Archive for the ‘Lulz’ Category
Hey, You Up… For A Dick In Your Eye?
As the incident is still in the news cycle with ever increasingly bated breath headlines about the danger of a hack like this alleged one that happened to Bezos, I just felt compelled to chime in here. This “hack” was maybe carried out by MBS, maybe not, there is no evidence to prove either case because Bezos made some poor choices as to who to go to on the forensics and investigation. The FTI report was an incomplete and incompetently investigated incident and as such the only evidence that we have is the circumstantial evidence that MBS’ alleged phone number was used to send a video file with a potential piece of malware that may have owned his phone. That’s all we really have as evidence goes with or without an uptick in data use on the phone after the message. It is all made worse by the fact that FTI could not tell where the data was going and had no definitive sites that were known bad to show that exfil of data was happening in the way they were claiming.
Now I see Facebook and Apple are going back and forth pointing fingers on who’s fault the hack was (Whatsapp or iOS) which is more outright fuckery and pointless yammering in my opinion, first you get the proof of concept that a thing actually happened and how, then you can start the blame game on operating system issues or application vulnerabilities. In any case, here is my take on this whole thing…
Was Bezos phone hacked? —-> Maybe
Was it MBS and his technical services that may have done it? —–> Maybe
Can a hack happen like this with Whatsapp and an encrypted payload on an iOS device that maybe has a self destruct and hiding capabilities? —-> Possible, sure.
Were perhaps other sources and methods used by the adversary and that is what gave them the intel they needed in this incident outside of a hack? —-> Possible, sure.
Since we lack any hard evidence of an actual hack and exfiltration of data on Jeff’s phone, let’s posit another way this could have gone…
1) Jeff is busy pissing off MBS with coverage over Jashoggi (deservedly so mind you)
2) Jeff is having a secret relationship with a woman outside of his marriage and it isn’t as secret as he thinks…
3) Jeff’s new friend, for some reason, sends texts from Jeff she has to her brother and he sells that information and pictures to the National Enquirer for $200K
4) Jeff’s indiscretions makes it to MBS through alternate sources and methods and since they have exchanged phone numbers, and is in the middle of the Kashoggi thing, starts sending him texts alluding to the fact he knows about the affair and perhaps other things.
5) Jeff whigs and his phone goes to the shitty security services he has and, well we know the rest.
All of this is just as plausible and just as circumstantial in evidence as the FTI report on the alleged hack. In both cases it is easy to see MBS sticking his dick in Jeff’s eye and doing so to make a point. Was this an epic hack and a national threat?
Yeah, no.
So everyone needs to just stop with all these breathless reports. Jeff needs to stop doing stupid shit and perhaps really be concerned about who he chooses to have affairs with as a multi billionaire and all. MBS probably was at the root of these events in either case but I can’t say for sure because ya know, evidence and shit.
Which is the standard here right?
K.
Trump Hotels Dot Com: Malware C2 In 2014
Credit CNN
TURNIP HACKED!
Remember when the news media was told by Brian Krebs that Turnip’s hotels had been hacked and their credit card data has been stolen? Well there is more to the very little story that made the press after Krebs dropped a dime on them. In looking around the ThreatCrowd today I decided to take a look at the Turnip brand and, well, they have over three thousand domains but a couple jumped out on the searches due to their being connections in some malware back in April of 2014. This coincides with the hack time frame according to the stories I have seen including the one by CNN above where not much is said by Trump nor the FBI or USSS because they were looking into it and that Turnip was a candidate for president. Given that no one has really said anything about this hack post Krebs I have to wonder just how deep these guys got in and what actor group it may have been. If it was straight up carding was it Rescator? Some other Eastern Block group? If it was Russian then, well, you know how they like to dual use these hacks right?
Well, the malware in this case was programmed to attempt to connect with the hotel psmtp server as well as the main domain. This means that they were compromised enough to used as a C2 or perhaps it was just garbage traffic as as been seen in the past with some malware creators. The real kicker is that this malware was doing it’s thing in the same time frame that the hack was alleged to have happened, so I have to think that the case here is that they did in fact use them as a C2 as well, or another actor did piggybacking on the other hacking going on.
Maybe Turnip’s security just sucked? Oh well, as you can see from the maps below they were pretty busy. The best thing for me though was the name of the file that the malware was propagating by.
(scroll down but don’t be drinking anything hot FAIR WARNING)
Maltego of psmtp server at Turnip Hotels
Trumphotels.com Domain ThreatCrowd
Trumphotels.com.s9a1.psmtp.com ThreatCrowd
Money shot of the malware that has trumphotels in the C2 list
Oh, and Turnip loves him Godaddy, the Mos Eisley of domain registries and server farms.
The Malware:
So that malware that had the Turnip hotel as a C2? Yeah, it was in the guise of a file called SHEMALE_MOVIE_83.MPEG.EXE I shit you not! So GoldShower’s systems were being used to pimp malware that went under the name of SHEMALE_MOVIE_83.MPEG.EXE
BAAAAAAAAHAHAHAHAHAHAHAHAHAHAHAHAAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAAHAHAHAHAHAAH!
