Sunday, April 8, 2012

Anonymous hacks Panda Security in response to LulzSec arrests

http://www.zdnet.com/blog/security/anonymous-hacks-panda-security-in-response-to-lulzsec-arrests/10542?tag=content;siu-container
Anonymous hacks Panda Security in response to LulzSec arrests

By  | March 6, 2012, 10:52pm PST
Summary: Anonymous has retaliated against the arrests of five LulzSec members. The hacktivist group has defaced multiple Panda Security domains as well as stolen the e-mail credentials of 114 employees.
The hacktivist group Anonymous has attacked security firm Panda Security shortly afterauthorities today arrested five men part of Lulz Security (LulzSec), another hacktivist group loosely associated with the former. 28-year-old Hector Xavier Monsegur (Sabu), the leader of LulzSec, allegedly informed U.S. law enforcement of his fellow comrades’ names: Ryan Ackroyd (Kayla), Jake Davis (Topiary), Darren Martyn (pwnsauce), Donncha O’Cearrbhail (palladium), and Jeremy Hammond (Anarchaos).
Now, Anonymous has stolen the account credentials (e-mail address and passwords) of 114 employees working at Panda Security, and posted them online for everyone to see. Internal server details were also revealed. Lastly, they defaced more than two dozen subdomains within “pandasecurity.com” and other several domains owned by the security firm by modifying them to show a video recounting some of LulzSec’s hacking highlights from last year. The video is embedded above.
Here is what Anonymous posted in response to today’s events (AntiSec refers to both Anonymous and LulzSec working together):
#ANTISEC IS BACK ONCE AGAIN KNOCKING SNITCHES DOORS CAUSE TRAISON IS SOMETHING WE DONT FORGIVE
YEAH YEAH
WE KNOW…
SABU SNITCHED ON US
AS USUALLY HAPPENS FBI MENACED HIM TO TAKE HIS SONS AWAY
WE UNDERSTAND, BUT WE WERE YOUR FAMILY TOO (REMEMBER WHAT YOU LIKED TO SAY?)
IT’S SAD AND WE CANT IMAGINE HOW IT FEELS HAVING TO LOOK AT THE MIRROR EACH MORNING
AND SEE THERE THE GUY WHO SHOPPED THEIR FRIENDS TO POLICE.
ANYWAY…
LOVE TO LULZSEC / ANTISEC FALLEN FRIENDS
THOSE WHO TRULY BELIEVED WE COULD MAKE A DIFFERENCE
LOVE TO THOSE BUSTED ANONS, FRIENDS WHO ARE FIGHTING FOR THEIR OWN FREEDOM NOW
LOVE TO THOSE WHO FIGHTED FOR THEIR FREEDOM IN TUNISIA, EGYPT, LIBYA
SYRIA, BAHRAIN, YEMEN, IRAN, ETC AND ETC AND ETC
LOVE TO THOSE WHO FIGHTED FOR FREEDOM OF SPEECH, FOR A REAL DEMOCRACY,
FOR A GOVT FREE OF CORRUPTION,
FOR A FREE WORLD WHERE WE ARE ABLE TO SHARE OUR KNOWLEDGE FREELY
LOVE TO THOSE WHO FIGHT FOR SOMETHING THEY BELIEVE IN
WE ARE ANTISEC
WE LL FIGHT TILL THE END
TO FBI AND OTHER SHITS
COME AT US BROS
WE ARE WAITING FOR YOU
Visit the Sexy AntiSec Embassy: [Tor] http://ibhg35kgdvnb7jvw.onion/
Follow the Antisec Crew: https://twitter.com/AnonymousIRC
Chat: irc.anonops.li #antisec
Here is what AnonymousIRC posted on Twitter in regards to the attack:
http://pandalabs.pandasecurity.com OWNED HARD by #AntiSec - Reason:Snitching on Anons for Money #Anonymous #OWS #AntiVirusBackdoored #ROOTED
http://cybercrime.pandasecurity.com OWNED HARD by #AntiSec - Reason:Snitching on Anons for Money #Anonymous #OWS #AntiVirusBackdoored #ROOTED
http://cloudprotection.pandasecurity.com OWNED HARD by #AntiSec - Reason:Snitching on Anons for Money #Anonymous #OWS #AntiVirusBackdoored #ROOTED
Ohai Pandalabs and FBI. Whose head was cut off? We forgot. http://pandalabs.pandasecurity.com/ #AntiSec #Anonymous Expect us.
ALL YOUR BASE ARE BELONG TO US #Anonymous #AntiSec #LulzSec
For the history books: https://pastebin.com/LM9vdNWy | FBI, you think now you don’t need to expect us anymore? You’ve angered some retired pirates.
http://pandalabs.pandasecurity.com oh shit. they’re still locked out from their own servers… #Anonymous #LulzSec #OWS #IfUAskForLulzLulzWillFindU
#LulzSec advices Panda AntiVirus users to get rid of it. Reason:injected shellcode #Anonymous #AntiSec #OWS #FrontalCockCrash
PandaSecurity:’Where is the lulz now?’ #LulzSec:’here http://cybercrime.pandasecurity.com/ ‘ #Anonymous #BrutalButtRaeping #OWS #AntiSec
Here are all the URLs that were hacked:
cybercrime.pandasecurity.com
antivirus-offers.pandasecurity.com
blog.cloudantivirus.com
cloudofficeprotection.pandasecurity.com
cloud.pandasecurity.com
cloudpartnercenter.pandasecurity.com
cloudprotectionbeta.pandasecurity.com.tar.gz
cloudprotection.pandasecurity.com
facebookfriends.pandasecurity.com
forgetsecurity.co.uk
forgetsecurity.co.za
forgetsecurity.es
go.pandasecurity.com
info.pandasecurity.com
