Skip to main content
  1. Home
  2. Computing
  3. News

LulzSec wages war with Anonymous and 4Chan, releases 62,000 logins [update]

Andrew Couts
By
lulzsec-vs-anonymous

The rascally hackers of Lulz Security have unleashed pure havoc on the entire Internet today with the release of 62,000 email-password combos that serve as the login credentials for, well, we’re not exactly sure — the group, better known as LulzSec, won’t say explicitly. But so far Twitter users have reported hacked Gmail, PayPal, Facebook, Hotmail and Twitter accounts related to the stolen data, so it appears that nothing’s safe if you’re unlucky enough to have made the list.

The lulz seem to be going both ways with this one: good and nauseatingly bad. While at least one user reports having received an email chocked full of child pornography, others have gotten (un-earned) super-boosts to their World of Warcraft accounts (at the expense of someone else, of course). All-in-all, it would seem LulzSec’s shenanigans are going precisely according to plan.

Related Videos

In addition to the leak, LulzSec has begun to take shots at an unlikely target: 4Chan.org and its infamous /b/ message board. 4Chan is famously the original home of another hacker group, Anonymous, and is the source of a wide variety of popular Internet memes, like LolCats and Rick Rolling.

According to VentureBeat, the moves against 4Chan began after LulzSec kicked-off a “DDoS party” on a variety of websites and game servers popular with gamers, including that of EVE Online, League of Legends and Minecraft, all of which faced outages or major slow-downs because of the flood of malicious traffic.

Visitors to 4Chan’s /v/ imageboard, whose users focus on video games, caught wind of the attacks, and began their own DDoS campaign against anything related to LulzSec.

Today, LulzSec continued the civil war of the online underground with a series of tweets meant to provoke 4Chan visitors.

“Everybody visit this cool and edgy imageboard, they love new members!” wrote LulzSec on its 150,000-follower-strong Twitter feed, with a link to /b/. “Ask them how to triforce and how to become legion.”  LulzSec followed this up with a variety of other tweets drawing attention to /b/, with suggestions for how to annoy its regular users.

It may seem odd to some that LulzSec would hit so close to Anonymous’ home, seeing as they are both hacker groups that have hit similar targets. (Or, in the case of Sony, the same target.) But LulzSec has consistently denied any relation to Anonymous. And now, it seems, the two groups are at war*.

“We are the concentrated success of 2005 /b/, being ‘hunted’ by the 2011 furry horde. Challenge accepted, losers,” Anonymous posted to its Twitter account.

At the beginning of this writting, 4Chan either failed to load or loaded extremely slowly, a sign that a DDoS attack was underway. By the the time of publication, the site was running smoothly.

UPDATE: *Both Anonymous and LulzSec have denied that they are at war. “Saying we’re attacking Anonymous because we taunted /b/ is like saying we’re going to war with America because we stomped on a cheeseburger,” said LulzSec on Twitter early Friday afternoon. The Anonymous-associated Twitter feed YourAnonNews furthered that assertion, saying, “We are NOT at war with @LulzSec.”