SHEMALE_MOVIE_83.MPEG.EXE
I do love the schadenfreude here. Evidently it was a trojan that harvested creds, listened to all traffic, and manipulated the SMTP on the system as well. I have to wonder who at Turnip Hotels may have gotten an email with this file and clicked on it. I also have to wonder if they were acutally mailing this shit out from Turnip central as they had connections to the PSMTP server as well. Say, any of you get any dirty email from Turnip back in 2014 or 2015?
As I write I have this grin on my face…
Enjoy the schadenfreude kids!
K.
IOC’s
https://www.threatcrowd.org/searchTwo.php?data=trump
https://www.threatcrowd.org/domain.php?domain=trumphotels.com.s9a1.psmtp.com
https://www.threatcrowd.org/malware.php?md5=833009a54c295a72ad64ab0941f482fe
https://malwr.com/analysis/YTY4NTM5YWY5NDNjNDAwYjkyNWNmMjQwM2RmMjAwYTE/
4/25/2014
https://www.threatcrowd.org/listMalware.php?antivirus=BackDoor.SlymENT.1498
https://www.threatcrowd.org/ip.php?ip=202.71.129.187
https://www.threatcrowd.org/domain.php?domain=email.cz
https://www.threatcrowd.org/ip.php?ip=72.29.227.205
https://www.threatcrowd.org/domain.php?domain=trumphotels.com
https://malwr.com/analysis/YTY4NTM5YWY5NDNjNDAwYjkyNWNmMjQwM2RmMjAwYTE/
https://www.threatcrowd.org/listMalware.php?antivirus=BackDoor.SlymENT.1498
BofA Gets A Burn Notice
rode bb iqdnpmbia fpn’k ybi lr qektrf?
PARANOIA
par·a·noi·a
[par-uh-noi-uh]
noun1.Psychiatry. a mental disorder characterized by systematized delusions and the projection of personalconflicts, which are ascribed to the supposed hostility of others, sometimes progressing todisturbances of consciousness and aggressive acts believed to be performed in self-defense or as a mission.2.baseless or excessive suspicion of the motives of others.Also, par·a·noe·a [par-uh-nee-uh] Show IPA .Origin:
1805–15; < Neo-Latin < Greek paránoia madness. See para-, nous, -ia
Paranoia , the Anonymous intelligence division (self described) published a dump of data ostensibly taken from Bank of America and TEK Systems last week. The information presented seems to show that BofA had contracted with TEK to create an ad hoc “Threat Intelligence” unit around the time of the LulzSec debacle. Of course since the compromise of HB Gary Federal and the revelations that BofA had been pitched by them to do some contract work in the disinformation business it only makes sense that BofA would set up a threat intel unit. The information from the HB Gary dumps seemed to allude to the fact that BofA was actively looking to carry out such plans against those they perceived as threats. Anons out there took great umbrage and thus BofA was concerned.
This blog post is being put together to analyze the data dumped by Anonymous and to give some perspective on what BofA may have been up to and to set some things straight on the meanings of the data presented by Paranoia. First off though I would like to just say that I think that generally BofA was being handed lackluster threat intel by a group of people with intelligence background. (for those names located in the dumps their LinkedIN pages showed former mil intel work) This of course is an opinion formed solely from the content that was available online. There may have been much more context in formal reports that may have been generated by the analysts elsewhere that was not open for the taking where Anon found this dump. The daily and monthly reports found in the database showed some analysis but generally gave rough OSINT reports from online chat logs, news reports, and pastebin postings. There seemed to be a general lack of product here and as such I have to wonder if there ever was or if perhaps those reports never made it to the internet accessible server that anonymous downloaded them from.
B of A’s THREAT INTELLIGENCE TEAM
Since the leak of their threat intelligence BofA has been recruiting for a real team it seems. A Google of the parameters show that they have a bunch of openings all over the place for “Threat Assessment” It makes sense since the TEK Systems team may in fact be mostly defunct but also that they likely would want an in house group and not have to pay overhead on consultants to do the work for them. TEK’s crew as well may have been the problem that caused the leak in the first place by placing the data in an accessible area of a web-server or having passed the data to someone who did not take care of it. Either way it looks as though BofA is seeking to create their own intelligence apparatus much as many other corporate entities are today. The big difference though is what exactly is their directive as a group is to be.
One of the problems I have with the Paranoia analysis is that they take it to the conspiratorial level and make it out to be some pseudo CIA like entity. The reality though is that from what has been shown in the documents provided, that this group really was only tasked with OSINT and threat intelligence by passive listening. This is a key difference from disinformation operations and active participation or recruiting of assets. I will cover this in more detail further on in this post so suffice to say that what BofA was doing here was not only mediocre but also not Machiavellian in nature. The argument can be made though that we don’t know the whole picture and I am sure Paranoia and Anonymous are leaning that way. I cannot with what I have seen so far. What I see is an ad hoc group of contractors trying to create an intelligence wing as a defensive maneuver to try and stay ahead of incidents if not deal with them more effectively should they not be able to stop them.