information.pandasecurity.com
lavuelta.pandasecurity.com
maintenance.pandasecurity.com
momentos.pandasecurity.com
ondersteuning.pandasecurity.com
pandacompetition.pandasecurity.com
pandalabs.pandasecurity.com
prensa.pandasecurity.com
press.pandasecurity.com
promo.pandasecurity.com
protectyourfamily.pandasecurity.com
research.pandasecurity.com
securitytothecloud.pandasecurity.com
serviciospro.pandasecurity.com
servicos.pandasecurity.com
suporte.pandasecurity.com
techcenter.pandasecurity.com
uninstall.cloudantivirus.com
wiki.cloudantivirus.com
www.cnccs.es
www.forgetsecurity.de
www.forgetsecurity.se
Luis Corrons, PandaLabs Technical Director, was singled out by the hackers for praising the arrests in a blog post earlier today. It was titled “Where is the lulz now?” Anonymous included links to his personal bloghis Facebook profilehis Twitter profile, and his Google+ profile.
Here is what Anonymous wrote:
hello friends!
pandasecurity.com, better known for its shitty ANTIVIRUS WE HAVE BACKDOORED, has earning money working with Law Enforcement to lurk and snitch on anonymous activists. they helped to jail 25 anonymous in different countries and they were actively participating in our IRC channels trying to dox many others. Aside how clueless they are and how disgusting they look sucking police tiny dicks and even how much fun we got when they are trying to sell IT security services xD that only helps to endanger people even more; they contribute to bring activist to jail. activists, not even hackers. common people who are trying desperately to denounce the injustices happening on their countries right now.
we should just say:
yep we know about you.
how does it feels being the spied one?
eat cock now.
Where is the lulz now?
Really good news. I have just read that LulzSec members have been arrested and that their main head Sabu has been working as an informant for the FBI. It turns out he was arrested last year, and since then he has been working with Law Enforcement.
As I said, really good news :)
Will this mean the end of Anonymous? No. It will mean the end of LulzSec, but Anonymous existed before LulzSec and will continue existing. However we probably won’t see any more hacks as the ones LulzSec had been perpetrating, and Anonymous will only use their known childish tactic of DDoS using their LOIC tool.
Posted on 03/6/12 by Luis Corrons
LOL HE ASKED FOR THE LULZ!!!!
HERE IT IS THE LULZ
“Another problem is that sometimes if you want to infiltrate and you have to be one of the criminals, you have to do things that you shouldn’t. In that case, you need to be with law enforcement. We have to find ways to cooperate even better with law enforcement.”
says Luis Corrons, research director of PandaLabs.
In short, Anonymous is accusing Panda Security of aiding law enforcement. Corrons denies the claims. Here is what he said on Twitter:
This is going to be a funny night #lulztojail :)
We have our team taking a look into the defacement right now. And investigations to catch criminals are always fun ;)
this has just happend a few minutes ago, so we are still investigating, it will take some time.
all the allegations they make are fake, no surprise at all on that :)
Even though we have not helped LE to bring to jail any lulzsec member, I would have loved to be involved in that.
Panda Security has followed up with an official statement on Facebook:
On March 6th the hacking group LulzSec, part of Anonymous, obtained access to a Panda Security webserver hosted outside of the Panda Security internal network. This server was used only for marketing campaigns and to host some of the company’s blogs. Neither the main website www.pandasecurity.com nor www.cloudantivirus.com were affected in the attack. The attack did not breach Panda Security’s internal network and neither source code, update servers nor customer data was accessed. The only information accessed was related to marketing campaigns such as landing pages and some obsolete credentials, including supposed credentials for employees that have not been working at Panda for over five years.
We continue investigating the cause of the intrusion and will provide more details as soon as they become available. Meanwhile we assure all our customers and partners that none of their information has been compromised and that our products and services continue functioning as normal.
You can read everything Anonymous wrote for yourself over on Pastebin.
See also:
at

No comments:

Post a Comment