Editors' Recommendations

LulzSec calls it quits after 50 days of hacks
Lulzsec-hackers-quit-finished

Only a little more than a month and a half ago, the merry pranksters of Lulz Security began their quest to wreak havoc on the computer systems of the world, all in the name of lulz. Today, that anarchic campaign has come to an abrupt end. The group announced via a statement posted to Pastebin that it will permanently disband, dropping the Lulz Boat anchor for good. As a parting gift, LulzSec also released a trove of data stolen from companies like AOL and AT&T, evidence that the group hacked the website of the US Navy, plus a variety of other illicit goodies.
"For the past 50 days we've been disrupting and exposing corporations, governments, often the general population itself, and quite possibly everything in between, just because we could," writes LulzSec. "All to selflessly entertain others - vanity, fame, recognition, all of these things are shadowed by our desire for that which we all love. The raw, uninterrupted, chaotic thrill of entertainment and anarchy."
The group confirmed its retirement on the LulzSec Twitter feed, which managed to amass 277,540 followers during its short stint online.
During its 50-day stint of digital escapades, LulzSec hacked PBS.org, a variety of websites owned by Sony, Nintendo, FBI affiliate Infragard Atlanta, 50+ porn sites, Bethesda software, 4Chan.org, CIA.gov, Senate.gov and a variety of law enforcement agencies in Arizona.
LulzSec's statement goes on to explain that, like "Hitler and Osama bin Laden," they are people, too. "People with a preference for music, a preference for food; we have varying taste in clothes and television, we are just like you," says the group.
In what appears to be an attempt to explain the non-lulz motivation behind its most high-profile hack — this week's release of hundreds of classified and/or private data from Arizona law enforcement as a protest of its strict immigration law, and other moves related to the joint LulzSec-Anonymous "AntiSec" campaign — LulzSec says that its members "truly believe" in that cause — so strongly, in fact, that they "brought it back, much to the dismay of those looking for more anarchic lulz."
While the group says that the brief duration of its existence was planned from the beginning, some have already begun to argue that the pressure on LulzSec simply became too much for them to handle. And they might have a point. In the past two weeks alone, Scotland Yard arrested a 19-year-old with ties to the group; hacker group Web Ninjas published names, photos and other personal data related to people it claims are members of LulzSec; and another hacker group, TeaMp0isoN, defaced the website of an alleged LulzSec member.
Regardless of its reason for throwing in the towel, the group adds this as its final bon voyage: "We must now sail into the distance, leaving behind - we hope - inspiration, fear, denial, happiness, approval, disapproval, mockery, embarrassment, thoughtfulness, jealousy, hate, even love. If anything, we hope we had a microscopic impact on someone, somewhere. Anywhere."
"LulzSec" may be done. But something tells us that the people behind its shenanigans are far from finished. Stay tuned.
Read LulzSec's full statement:
Friends around the globe,
We are Lulz Security, and this is our final release, as today marks something meaningful to us. 50 days ago, we set sail with our humble ship on an uneasy and brutal ocean: the Internet. The hate machine, the love machine, the machine powered by many machines. We are all part of it, helping it grow, and helping it grow on us.
For the past 50 days we've been disrupting and exposing corporations, governments, often the general population itself, and quite possibly everything in between, just because we could. All to selflessly entertain others - vanity, fame, recognition, all of these things are shadowed by our desire for that which we all love. The raw, uninterrupted, chaotic thrill of entertainment and anarchy. It's what we all crave, even the seemingly lifeless politicians and emotionless, middle-aged self-titled failures. You are not failures. You have not blown away. You can get what you want and you are worth having it, believe in yourself.
While we are responsible for everything that The Lulz Boat is, we are not tied to this identity permanently. Behind this jolly visage of rainbows and top hats, we are people. People with a preference for music, a preference for food; we have varying taste in clothes and television, we are just like you. Even Hitler and Osama Bin Laden had these unique variations and style, and isn't that interesting to know? The mediocre painter turned supervillain liked cats more than we did.
Again, behind the mask, behind the insanity and mayhem, we truly believe in the AntiSec movement. We believe in it so strongly that we brought it back, much to the dismay of those looking for more anarchic lulz. We hope, wish, even beg, that the movement manifests itself into a revolution that can continue on without us. The support we've gathered for it in such a short space of time is truly overwhelming, and not to mention humbling. Please don't stop. Together, united, we can stomp down our common oppressors and imbue ourselves with the power and freedom we deserve.
So with those last thoughts, it's time to say bon voyage. Our planned 50 day cruise has expired, and we must now sail into the distance, leaving behind - we hope - inspiration, fear, denial, happiness, approval, disapproval, mockery, embarrassment, thoughtfulness, jealousy, hate, even love. If anything, we hope we had a microscopic impact on someone, somewhere. Anywhere.
Thank you for sailing with us. The breeze is fresh and the sun is setting, so now we head for the horizon.
Let it flow...
Lulz Security - our crew of six wishes you a happy 2011, and a shout-out to all of our battlefleet members and supporters across the globe