Nothing more.. Nothing less.
Threat Intelligence vs. Analysis and Product
All of this talk though should be based on a good understanding of what intelligence gathering really is. There are many variations on intelligence tasks and in this case what is clearly seen in the emails and documents is that this group was designated as a “Threat Intelligence” collection group. I have written in the past about “Threat Intelligence” and the misnomer many have on the idea that it is some arcane CIA like pursuit. One of the bigger problems overall is perception and reporting where intelligence gathering is concerned. Basically in today’s parlance much of the threat intelligence out there in INFOSEC is more around malware variants, their C&C’s and perhaps who are running them. With the advent of APT actors as well as criminal activity and entities like Anonymous the paradigm of threat intelligence has come full circle back to the old school idea of what it is from the military sphere of operations.
Today’s threat intelligence is not only technical but also human action driven and this makes it even more important to carry out the collection and analysis properly in order to provide your client with the information to make their decisions with. Unfortunately in the case of the data from BofA we see only sketchy outlines of what is being pasted online, what may be being said in IRC sessions, and what is in the news. Nothing overly direct came from any of the data that I saw and as “product” I would not be able to make much of any decisions from what was presented by TEK Systems people. What is really missing within the dump from Paranoia was any kind of finished analysis product tying together the information in a cogent way for the executives at BofA. Did TEK actually carry this type of activity out? Were there actual reports that the execs were reading that would help in understanding the contents of the raw intelligence that was being passed on in emails daily and monthly? I cannot say for sure. What I did see in the reporting (daily threat reports as well as monthly) were some ancillary comments by a few of the analysts but nothing overly structured or productive. I really would like to know if they had more of an apparatus going on here as well as if they plan on creating one again with all of the advertised positions in that Google search above.
Threat Intelligence vs. HUMINT
This brings me to the whole issue of Threat Intel vs. HUMINT. It would seem that Paranoia thinks that there is much more than meets the eye within the dump that makes them intone that there is a HUMINT (Human Intelligence) portion to the BofA program. While there may well be some of that going on it was not evident from any of the documents I looked at within the dump files. HUMINT would imply that there are active participants of the program out there interacting with the targets trying to recruit them or elicit information from them. With that kind of activity comes all of the things one might conjure up in their heads when they think on NOC (Non Operational Cover) officers in the CIA trying to harvest intelligence from sources (assets) in the field. From everything seen that was posted by Paranoia this is not the case.This operation was completely passive and just collecting data that was in public view aka OSINT. (Open Source Intelligence) Could BofA be seeking to interact more with Anon’s and generate more personal data other than that which the Anon’s posted about each other (DOX’ing) sure but there is no evidence of that. Given the revelations with HB Gary though I can see why the Anon’s might be thinking that they are likely taking more robust non passive actions in the background elsewhere though. Overall I just want everyone to understand that it’s not all cloak and dagger here and seems that Paranoia has a flair for the dramatic as a means to get their point across. Or, perhaps they are just living up to their name.
Assessment
My assessment in a nutshell here of the Paranoia BofA Drop is as follows:
- Paranoia found some interesting documentation but no smoking gun
- TEK systems did a mediocre job at Threat Intelligence with the caveat that I am only working with the documents in plain view today
- BofA like any other company today has the right to carry out this type of activity but they need to make sure that it’s done well and that it isn’t leaked like this
- If more documents come out showing a more in depth look at the OSINT being collected then perhaps we can change the above findings
- BofA needs to classify their data and protect it better on this front
- Paranoia needs to not let its name get the best of itself
All the drama aside this was a ho hum really. It was funny seeing all the analysts taking down their LinkedIN pages (really, how sekret squirrel is it to have a LI page saying who you work for doing this kind of work anyway? SECOPS anyone?) I consider those players quite burned and assume they are no longer working on this contract because of it. All you analysts out there named, you are now targets and you are probably learning SECOPS the hard way huh? I guess in the end this will all just be another short chapter in Encyclopedia Dramatica and an object lesson for BofA and maybe TEK Systems.
For everyone else.. It’s just LULZ.
K.
Sabu, The Latter Day Joey Pardella… Oh There Will Be Lulz!
HACK THE PLANET!
So, it seems that irony is playing a sweet sweet role in the story of LulzSec and it’s titular leader Hector Xavier Monsegur (aka Sabu) As the press is now digging into his past and finding all the fidly bits about him, they happened to have turned up a big surprise for me. That surprise came in the form of the fact that Hector actually attended Stuyvesant High in NYC. Now some of you might say; “So what?” My response to that would be “That is the very same high school that they filmed the cult hacker hit “Hackers” back in 1995.
