PDA

View Full Version : An Idiots tale.


Woodmann
February 12th, 2011, 22:15
Howdy,

This one caught my eye.
The power of determined groups cannot be underestimated.

http://arstechnica.com/tech-policy/news/2011/02/how-one-security-firm-tracked-anonymousand-paid-a-heavy-price.ars

These fuckers even scare me .

Woodmann

Maximus
February 13th, 2011, 11:19
damn, has anyone the log on how they rooted rootkit.com?
...I find something insanely hilarious in rooting rootkit ...com

(i forgot to add: i've high respect for hoglund skills, just that it seemed me... curious, at least^^)

(the answer is:
[04:18] <&Sabu> greg, a 16 year old girl social engineered your admin jussi and got root to rootkit.com )

...then it seems that only a limited part of the emails were leaked, and that in exchange of an official 'burn' of the idiot, the private inbox of greg would not have been seeded:

<+c0s> Penny: correct, and they have greg's but havent released it
<+Baas> Well, if Greg's emails haven't been released...Then there is room to negotiate. What we want is clear.
<+Penny> OK, so if we fire Aaron, you won't release?
<+Penny> So if you say you won't do harm and keep things private then you release them, would you trust that person?
[04:54] <@q> regarding greg's email?
[04:54] <@q> you can trust.
...
<+Penny> Guys, I can't fire someone that owns a portion of the company What i can promise is we will have a meeting to discuss next steps
...
[05:49] <+greg> HBGary Federal was created to do all of our classified work for the U.S. government
[05:49] <+greg> the reason is that HBGary makes products, and we didn't want to have the gov. classify the IP.
(puah @IP, especially when it costs so much to kill one that is invalid btw)
[05:51] <+greg> do you guys realize that attacking a U.S. company and stealing private data is something you have never done before?
(this is an odd sentence, coming from greg... didnt he even seen logs sold over the internet, trojans&keyloggers?)
...from aaron barr: [06:20] <+CogAnon> guys you hacked our servers, took our data, and posted it to the public...its criminal now... its out of my hands...
i am totally appalled by this sentence and its further ones... he looks totally insane. He also tries to frighten them by the fact the feds would hunt them... as if they werent already doing it... amazing.

funny one (talking about kicking penny from channel for joke): [08:11] <MGMX> damn if they are logging the channel it'll be like KILL PENNY? THATS A THREAT

curious: from "http://blogs.crikey.com.au/thestump/2011/02/07/i-confess-im-a-member-of-anonymous-hail-xenu/" last line that reads:
*Update: having accused MSM journalists of failing on this score, I have since been told that in fact the HB Gary Federal episode was cracking, not hacking." (nc)

...in the end, hoglund mail went on torrents? does anybody know how the thing ended up?

More importantly, from a 'commercial' point of view - how much does this damage hoglund's company? For what I have learned till now, 'face is all' when you offer very advanced IT Security services, and often (but not always, like this mr. barr it seems) gained hard on the field (wininternals etc)... what consequences will that have?

hmm...

wbe
February 13th, 2011, 13:41
Social networking is the root of all social engineering, or all evil (not eval).

Still socializing with the good old style: face-to-face rather than wall-to-wall on facebook. Hence, nobody can engineer me on my back.

It's in my roots I guess.

BanMe
February 13th, 2011, 14:42
a cracked 'federal' Inspector going public..would be more interesting..still small details can be learned from statements of members.. :P
"you have my 'girl friends' name on the 'list'.."..hmm sounds like skip tracing, that came close..I'd call her and say
'Hello my name is *, im looking for *'.
response 'hes not here'
'oh I'm sorry is there a better time to reach him?'
response 'some time'..
'what relation are you to *'
response xyz
'oh you wouldnt have a better number to reach him at would you'... :O

I practiced that daily at CCS..'corporations teaching non-ethical 'skills' shouldn't be able to operate.'

Maximus
February 13th, 2011, 15:50
just remember that IRC channels are free - eveyone interested can log into it. Treating all of them as 'criminals', or trying to hunt them as criminal just because they log on IRCs and brag is wrong and often misleading.

The very, very funny thing is that(x2) Barr started to say something like "i am good, i am a researcher, you acted bad and i tried to help/etc you, not everything is in the hands of omniscient feds, you are doomed and i cant do anything to save you"
- the funny thing is that he does not understand a dime of the mind of IRC guys, and while it is very reasonable for penny when she says "you say you know where i live, this is a threat", it is rather pathetic to see a similar point behind Barr's reasoning (~now everything is in the hands of aaaalmighty feds).

But apart the analysis of the funny IRC logs, I'm more interested to know/see what will happen to hoglund's company: indeed, i'd call it the hack of the year, and the way it got done -social rce- left me without words.

@wbe: yep, that's why i told my woman to remove my pics on his facebook profile :P -and by the way even her [not a PC practitioner, i'd say] discovered the most interesting things of social networks: spying upon other friend profiles and grab info for chit-chats

BanMe
February 13th, 2011, 16:28
Sorry I would want no such act as 'hunting' them down as criminals..tracking people down by social engineering..is what I meant to highlight.. and tried to provide example of it..

Kayaker
February 13th, 2011, 17:23
hmm...

Quote:
Hello,

you have been registred on site rootkit.com. This site was hacked recently, and all data about users(including passwords) are freely available in the Internet.
To protect yourself, you should change the password on this site.
If you are using word "xxxxxxx" as password on other sites you should change it too.

Woodmann
February 13th, 2011, 21:59
http://www.hbgary.com/

The site is still junk from the attacks.
Two links that go off site.

That fucker took a beating.

Woodmann

Just checked rootkit.com. Site is down.

Maximus
February 14th, 2011, 09:40
"...im in europe and need to ssh into the server. can you drop open up
firewall and allow ssh through port 59022 or something.."
"Erm, yeah, OK, sure..."

...wow...

...and all the pwd of rootkit.com ARE free on the net!

look around
http://you have to guess it, sorry

also, it SEEMS that all Greg mail ended up in torrent -sad end, i hoped that it wouldnt happen :/

Silkut
February 14th, 2011, 10:50
The password list was posted on twitter...

I changed mine on the website I was using it (2 or 3, minor ones).

Maximus
February 19th, 2011, 07:22
look this interesting thread:
http://www.dailykos.com/story/2011/02/16/945768/-UPDATED:-The-HB-Gary-Email-That-Should-Concern-Us-All

tbh there is some simple software out there to do that, but not at this level of complexity...
also, the usage is pretty interesting, from a government-wise point of view.

Personally, I have some reserve on the fact it can really work as expected, but... who knows?

[heheh, nothing personal but was just a funny thing i got thinking atm - i'd say they are experiencing the 'power effects' of their software in general media and forums nowadays ]