Read more
LulzSec hits Arizona police computers, reveals sensitive data

Hacking group LulzSec, in a move that seems more ideological than lulzworthy, has hit the State of Arizona's law enforcement in what the group dubbed “Operation Chinga La Migra”. Late Thursday the hackers have released what they claim are hundreds of sensitive documents belonging to the state's law enforcement officials.
The 447-megabytes worth of documents is available at Pirate Bay. The torrent of leaked materials contains bulletins, training manuals, personal email correspondence, numbers, passwords and more. LulzSec says they targeted the Arizona police department specifically because of SB1070, the law which branded Arizona as one of the stricter anti-immigrant states in the US. The controversial SB1070 allowed cops to stop anyone and ask for identification; basically, if you had an accent you're considered illegal.
The raid of government files seems to be part-flex, part image change. No more DDoS, this seems like their big boy voice and is well in line with their recent Operation Anti-Security anti-government move. Here's what they said:
"We are releasing hundreds of private intelligence bulletins, training manuals, personal email correspondence, names, phone numbers, addresses and passwords belonging to Arizona law enforcement. We are targeting AZDPS specifically because we are against SB1070 and the racial profiling anti-immigrant police state that is Arizona.
The documents classified as "law enforcement sensitive", "not for public distribution", and "for official use only" are primarily related to border patrol and counter-terrorism operations and describe the use of informants to infiltrate various gangs, cartels, motorcycle clubs, Nazi groups, and protest movements.
Every week we plan on releasing more classified documents and embarassing personal details of military and law enforcement in an effort not just to reveal their racist and corrupt nature but to purposefully sabotage their efforts to terrorize communities fighting an unjust "war on drugs".
Hackers of the world are uniting and taking direct action against our common oppressors - the government, corporations, police, and militaries of the world. See you again real soon."
These personal documents detail complaints against the Mexican government, fascinating day-to-day stories of gun fights at McDonalds, new drugs being disguised as cigarettes, iPhone apps that cops dislike, a guide to social networking, sneaky new tech tactics being used by criminals and the obvious lack of funding the Arizona government has for their own tech.
The documents also detail threat levels for certain groups like motorcycle gangs, and interestingly the police find that Jew for Jesus count as a very low threat level. If you don't feel like downloading it, BoingBoing has posted a few highlights to ponder. Something like this seems like it would get the goat of a patriotic hacker like Th3J35t3r. Actually, LulzSec's website was down when we checked it an hour ago, so maybe they have already felt the repercussions. The Lulz hacker group said that there will be more to come Monday.