*smirk*
Yep, for all of you in the know, I can see the wheels turning now. He attended the school that no doubt he revisited on the DVD daily as he watched and took notes from that silly film. I mean, after all, look at LulzSec and the Anon movement’s sentiment as a whole, it kinda fits doesn’t it? I mean, c’mon, the guy thought he was Lord Nikon or maybe, dare he even consider it, Zer0 C00l!
Good lord.
Now, I cannot directly link al of this to his attending the school nor can I say that he did indeed have the film on DVD in his apartment at the time of the raid, but, it is rather coincidental that he self styles his whole campaign against Feds and had all of the rhetoric of a sophomoric school kid right? Heh, overall I just find it too ironic that he was a student there and graduated in 2001. A fact that only Weld Pond really tweeted about, the news seems to have lost this in the mix.
So, for me, instead of #FFF (Fuck FBI Fridays) I can see him at his console, in the spinning phone booth, yelling “HACK THE PLANET” with all his legions of hackers while popping sites for their credit card numbers. Credit cards that he needed to buy more car engines for his three cars. All of this I think just bespeaks the lack of comprehension on the greater part of Lulz and Anonymous when carrying out such attacks as a means to get back at the man.
This is life.. Not a movie.
So, Was The Garbage File Worth It?
Now that the records are being written about and documents unsealed, we are seeing just what happened inside the secret world of Sabu and Lulz. It turns out that the true believers were the ones doing much of the work and Sabu, was lining his pockets with proceeds from these and other hacks he had done over the years. So much for social change and inequality huh? So far stories have come out that he was a politically minded hacker (hactivist) as he says he was because of things like the bombing of Vieques island by the Navy (it was a range at the time) thus he has been painted as such. However, the real picture comes into focus now that we are seeing the stories about his living in the Jacob Riis housing project, not holding a job, and partying all the time.
Others, like Jeremy Hammond, seem to be the altruists of the bunch and really drank the Kool-Aide on this whole “fight the man” thing. Jeremy it seems had been in trouble before over such actions and in fact had a criminal history of hacking already. His ideals however were not about gain. He is the one who was donating money to all of the charities with Stratfor’s customer credit cards. Had it been Sabu, I think he would have ordered up some more car engines and perhaps other things for himself and his extended family.
I suspect that it was in fact Hammond who posted the Oncoming Insurrection document on the Stratfor site when he hacked it and this was his way of telegraphing exactly what his thoughts were on the status of society. It seems that Hammo is a troubled boy. Overall, this hack and the manifesto became the red herring for me, sure there was an undercurrent of this thought within the whole of the LulzSec group’s movement, but, the realities are turning out to be that some weak minded individuals were lead even further astray by a narcissist with a God complex *wink wink back to Hackers* Say, you suppose his password was God?
As to my titled question, I suspect that the garbage file was indeed not worth it. You see, as time passes the memories of Sabu being a great leader will die as will the names of Hammond and others who have been taken in. They will all languish in jail without the fanfare and shouts of “Free <insert name here> unlike those of the Mitnick years where Kevin was held without trial and pretty unjustly for the alleged crimes at the time. In these cases, they did the crimes, they knew full well they were crimes, and they made the mistake of trusting Sabu to be their leader in a war against.. Well.. Nothing.
They did it all for Sabu’s satisfaction really. Sure, they say they did it to strike a blow against the federal entities taking away our rights blah blah blah.. But the reality is that they all were lead to this by Sabu.
The guy with the three car engines, and string of identity theft cases against him.
Life Imitating Art?
Ok, so back to the “Hackers” thing. Am I the only one seeing this? I would also throw out there the idea that too many of these kids have watched “V For Vendetta” one too many times as well. All of them seem to be looking for some sort of banner or identity to fall under where these movements are concerned. In hackers we had the evil hacker and his pawns the stupid Feds jamming up the innocent hackers. The blaming of the hackers by the bad hacker (plague) and the Secret Service seem to be a theme here as well. Well, not so much the evil hacker angle but more the attitude that the Feds are just bad buffoon characters who need to be put in their place.
In the case of the V for Vendetta crowd, they believe that the collective governments of the world are just despotic regimes seeking to destroy anyone who dissents. Which, ok, lately there have been troubling things in the US government happening, but really, as yet, no one was being put into secret work farms and used as test patients for some super secret germ program now were they? At least not here in the states as far as I know, but sure it’s possible in some despotic regimes like in Syria etc. This however was not the way Sabu would have had you believe. He was full on in rhetoric that the man had to be stopped because they (the feds) were oppressors.
Over all though, I just cannot fathom that these guys all thought they could just poke the badger like this and not get caught. But then again, Sabu, as was written about in a recent article, when questioned about being AnonymouSabu, said “I don’t even have a computer” to the feds… The feds who were standing there looking over his shoulder at a cable modem blinking away as it transferred data!
Duh.
Perhaps these guys just didn’t get it? Hey kids, this isn’t a movie. When you guys are sent to jail you will be someone’s play thing. It’s more like Oz than it is Hackers kids.
