Hackers go after Gung Ho sites

SUBHEAD: Anonymous targets military related sites in latest holiday hacks revealing personal user information.

 By Michelle Meyers on 29 December 2011 for CNET - 
(http://news.cnet.com/8301-1009_3-57349976-83/anonymous-targets-military-gear-site-in-latest-holiday-hack)


Image above: Graphic for tee-shirt illustrating an armed special forces team dressed as Santas and about to parachute into a drop zone. From (http://www.specialforces.com/t-shirts-clothing-gifts/sfg-shirts/twas-the-night-xmas).

 On Christmas Day the target was security think tank Strategic Forecasting, or Stratfor. This time it was SpecialForces.com, a Web site that sells military gear.

"Continuing the week long celebration of wreaking utter havoc on global financial systems, militaries, and governments, we are announcing our next target: the online piggie supply store SpecialForces.com," the group wrote in a Pastebin posting today.

The hackers said they breached the SpecialForces.com site months ago, but only just got around to posting the customer data. Even though the site's data was encrypted, they claim to have 14,000 passwords and details for 8,000 credit cards belonging to Special Forces Gear customers.

In a statement to CNET, Special Forces Gear founder Dave Thomas confirmed that his company's Web servers were compromised by Anonymous in late August, resulting in a security breach that allowed the hackers to obtain customer usernames, passwords, and possibly encrypted credit card information in some cases. "We have no evidence of any further security breaches, and we believe that the recent Stratfor incident is being used to bring this old news back into the spotlight," he noted.
Thomas added that the compromised passwords were from a backup of a previous version of the Web site that is more than a year old. "Most of the credit card numbers are expired, and we don't have evidence of any credit card misuse at this time," he wrote. "The current Web site does not store customer passwords or credit card information."

After the security breach, "we completely rebuilt our Web site and hired third-party consultants to help us shore up Web site security," he said, adding that the vast majority of the sites' sales are custom t-shirts and related gifts, and that the company donates a portion of its profits to charity.
Identity Finder, a New York-based data loss and identity theft prevention service, determined that files posted to date by Anonymous and its AntiSec offshoot related to this breach include 7,277 unique credit card numbers; 68,830 e-mail addresses (of which 40,854 are unique); and 36,368 plain-text usernames and passwords, some of which might be duplicates.

In the statement issued today, the hackers also took another shot at Stratfor for its alleged confusion over whether its data had been encrypted or not:
We also laughed heartily whilst these so-called protectors of private property scrambled desperately to recover the sensitive information of all the customers who they wronged by failing to use proper security precautions.
SpecialForces.com does encrypt customer data. "Nevertheless, our voodoo prevailed and we were quickly able to break back into the military supplier's server and steal their encryption keys," the hackers wrote. "We then wrote a few simple functions to recover the cleartext passwords, credit card numbers, and expiration dates to all their customers' cards. That's how we roll."

Anonymous hacks StratFor Inc  

By Jim Finkle on 30 December 2011 for the Chicago Tribune - 
(http://www.chicagotribune.com/business/sns-rt-us-usa-cyberattack-stratfortre7bt10z-20111230,0,6489174.story)

Hackers affiliated with the Anonymous group published hundreds of thousands of email addresses they claimed belong to subscribers of private intelligence analysis firm Strategic Forecasting Inc.

 The list, published late on Thursday, includes email addresses appearing to belong to people working for large corporations, the U.S. military and major defense contractors - information that hackers could potentially use to target them with virus-tainted emails in an approach known as "spear phishing." The Antisec faction of Anonymous last weekend disclosed that it had hacked into the firm, which is widely known as Stratfor and is also dubbed a "shadow CIA" because it gathers open-source intelligence on international crises.

 The hackers had promised to cause "mayhem" by releasing stolen data from the private group. Stratfor issued a statement confirming that the published email addresses had been stolen from the company's database, saying it was helping law enforcement probe the matter and conducting its own investigation. "At Stratfor, we try to foster a culture of scrutiny and analysis, and we want to assure our customers and friends that we will apply the same rigorous standards in carrying out our internal review," the statement said.

 "There are thousands of email addresses here that could be used for very targeted spear phishing attacks that could compromise national security," said John Bumgarner, chief technology officer of the U.S. Cyber Consequences Unit, a non-profit group that studies cyber threats. The Pentagon said it saw no threat so far. "We are not aware of any compromise to the DOD information grid," said Lieutenant Colonel Jim Gregory, a spokesman for the Department of Defense, or DOD.

 In a posting on the data-sharing website pastebin.com, the hackers said the list included some information from about 75,000 customers of Stratfor and approximately 860,000 people who had registered to use its site. It said that included some 50,000 email addresses belonging to the U.S. government's .gov and .mil domains. The list also included addresses at contractors including BAE Systems Plc, Boeing Co, Lockheed Martin Corp and several U.S. government-funded labs that conduct classified research in Oak Ridge, Tennessee; Idaho Falls, Idaho; and Sandia and Los Alamos, New Mexico.

 Corporations on the list include Bank of America, Exxon Mobil Corp, Goldman Sachs & Co and Thomson Reuters. The entries included scrambled versions of passwords. Some of them can be unscrambled using databases known as rainbow tables that are available for download over the Internet, according to Bumgarner. He said he randomly picked six people on the list affiliated with U.S. military and intelligence agencies to see if he could crack their passwords. He said he was able to break four of them, each in about a second, using one rainbow table. .

No comments :

Post a Comment