Skip to main content

LulzSec hacks FBI affiliate, Infragard

Lulzsec-hackersHacker group Lulz Security (aka LulzSec) is on a war path. Following their highly public hacks of the PBS website and SonyPictures.com, LulzSec has now set its sights on the top law enforcement agency in the United State: The Federal Bureau of Investigations.

In a press release posted to anonymous message board PasteBin.com, the group announced that it hacked the website of the Atlanta chapter of Infragard, a non-profit that serves as a partnership between the FBI and private business, which the American Civil Liberties Union describes as “a corporate TIPS program, turning private-sector corporations…into surrogate eyes and ears for the FBI.” LulzSec also uploaded Infragard Atlanta’s user database to the Internet. The group says that the attack was launched in retaliation for NATO and the Pentagon officially declaring hacking an act of war.

Recommended Videos

“It has come to our unfortunate attention that NATO and our good friend Barrack Osama-Llama 24th-century Obama have recently upped the stakes with regard to hacking. They now treat hacking as an act of war. So, we just hacked an FBI affiliated website (Infragard, specifically the Atlanta chapter) and leaked its user base,” wrote LulzSec. “…Most [Infragard members] reuse their passwords in other places, which is heavily frowned upon in the FBI/Infragard handbook and generally everywhere else too.”

With the user login info at its disposal, LulzSec explains that it then hacked the private Gmail account of one Karim Hijazi, a “whitehat” hacker who owns data security firm Unveillance. LulzSec hacked Unveillance, too, and “briefly took over, among other things, their servers and their botnet control panel,” LulzSec writes.

“After doing so, we contacted Karim and told him what we did. After a few discussions, he offered to pay us to eliminate his competitors through illegal hacking means in return for our silence. Karim, a member of an FBI-related website, was willing to give us money and inside info in order to destroy his opponents in the whitehat world,” writes LulzSec. “We even discussed plans for him to give us insider botnet information.”

This exchange has, in some ways, been confirmed by Hijazi, who posted a statement about the breach and his contact with LulzSec members on the Unveillance website. One glaring difference between the opposing accounts of their discussions remains, however: While LulzSec claims Hijazi tried to pay them to “destroy his opponents,” Hijazi says he was simply extorted by LulzSec.

“Over the last two weeks, my company, Unveillance, has been the target of a sophisticated group of hackers now identified as ‘LulzSec,” writes Hijazi. “During this two week period, I was personally contacted by several members of this group who made threats against me and my company to try to obtain money as well as to force me into revealing sensitive data about my botnet intelligence that would have put many other businesses, government agencies and individuals at risk of massive Distributed Denial of Service (DDoS) attacks.

“In spite of these threats, I refused to pay off LulzSec or to supply them with access to this sensitive botnet information. Had we agreed to provide this data to them, LulzSec would have been able to grow the size and scope of their DDoS attack and fraud capabilities.”

Hijazi also posted a chat log between himself and two members of LulzSec, identified in the chat as “Ninetales” and “hamster_nipples.” The back-and-forth explicitly shows Ninetales mention the word “extortion,” and shows the pair’s attempts to be paid for their “silence.”

“While I do get great enjoyment from obliterating whitehats from cyberspace, I can save this pleasure for other targets,” writes LulzSec’s Ninetails. “Let’s just simplify: you have lots of money, we want more money.”

LulzSec says they were simply trying to “stringing [Hijazi] along to further expose the corruption of whitehats.”

Regardless of who’s telling the truth, it would seem that LulzSec’s war has only just begun, so stay tuned.

Andrew Couts
Former Digital Trends Contributor
Features Editor for Digital Trends, Andrew Couts covers a wide swath of consumer technology topics, with particular focus on…
This Lenovo ThinkPad is usually $2,059 — today it’s under $1,000
The Lenovo ThinkPad L13 Yoga 2-in-1 laptop in tablet mode.

You can enjoy the best of both worlds between laptop deals and tablet deals if you go for a 2-in-1 laptop like the Lenovo ThinkPad L13 Yoga Gen 4, which is currently on sale from Lenovo itself at 54% off. Its estimated value of $2,059 may seem a bit too high, but in any case, it's a smart purchase at its discounted price of just $931. You'll have to be quick in finishing the purchase process for this device though, as it may be back to its regular price as soon as tomorrow.

Why you should buy the Lenovo ThinkPad L13 Yoga Gen 4 2-in-1 laptop

Read more
‘You can’t lick a badger twice’: How Google’s AI Overview hallucinates idioms
Samples of Google AI Overview errors.

The latest AI trend is a funny one, as a user has discovered that you can plug a made-up phrase into Google and append it with "meaning," then Google's AI Overview feature will hallucinate a meaning for the phrase.

Historian Greg Jenner kicked off the trend with a post on Bluesky in which he asked Google to explain the meaning of "You can't lick a badger twice." AI Overview helpfully explained that this expression means that you can't deceive someone a second time after they've already been tricked once -- which seems like a reasonable explanation, but ignores the fact that this idiom didn't exist before this query went viral.

Read more
You can now try Adobe’s new app to digitally sign your artwork for free
Adobe Content Authenticity app graphic.

First announced in October, Adobe's Content Authenticity app is now in public beta, and anyone can try it for free. The app allows people to add "Content Credentials" to their digital work -- invisible and secure metadata that shares information about the creator. AI can't edit it out like a watermark and it still works even when someone screenshots the original file.

You can add various information to your Content Credentials, such as your name (which can be verified via LinkedIn) and your social media accounts. You can also express your preferences toward generative AI training. This is an experimental feature aiming to get a headstart on future AI regulation that Adobe hopes will respect the creator's choice regarding training data.

Read more