Stupid Mistakes and A Complete Lack of OPSEC
Another thing that has been bugging me about the media coverage on Sabu’s take down and the roll up of the others is that they keep saying he was a “Hacking Genius” Holy WTF? Really? Obviously these people did not talk to the rest of the community because Sabu made some HUGE mistakes in his Operation Security (OPSEC) It is pretty much obvious as well because the Feds had his name in February, pre BacktraceSec’s posting the info on the web from a story in the NYT tonight, so, someone either turned right quick on him or they just followed the large breadcrumbs.
Sabu also made it easy to find out who he was by making other mistakes like logging into an IRC server with his own IP address. He must have been on the weed at the time or drunk, or maybe just distracted because he forgot the one golden rule of this game. “Always use TOR” So, he logged in and voila he had given anyone the information needed to track him to his address. This meaning really that the Feds would have had an easy time of getting a warrant and getting his address. This would have been the nail in the coffin really as evidence goes tying him to the IRC and his being Sabu.
Another big mistake Sabu made was using his own address to have those car engines delivered to him. Who else would buy stuff with somone else’s credit cards and then have the stuff shipped to their home address? That is a complete N00B move! Joey Pardella would be proud Hector! Didn’t you learn anything from “Hackers” at all? You just don’t do that shit. As they said in the movie “Universally stupid man” No wonder you got caught and turned so quickly.
So, once again dear news media, Sabu was not a genius. He was in fact just like you and did not do his homework.
No CxO’s You Should NOT Relax
While I am on the media train, let me also say that the media should re-iterate that the Lulzy types are not all gone. Right after the roll up there were at least two hacks that have happened since. Both of the hacks were motivated by Anonymous and LulzSec motivations and should tell the world that they aren’t dead. So all of you C levels out there breathing a sigh of relief over this and thinking you are all good to go should back up a bit.
You aren’t safe.
Just because they rolled up these dimwits does not mean that there won’t be a bunch more of them in the wings waiting on a chance to make their mark. I think of course there will be a lul in the activities, but, they will start up again once they have re-grouped. Paranoia will be the fear du jour for now, but soon enough they will become brazen again and start attacking things once more. I should think that we will be lucky if this all waits until the summer when the kids are home from college though. See, that;s also when the trials will be starting as well.
Imagine it.. Kids with nothing better to do but hack away their summer vacations. Oh, there will likely be lulz again. They will just be without a leader.
In the interim, lets sit back and watch as more raids happen..
Lulz indeed.
K.
So Long and Thanks For All The Lulz…
Anonymous Begets LulzSec, and LulzSec Begets AntiSec
Once upon a time, a group of pranksters decided to play games online and in the real world. They started it all for the “lulz” and lulz they did have, they poked some seriously tweaked individuals in the eye and thus a movement was born. Along they went pranking and lulzing until one day, a new group came along, and their lulz were a bit more dark in nature. This new faction was named LulzSec and they thought that lulz should be had at the expense of government and anyone they could mess with. The LulzSec crew soon began hacking anything they could get their hands on and posting all of their exploits on Twitter and Pastebin. With each passing hack and dump, they became more and more enamored with the attention… Until one day even the lulz of LulzSec just weren’t enough to sate their thirst for attention…
Thus AntiSec was born.
The AntiSec’s redoubled their efforts for poking “The Man” in the eye and became more and more manic in their attacks as well as their peculiar love of piratical language. Soon they were attacking anything and anyone *cough, low hanging fruit cough* that they saw as an enemy. For months they “sailed the digital seas” stealing and defacing their way into infamy. All the while though, they failed to understand that they all were about to be sent to Davey Jones Locker! For one of their ranks was in fact a spy…And so one day they all found themselves cuffed, stuffed, and on the hood of a car.
It was then, that they all realized the lulz ultimately were on them.
LulzSec and AntiSec: Not So Leaderless, Not So Headless
I seem to remember saying a few things in the past about how LulzSec, Antisec and Anonymous were really not so leaderless or headless. It turns out at least in the case (thus far) of Lulz/AntiSec that I was right. Of course this was not a stunning or blindingly hard observation to make. With Sabu being the mouthpiece and chats on IRC being available, one could easily see that there was a structure here. A pecking order and a chain of command was clear, but just who were the real names and faces behind the screen names and IP addresses? This was the missing piece of the puzzle to many, including the FBI and other LEA’s out there looking for them… Well for a little while that is as it turns out.
As Sabu and his pals got more and more brazen, they became increasingly more open to hubris’ effects and eventually this did them in.. With a little help from their leader “Sabu” aka Hector Xavier Monsegur, the group eventually found themselves under indictment for their crimes. I guess the big game of follow the leader was a bad idea after all for them and am sure tonight they regret it.. But this is the problem when you have an allegedly “leaderless” group out there committing crimes for the lulz of it all right?
Simon says stand up!
Simon says sit down!
Simon says hack the CIA!
Simon says YOU’RE BUSTED!
