dick Mackey, vice-president of consulting at SystemExperts of Sudbury, Massachusetts, said many organizations did not see themselves as potential targets for international hackers, causing indifference that could leave them vulnerable. "It seems to me to be low-hanging fruit," he said. "If you want to go after someone and make a point and want to have their defences be low, go after someone who doesn't consider themselves a target."

In a further embarrassment, AntiSec used the stolen credit card details to make donations to the American Civil Liberties Union, the Electronic Frontier Foundation, and the Bradley Manning Support Network, according to the statement. They are strong supporters of whistle-blower site WikiLeaks and Manning, the Army soldier arrested last year for leaking classified data to the site.


AntiSec's original media release:

The AntiSec statement signs off with some poetry/rap:

I take a left at the light, turn off the headlights and ride real slow
Now holla at me when you see the 5-0
Alright Dirty, yall boys ready?
Bout to turn drive-bys revolutionary
Look at 'em run, too scared to pull they guns
Outta shape from them coffees and them cinnamon buns
This shit is fun, how I feel when the tables is turned
Hollow tips hit yah flesh through yo vests and it burn
That's a lesson you learn, comin straight from the slums
And it don't stop till we get full freedom

No comments:

Post a Comment