Lulz Security is taking over the Net

Tubsandtiles

These guys took down the CIA's website, uploaded 62,000 login details for websites including Facebook, Twitter and Paypal where anyone could download the passwords and use the login details. Reports from the article include people who tweeted about how they ordered items using paypal accounts and logged into peoples facebook causing chaos.
http://www.cbc.ca/news/canada/prince-edward-island/story/2011/06/17/pei-lulzsec-personal-internet-accounts-584.html

dlofnep

No they are not. Stop over-inflating their actions. They DDoS'd the CIA website, which a trained monkey could acheive. And as for the rest of their attacks, they were straight forward against websites that were already known to be vulnerable.

They are ego-monkeys.

Biggins

Tubsandtiles wrote: »

These guys took down the CIA's website, uploaded 62,000 login details for websites including Facebook, Twitter and Paypal where anyone could download the passwords and use the login details. Reports from the article include people who tweeted about how they ordered items using paypal accounts and logged into peoples facebook causing chaos.
http://www.cbc.ca/news/canada/prince-edward-island/story/2011/06/17/pei-lulzsec-personal-internet-accounts-584.html

Sorry fellow boardie, was reported and commentated on here already I think.

ejmaztec

Biggins wrote: »

Sorry fellow boardie, was reported and commentated on here already I think.

Note the OP's location:

The Morning After The Revolution

He's always going to be a day late.

strokemyclover

If only that nasty Dean was nicer to them in college, this whole mess could've been avoided

Seachmall

Two possibilities,

1. They destroy the very core of government and commercial control over the internet
2. They fade into mainstream obscurity like every other sec group that has been around

Which will it be...?

Tubsandtiles

Biggins wrote: »

Sorry fellow boardie, was reported and commentated on here already I think.

Sorry didn't see it in the last few threads

ejmaztec

Seachmall wrote: »

Two possibilities,

1. They destroy the very core of government and commercial control over the internet
2. They fade into mainstream obscurity like every other sec group that has been around

Which will it be...?

It'll be number 3. Water-boarding in Gitmo, and never be seen again.

GavRedKing

This thread needs more tin foil hats really.

red menace

Really they aint up to much.
They are not really that skilled.
It's all DDOS attacks and script kiddie stuff
Glory hounds

Tubsandtiles

dlofnep wrote: »

No they are not. Stop over-inflating their actions. They DDoS'd the CIA website, which a trained monkey could acheive. And as for the rest of their attacks, they were straight forward against websites that were already known to be vulnerable.

They are ego-monkeys.

I wasn't over inflating their actions rather than just trying to inform people on their actions, and if the attacks were pretty straight forward I reckon you could have been a rich man by now

Seachmall

red menace wrote: »

Really they aint up to much.
They are not really that skilled.
It's all DDOS attacks and script kiddie stuff
Glory hounds

It wasn't all DDoS attacks and while they exploited fairly well know security holes that's the logical way to do what they wanted to do. If you can walk through the door why climb through the window? It says absolutely nothing about their skill levels. For all we know they've developed some fairly decent exploits, but why use them (and risk them being patched) when you don't have to?

dlofnep

Tubsandtiles wrote: »

I wasn't over inflating their actions rather than just trying to inform people on their actions, and if the attacks were pretty straight forward I reckon you could have been a rich man by now

People are already informed of their actions - a bunch of morons, with too much time on their hands, exploiting websites that were already known to be vulnerable.

I consistently take part in boards.ie's security forum, and run a number of web-application based challenges. I'm pretty sure I'm qualified to comment on how straight forward they are. I have the ability to attack websites for 'fun and profit', probably like many other hackers - but I choose not to. The cons outweigh the benefits by miles.

The Sony Russia site for example was already posted a few weeks prior to the attack on a number of security forums. The CIA website was hit most likely by a DDoS attack - there's absolutely no skill involved in it. The passwords that they are jacking, at least on batch of which came from a porn website - which are notoriously poor when it comes to security. It wouldn't even be worth discussing, if it wasn't for the fact that the credentials were publicly released.

They 'may' have some talented hackers within their ranks or might just be lucky enough to have a few 0days, but I've yet to see anything worth discussing.

Big Nasty

They did it for the Lulz! :pac:

Sonics2k

dlofnep wrote: »

People are already informed of their actions - a bunch of morons, with too much time on their hands, exploiting websites that were already known to be vulnerable.

I consistent take part in boards.ie's security forum, and run a number of web-application based challenges. I'm pretty sure I'm qualified to comment on how straight forward they are. I have the ability to attack websites for 'fun and profit', probably like many other hackers - but I choose not to. The cons outweigh the benefits by miles.

The Sony Russia site for example was already posted a few weeks prior to the attack on a number of security forums. The CIA website was hit most likely by a DDoS attack - there's absolutely no skill involved in it. The passwords that they are jacking, at least on batch of which came from a porn website - which are notoriously poor when it comes to security. It wouldn't even be worth discussing, if it wasn't for the fact that the credentials were publicly released.

Basically this.
Lulz have some competent hackers, but they are using the most basic of techniques to get into sites, and frankly, hacking Facebook isn't a big deal, the security on the site has been terrible for years, and it's well known. Frankly, within the hacker community it's not seen as any real accomplishment to break into Facebook.

The C.I.A is more impressive, but again, the part they did get into wasn't anything special, all that will come of that is possible jail time if they get found, for no real gain.

LighterGuy

Psssh,
watched a few documentaries about this.

they'll eventually create something called skynet or something. Cant remember what happens next? must of fell asleep.

Ste.phen

Sonics2k wrote: »

frankly, hacking Facebook isn't a big deal, the security on the site has been terrible for years, and it's well known. Frankly, within the hacker community it's not seen as any real accomplishment to break into Facebook.

I'm almost 100% sure they didn't 'hack Facebook'
They hacked some other (book-related, i think) site, and the story most sites ran with was 'if you were on that site, and used the same password elsewhere, e.g. Facebook' you should change it.
Also, once Facebook got hold of the list, they checked it against Facebook logins and immediately locked out anyone whose password was the same for Facebook as it was on that other site.

Just sayin'

biko

A hack here and there is hardly "taking over the net".