Sabu and Stupid Mistakes That Haunted Him
But seriously folks… It turns out that the “genius hackers”, led by “Sabu” weren’t so genius after all. Xavier’s data had been floating around the internet for some time and was brought to light by BacktraceSec in March of 2011. Data mind you, that Xavier had not counted on as being out there and able to point people to him as “Sabu” Xavier was sorely mistaken and the clincher, from the reports out now from the FBI, was that he logged onto Anonymous’ IRC with his real IP address.
It just takes once to be party van’d kids.
The data connections between his screen name, his real name, and other data around domains he owned etc, was circumstantial until he made the one mistake that was the smoking gun and led to his arrest it seems. Everyone makes mistakes, but Sabu made more than his share and now they are coming out in the news cycle for all the other kiddies to see. Of course, these were only some of the mistakes that he made. One of the biggest mistakes was to allow his ego to drive the bus here. Sabu it seems not only was a bit crazy, he was also a narcissist, and loved the attention being lavished on him by his followers. Ego like his and the successes he enjoyed while sticking it to the man made it all the easier for him to make some massive mistakes that eventually led to his own demise. You know, like buying three car engines using someone’s credit cards and having them shipped to his address or maybe trying to tell NYPD that he was in fact an FBI agent.
DOH!
It seems that his pathology was his undoing…
WTF Were They Thinking?
Overall, I personally just can’t seem to get into the heads of the Lulzy bunch. Perhaps its just that I am an old man, maybe its because my parents actually raised me and just didn’t sit me in front of a TV or a computer as a babysitter. Well for that matter maybe I was breast fed and they were not, who’s to know? Many times I have tried to put myself into their heads and see why there were doing it all and where they might go next all to no avail. I guess I finally resigned myself to the idea that they were just nihilists or anarchists, but mostly, I just thought that they were maladjusted teens and twenty somethings acting out.
It turns out though, that in the case of the pied piper “Sabu” it was all about the bling lifestyle of not working for a living and fleecing others to buy car engines and pay bills as well as self aggrandizement in the online world. Oddly enough, from what has been reported thus far, I believe that it was only Sabu who was on the take, the others certainly stole money, but, they did not do so for personal gain (maybe I’m wrong on that?)
So what were the others thinking? Were they striking a blow for the people or were they just in it for the lulz? Time will tell as the trials move forward I suppose. I guess also, each one of them must be re-assessing their decisions right about now…
Ideas, You Can’t Kill Them.. But They Can Be Like Neutron Bombs and Destroy Your Freedom
If anything, I think that this whole fiasco shows that ideas, may be killed as well as they may kill those who gravitate toward them. Anonymous as a whole seems to be more aligned with making a difference in the world of late. Some may have been fans or in fact players in the AntiSec and LulzSec games, but, generally they all should take heed of the events of the last 24 hours. AntiSec, Sabu, and all of the fallout will damage Anonymous like a neutron bomb, it won’t destroy the buildings but the radiation will kill everything around.
Some ideas are just bad.. And most of the bad ideas are cooked up by morons like Xavier Monsegur.. It turns out that the lulz ultimately are on you Sabu.
K.
Forest for the Trees… And Other Aphorisms for BUY A CLUE
Look It’s A Birdie!
Ok, so everyone is all over this YamaTough extortion/bribery/leakage thing but I have not seen anything really about the elephant in the room. Everyone is all over the fact that the code has been leaked, that a faux Indian twitter acct is boasting all the time about being smarter than everyone, and that Symantec is full of shit trying to catch them/him in an extortion scheme by posting pastebin’s of email encounters by the players.
*blink*
Ummm… So… Yeah, uhhh.. the hack that the code came from was back in 2006 right? So, tell me.. Where has it been lo’ these many years? Who had it? Who hacked Symantec in the first place?
*Anyone?… Anyone?… Bueller?*
Bait and Switch
So Yama had some code that was probably given to him/them by “someone” recently to be used in any way they like. Yama and the skidz then decide to release that data to the world and attempt to shame Symantec (a company btw probably on the AntiSec hit list) and sow FUD about their already quite shitty (trust me) AV systems.
Hrmmmm…
Ok, well, the code is in the open now… OH NOES! But wait… What’s that niggling little voice yelling in the background?
Oh yeah.. SYMANTEC WAS COMPROMISED IN 2006!
So once again, I ask you.. Where has that code been all this time that Symantec had no idea it had been taken? Oh, and also, if they did not know they were hacked in 2006, what makes you all think that the rest of their code over the years has not been in the hands of those who hacked it back in 06?
*Do you see where I am going with this? Think chess here…*
Those who have had access likely were the types to either be nation state.. OR.. Selling the access to nation state actors. Who else would keep this quiet for soooo long huh? I mean all of you out there in the know, do you remember anyone spilling the beans that the source for Symantec was available? Personally, I think that the malware dev’s out there chose the BIGGEST target for AV (and we all know just how popular Symantec is don’t we?) and hacked it discreetly to gain access to code and develop malware that would avoid NAV altogether right?