Read more
Identifying the hacktivists of the emerging cyberwar

The Internet has never been a safe place, and since its inception, and introduction to consumers, privacy and security have been a major concern. Of course, now that the average person’s computer skills are many times over what they used to be, that only amplifies the problem. Couple this with the fact that millions and millions of people are uploading mass amounts of personal and sensitive data and you’ve got a recipe for some serious cyber-insecurity. The advent of hackers with a conscience has exacerbated the situation while also putting a new twist on Web ethics.
Anonymous and LulzSec have become household names, and their Internet antics have captured the attention of just about everyone, including the CIA. But as identities and opponents merge, the cyberwar landscape has become confusing. Consider this an introductory course to the who's who of hackers.
Anonymous
Anonymous first largely appeared on many radars after making worldwide headlines for its attack on the Church of Scientology in what they called Project Chanology. But more recently the group became a household name shortly after the WikiLeaks Cablegate debacle.
When various websites refused to host WikiLeak’s site, and credit card companies wouldn’t offer a way for people to make donations to the group, the hacktivists took it upon themselves to fight WikiLeak’s enemies. Anonymous used a series of DDoS to take down MasterCard, Visa, PayPal and drew the ire of international law authorities.
So where did Anonymous come from? The group organized via popular forum 4chan and past victims include the Church of Scientology, Internet predator Chris Forcand, and censorship proponents worldwide. Many of its actions have been motivated by the groups’ personal morals, which largely focus on freedom of information. Much of its recent work has centered on the Middle East rebellions, and the group has publicly announced its fight against Iran and Egypt. Other notable targets were HB Gary, Sony PlayStation (although Anonymous claimed innocence for the PSN collapse), and Bank of America.
The group’s various press releases and announcements are typically well written and almost business-like, as have been its denials. It has often had to defend itself against many groups claiming to be hacked by Anonymous. There have been rumors of inner turmoil that has led to different factions with separate agendas and personalities. At the moment, AnonNews is down due to DDoS attacks.
LulzSec
If Anonymous is the student body president of hackers, LulzSec is the class clown. The group hasn’t been on the public scene very long, first gaining notoriety about a month ago when attacked Fox.com in retaliation for calling the rapper Common "vile." But LulzSec's first breakthrough performance came when it hacked PBS and posted a fake report that Tupac Shakur was alive. The group claimed that this was in response to negative attention directed toward WikiLeaks and Bradley Manning. LulzSec also claimed responsibility for some of Sony’s hacked web properties. Over the last month, LulzSec has also hit the FBI, Nintendo, and the CIA websites.
Despite some of its very serious and established opponents, LulzSec has time and time again affirmed it’s “in it for the lulz.” The group has also been extremely communicative with the public via its Twitter feed and even a phone request line, where it will take suggestions for hacks. The group has more of a prankster air to it then serious freedom defender, although its beliefs seem to align with Anonymous’. LulzSec has taking to mocking its victims more openly and in a more lighthearted tone than Anonymous has, though, giving it an entirely different reputation than its more serious counterpart.
Anonymous vs. LulzSec?
There were rumors that Anonymous and LulzSec were opponents. After a series of DDoS attacks that slowed down various online games because of malicious traffic, some frustrated 4chan users decided to begin their own DDoS retaliation against LulzSec. The group then used its massively popular Twitter account to attack 4chan, which Anonymous took as a personal affront. By later that day, however, both had denied such a rivalry, and the two have since united for Operation Anti-Security to expose faulty handling of user data.
Web Ninjas vs. Anonymous and LulzSec
It’s a good thing Anonymous and LulzSec teamed up when they did, because Web Ninjas has its eye on them. It’s rumored Web Ninjas is the home of Th3J35t3r, who took down WikiLeaks shortly after it posted its stash of confidential diplomatic cables in fall 2010. Whether or not he’s a part of the coalition, the group insists it’s working for a “safer and peaceful Internet for everyone, not some bunch of kids threatening [the] Web and trying to own it for LULZ or in the name of publicity or financial gain or anti-government agenda.” The group released a large amount of information about the alleged identities of LulzSec hackers, including their whereabouts. LulzSec has denied the seriousness and truth behind these revelations, but an associate of the group was arrested today. LulzSec downplayed the amount of his involvement in the group, saying he is largely inconsequential to their operations. LulzSec also released the information of someone they believe attempted to out them.
Idahc
Residing (purportedly) outside this interwoven ring of hackers is Idahc. The Lebanese hacker is reportedly an 18-year-old computer science student and runs a one-man operation seemingly focused on Sony and Sony alone. He personally has moral issues with Sony, particularly for its treatment of George "GeoHot" Hotz and has said “If you want ethics, go cry to Anonymous. True lulz fans, stay tuned in.” He is thought to be behind many if not all of the hacks to various Sony Web properties. Idahc calls himself a grey hat focused on exposing the insecurity of Sony user accounts.
 
Despite their claims of independence and purported ethical intentions, the very nature of the groups inspires distrust. And it's difficult to admit that with the apprehension toward supporting what are legally cyber-criminals, comes some sort of interest mixed with understanding: Whether or not you agree with all of their ploys, combating oppressive regimes and censorship while also exposing the careless liberties large corporations is difficult to oppose. Of course if you're one of the many who's had their email and password plastered all over PasteBin recently, you might feel otherwise.

Read more