Skip to main content
  1. Home
  2. Computing
  3. News

LulzSec hits 50+ porn sites, exposes user data

Andrew Couts
By
Lulzsec-hackers

In their ongoing quest for laughs at the expense of everyone else, hacker group Lulz Security has hit a new type of target: Porn. The group announced on Friday that it had infiltrated 56 porn sites, stolen and posted administrative emails and published an additional 26,000 emails and passwords from users of Pron.com.

“Hi! We like porn (sometimes), so these are email/password combinations [sic] from pron.com which we plundered for the lulz,” the group wrote in a release on their website, which also contained all the stolen email addresses and passwords.

Related Videos

The user data posted by LulzSec cannot be used to access the porn website accounts. Instead, it simply exposes the users as watchers of porn. The group specifically pointed out users with government and military email addresses who had signed up for the porn site.

Related

But hacking porn sites wasn’t all LulzSec did in the past 24 hours. In a seemingly uncharacteristic move (as if we could say what the character of LulzSec is in the first place, which we cannot), the group alerted the British National Health Service to its network’s password vulnerabilities, and took down Muslim terrorist website aljahad.com. (Admittedly, the latter appears to have been carried out as a jab against rival hacker “Th3 J35t3r,” who took down the same site on June 5.)

These cyber shenanigans follow LulzSec attacks on PBS.org, Sony, Nintendo, FBI affiliate Infragard Atlanta, and data security company Unveillance, among others.

Since the attack on PBS.org on May 30, which involved posting a fake story about deceased rapper Tupac Shakur living in New Zealand, LulzSec’s following on Twitter — where the majority of its statements and communications are published — has exploded to more 120,000.

The group has even managed to gain a following amongst members of the “white hat” cyber security industry — the people supposed to be fighting against LulzSec and their ilk — simply because they’ve so successfully made clear that most digitally stored data is woefully exposed.

“LulzSec is running around pummeling some of the world’s most powerful organizations into the ground… for laughs! For lulz! For shits and giggles!” writes security expert Patrick Gray on Risky.biz. “Surely that tells you what you need to know about computer security: there isn’t any.”

So, who’s next on LulzSec’s list of unlucky entities? Who knows! But we’d wager that Sony’s on there somewhere.

Editors' Recommendations

Topics
Anonymous releases counter-hacking manual
lulzsec wages war with anonymous and 4chan releases 62000 logins

With Lulz Security now on permanent hiatus, fellow hacker group Anonymous has filled in the gap with the release of a "counter-cyberterrorism" manual from the US Department of Homeland Security. According to ABC News, which was first to sort through the 650 MB file posted to MegaUpload, the release was originally thought to have come from a certain private security firm whose website went offline soon after Anonymous released the data. It was later found that the information actually comes from the Federal Emergency Management Agency (FEMA), which originally produced the "Counter Terrorism Defense Initiative" training program in 2009. Accordring to the program's website (which has since been taken offline), the "SENTINAL" program — short for "Security and Network Training Initiative and National Education Laboratory" — "is a national initiative to educate technical personnel in cyberterrorism response and prevention." The program was intended for employees of "public safety, law enforcement, state and local government, public utilities, colleges and universities, and health care providers." And it "focuses on enhancing the prevention, preparedness, and response capabilities of local, state, tribal, and rural public safety jurisdictions."It does not appear that the release contains much that wasn't already publicly available on the Internet. It does, however, provide a list of all the Federal Bureau of Investigation office locations throughout the United States. Other contents of note include stock letters for officially requesting user information from Internet service providers, and various hacking and coutner-hacking tools. In short, there's really nothing much here that a determined person couldn't have found without hacking a single thing.
Regardless of the value of the release, the action shows that the hackers are far from finished. This release is part of the "AntiSec" (anti-cybersecurity) campaign launched by Anonymous and LulzSec (before it disbanded). According to @AnonymousIRC, a 100,000-follower strong Twitter feed that reports on the group's escapades, "all @LulzSec members" are onboard with the #AntiSec campaign. While LulzSec claims that it planned from the beginning to remain a coherent group for 50 days before splitting up, some believe the hacker sect called it quits after a rival gang of hackers, A-Team, released what it claims are the identities and online properties of all of LulzSec's members.

Read more
LulzSec hacker identities apparently outed by rival group

For almost two months, hacker group Lulz Security has waged what amounts to an Internet terror campaign on... well... pretty much everyone. PBS.org, CIA.gov, Senate.gov, a range of major video game developer and publisher websites, porn sites, 4chan.org... the list goes on. LulzSec followed up its latest attack, which involved revealing the identities of agents with a number of Arizona law enforcement agents, with a public statement revealed that, after 50 days, its work is officially finished. A rival group calling itself "The A-Team" doesn't see things that way, however, claiming that LulzSec "lack[s] the skills to keep it going."
The statement comes from an anonymous -- not to be confused with Anonymous -- post on Pastebin (via Gizmodo). The A-Team contends that LulzSec, which is made up gn0sis and Anonymous group members, "after Sony [LulzSec] couldn't get into anything. So they switched their focus to just releasing random crap that didn't mean anything."
The document goes on to describe a disorganized hacker group that, realizing it had hit a wall, reached out for new members capable of keeping up with the pace that had been set. "Their releases have nothing to do with their goals or their lulz," The A-Team writes. "It's purely based on whatever they find with their 'google hacking' queries and then release it." The rest of the space is filled with any available personal information on known LulzSec members.
Whether or not The A-Team's information is accurate is another question entirely. LulzSec's retirement announcement did come very suddenly however. Ultimately, it doesn't matter to the majority of us; one group going away, whatever the reason, isn't going to fracture the global network of hackers.