Hello Mr. Elephant…
Seeing the Trees for the Forest
So, unless the facts are much more convoluted here and that there is a lot of lying going on (well, there is but you know, base facts here) then this stuff has been in the hands of someone.. Someone who probably did naughty things with it (Chairman Meow maybe? or Ol’ Pooty Poot?.. Or.. Ooh Israel perhaps?) Haven’t you all wondered about just how much malware lately seems to be able to switch off NAV altogether? Place itself in the whitelist area?
Yeah…
Meh, maybe it’s just me and my tinfoil hat paranoid tendencies eh?
Say… Isn’t that elephant’s trunk rooting around in Symantecs pocket?
Look at the birdie! Look at the birdie! LOOK AT THE GOD DAMNED BIRDIE!
K.
Handwringing, Moralizing, Anonymous, Paedophilia, and Digital Vigilantism
Preamble:
I recently posted about the Hidden Wiki and its prevalence in hosting paedophilia content. This post may or may not have left an impression on some of the anonymous collective to take action and perhaps sow good will for their group by hacking into the “Lolita City” site within the DarkNet and releasing thousands of users email addresses and personal data (such as it is on such a site) for the Internet to feast upon. The Anon’s are doing this for their own reasons, but the upshot of it all is that they are causing the paedophiles pain in making it hard for them to get their content as well as potentially outing them online as purveyors and consumers of this wretched content.
Since my post applauding them and giving them some direction as to how to become more of an intelligence gathering apparatus for the LEO community, some in the infosec world have come forward and voiced concerns about this line of thought. All of the talk about the morals, legalities, and philosophical aspects of Anonymous undertaking such actions has gotten me thinking quite a bit.It all raises some interesting questions and philosophical challenges.
Anonymous and Digital Vigilantism:
What I think that most people with reservations about Anonymous taking up such operations as the DarkNet op have are that these people are for the most part kids without training and without any kind of oversight. Oversight in that they could get too big for their britches (one could say that many already have) and think that they are invulnerable to attack never mind the respective laws of our society. That said, it would seem that Anonymous, Antisec, and LulzSec have already decided to take up the mantle of vigilante’s already. However, the targets have been, for the most part, varied parties that could be seen as hapless victims or as malefactors, it all depends on the point of view really.
In the case of Scientology, well, aside from religious freedoms (trust me, they are not a religion) generally the Scientologists have been pretty much seen as getting what they deserved. Today though, years later, Anonymous has begun to take on the governments of the world as well as the likes of Paedophiles online. Once again, generally, people see what they want to concerning whether governments are good or bad. Paedophiles though, pretty much are outlawed universally. So, when Anonymous decided to attack, I could not fault them one bit. However, I could perhaps fault their methods.. Only in that they were bound to only let the paedo’s get away in the end.
I have said it before and I will say it again.. “One man’s freedom fighter is another man’s terrorist” It all depends upon your perspective really. While I do not think all of their targets have been chosen wisely, I cannot fault the true believers out th4ere that they are doing something out of conscience and good. This is not to say that a certain element of the movement is in fact just in it for the lulz (i.e. Antisec and LulzSec) There certainly are factions at play who just want to see the world burn as well as garner themselves digital street cred.
Overall though, the term Vigilante denotes a person or persons (committee’s) who dole out justice summarily when the law is seen as ineffective by them. In this case, the Anon’s have taken up the mantle of vigilante in order to rid the DarkNet of paedophile content because law enforcement seems unable to effectively. Now this is also the crux of the issue in another way, as the police generally are not allowed to hack into sites and dump the dirt so to speak.. The Anon’s are unhindered here. Just as they have felt the same way about other operations where they have denied service to corporations (likening it to a digital sit in) they have crossed the line of the law, but, their methods and motivations are free of it… Until they get caught that is.
The essence of the thing is this.. “Don’t do the crime unless you can do the time” If they believe in it strongly and act upon it, then they must accept the risks of being caught and incarcerated. So far, much of the motivation I have seen by a good deal of anon’s has been motivated by convictions and beliefs. All others have been for Lulz, which is what made LulzSec even more of a problem as they just did not care. The current Antisec movement that LulzSec begat also seems to lack the conviction of their beliefs and seems more driven by ego than anything else by their writings.
And this is the difference between the chaotic Joker like actors and the Batman types.
Anonymous vs. PLA, vs. Patriot Hackers:
Pulling back a bit now, I would like to look at the macroscopic view of Vigilante behaviour versus nation state sanctioned or perhaps, a better word for it would be “condoned” actions and groups. I have written in the past about groups like the Honker Union in China as well as the colourful character known as th3j35t3r. both of these entities have had an effect on the collective consciousness concerning digital vigilante justice and I think it important that they form the contextual base for Anonymous’ actions in Operation DarkNet.