Read more
LulzSec calls it quits after 50 days of hacks
Lulzsec-hackers-quit-finished

Only a little more than a month and a half ago, the merry pranksters of Lulz Security began their quest to wreak havoc on the computer systems of the world, all in the name of lulz. Today, that anarchic campaign has come to an abrupt end. The group announced via a statement posted to Pastebin that it will permanently disband, dropping the Lulz Boat anchor for good. As a parting gift, LulzSec also released a trove of data stolen from companies like AOL and AT&T, evidence that the group hacked the website of the US Navy, plus a variety of other illicit goodies.
"For the past 50 days we've been disrupting and exposing corporations, governments, often the general population itself, and quite possibly everything in between, just because we could," writes LulzSec. "All to selflessly entertain others - vanity, fame, recognition, all of these things are shadowed by our desire for that which we all love. The raw, uninterrupted, chaotic thrill of entertainment and anarchy."
The group confirmed its retirement on the LulzSec Twitter feed, which managed to amass 277,540 followers during its short stint online.
During its 50-day stint of digital escapades, LulzSec hacked PBS.org, a variety of websites owned by Sony, Nintendo, FBI affiliate Infragard Atlanta, 50+ porn sites, Bethesda software, 4Chan.org, CIA.gov, Senate.gov and a variety of law enforcement agencies in Arizona.
LulzSec's statement goes on to explain that, like "Hitler and Osama bin Laden," they are people, too. "People with a preference for music, a preference for food; we have varying taste in clothes and television, we are just like you," says the group.
In what appears to be an attempt to explain the non-lulz motivation behind its most high-profile hack — this week's release of hundreds of classified and/or private data from Arizona law enforcement as a protest of its strict immigration law, and other moves related to the joint LulzSec-Anonymous "AntiSec" campaign — LulzSec says that its members "truly believe" in that cause — so strongly, in fact, that they "brought it back, much to the dismay of those looking for more anarchic lulz."
While the group says that the brief duration of its existence was planned from the beginning, some have already begun to argue that the pressure on LulzSec simply became too much for them to handle. And they might have a point. In the past two weeks alone, Scotland Yard arrested a 19-year-old with ties to the group; hacker group Web Ninjas published names, photos and other personal data related to people it claims are members of LulzSec; and another hacker group, TeaMp0isoN, defaced the website of an alleged LulzSec member.
Regardless of its reason for throwing in the towel, the group adds this as its final bon voyage: "We must now sail into the distance, leaving behind - we hope - inspiration, fear, denial, happiness, approval, disapproval, mockery, embarrassment, thoughtfulness, jealousy, hate, even love. If anything, we hope we had a microscopic impact on someone, somewhere. Anywhere."
"LulzSec" may be done. But something tells us that the people behind its shenanigans are far from finished. Stay tuned.
Read LulzSec's full statement:
Friends around the globe,
We are Lulz Security, and this is our final release, as today marks something meaningful to us. 50 days ago, we set sail with our humble ship on an uneasy and brutal ocean: the Internet. The hate machine, the love machine, the machine powered by many machines. We are all part of it, helping it grow, and helping it grow on us.
For the past 50 days we've been disrupting and exposing corporations, governments, often the general population itself, and quite possibly everything in between, just because we could. All to selflessly entertain others - vanity, fame, recognition, all of these things are shadowed by our desire for that which we all love. The raw, uninterrupted, chaotic thrill of entertainment and anarchy. It's what we all crave, even the seemingly lifeless politicians and emotionless, middle-aged self-titled failures. You are not failures. You have not blown away. You can get what you want and you are worth having it, believe in yourself.
While we are responsible for everything that The Lulz Boat is, we are not tied to this identity permanently. Behind this jolly visage of rainbows and top hats, we are people. People with a preference for music, a preference for food; we have varying taste in clothes and television, we are just like you. Even Hitler and Osama Bin Laden had these unique variations and style, and isn't that interesting to know? The mediocre painter turned supervillain liked cats more than we did.
Again, behind the mask, behind the insanity and mayhem, we truly believe in the AntiSec movement. We believe in it so strongly that we brought it back, much to the dismay of those looking for more anarchic lulz. We hope, wish, even beg, that the movement manifests itself into a revolution that can continue on without us. The support we've gathered for it in such a short space of time is truly overwhelming, and not to mention humbling. Please don't stop. Together, united, we can stomp down our common oppressors and imbue ourselves with the power and freedom we deserve.
So with those last thoughts, it's time to say bon voyage. Our planned 50 day cruise has expired, and we must now sail into the distance, leaving behind - we hope - inspiration, fear, denial, happiness, approval, disapproval, mockery, embarrassment, thoughtfulness, jealousy, hate, even love. If anything, we hope we had a microscopic impact on someone, somewhere. Anywhere.
Thank you for sailing with us. The breeze is fresh and the sun is setting, so now we head for the horizon.
Let it flow...
Lulz Security - our crew of six wishes you a happy 2011, and a shout-out to all of our battlefleet members and supporters across the globe

Read more