First off, ALL of these entities have been doing what they do (Jester DDOS of Jihadi sites and Anonymous, Honker, hacking against the enemies of China, and Anonymous, attacking sceintology, the gov, and paedo’s) with a mind toward doing “good” In the case of Jester, he thinks DDoS-ing jihadi sites out of a patriotic bent that will stop them from communicating. In the case of the Honker Union, they are patriots to their homeland and attack others who would do their country slight or harm. Anonymous though, started out of /b/ … Which really is a band of miscreants for the most part. However, a core group decided to take on the mantle of doing right somewhere down the line and we find swaths of them today supporting Occupy Wall Street and other political agenda’s.
The basic idea here is that they are all motivated by a belief in some greater good.. Mostly. I am sure there are on individual levels, many more motives (ego, greed, ego… the list goes on) but I will just put it to a gross generality that these people want to effect some kind of change.
At least I hope that this is the case…
What is really different though is that in the case of Jester and the Honker Union, they both are condoned if not outright supported efforts by the countries they reside in. In the case of the PLA and the Honker, there is clear connection between the state and their actions. In the case of Jester, there are allegations (made by him) that his is state sponsored.. But, I think more to the point he is condoned. Either way, the Anon’s may indeed be getting some support (moral or other) from state sponsors and not even know it. In the case of Anon, they could just become the tool of another nation state and not know any better.
Which is pretty scary.
All of these entities though, have had a greater or less effect upon the internet these last few years through their online shenanigans via hacking. The secret is this, they are just the first. There will be others to be sure.. The genie is out of the bottle on this one.
Anonymous vs. LulzSec & Antisec:
Conversely, we have LulzSec and Antisec, who both wreaked havoc on the corporations and the police of the world lately. Their reasons for doing so pretty much have been stated as “because we are bored” At the core though, there seems to be a couple of motives here from postings online. One is the afore mentioned Lulz, the other, seems to be a kind of abject hatred of authority and police. In recent hacks on the police though, there seems to be a bent toward supporting the Occupy movement as the police have had some transgressions against them. So.. They hacked the police and dumped all their data to spite them. Frankly, I see no value to this and once again, even if motivated by supporting the movement, it has no real effect on the police other than to make them more angry and reactive against the protesters.
Anonymous on the other hand has had its lulz, but seems to be growing up a bit and maturing. The social conscience of anon has begun to take shape and within it (movement wise) may well be the lasting component that will be its Raison d’être in the end. Time will tell though, and I hope that this is the case more so than just a bunch of malcontent’s seeking attention and excitement.
The Hand Wringing by The Infosec Community At Large:
Alright, back to the hand wringing and the moralizing post the Op DarkNet…
Certain people in the community wrote that while the empathised with what Anon was trying to do with Op DarkNet, they felt that these people were not the folks they would have doing this to start. Most of this comes from the fact that many of the players are not trained investigators and not LEO’s. I can agree with this from the perspective of legal proceedings later on. If Anonymous hacks a server and then dumps data, it could have an effect on the court case from a few perspectives;
- Contamination: The defense could claim that the server was hacked and the data planted
- The data could have indeed been tampered with by anon’s
- The backend of the server/dbase could in fact be shared and all those who share could be swept up in the legalities/implications
- The hack is enough to raise reasonable doubt
So, yes, it could be counter productive to have a vigilante force actually hack a system and report it to law enforcement. However, I would advocate that in the case of Anonymous and the paedo’s at the least, they not just hack and dump data, but instead give that data to law enforcement to start an investigation. For that matter, if Anonymous just located the servers and authenticated (sans hacking) that the content was there, they could in fact just tip off the police.
And this is at least part of what they did with Lolita City in the DarkNet. They tried to locate the server location and this alone could be a great boon for the authorities.
On the other hand, there are moral/ethical objections on the parts of some who think that perhaps letting Anonymous do this type of thing, or even encourage it is setting a bad precedent. To them, Vigilante’s are outside the scope of good behaviour and the law.. They cannot be tolerated. Personally, I think that that is a sanctimonious load of crap, but, that’s just me.
Sometimes when the system cannot function other means need to be taken to effect change. In this case, within a network that is anonymized and the authorities have had little success in catching anyone trading in paedophilia, I see no harm in Anonymous outing them.. Though, I would rather they just passed the intelligence to the LEO’s instead. It is my opinion, that if done correctly, intelligence gathering of this type with a tip off to the police has a better chance at actual arrests and convictions than to just let them go on about their peddling of child pornography.
Just one man’s opinion…
Philosophical and Ethical Stands On Being The Digital Batman:
This is the philosophical and ethical standpoint I take in being the digital Batman. Strict utilitarianism dictates that maximizing overall good is key. In this case and perhaps others, the taking down of the paedophile’s content and capturing their login credentials is enough “good” to allow for the action to be seen as acceptable. This is really the basis of The Batman’s ethics in the comics and ideally, for me on this particular incident with Anonymous.
Now, this does not mean I agree with all of their operations as well as certainly not agreeing with the bulk of the actions carried out by the Antisec movement. However, the perspective is the key I suppose. It’s a slippery slope I admit, but, in this case of OpDarkNet, I agree with the greater good being served in this case.
Here we have the Deontologists like Sam Bowne. Deontology is a nice thing to cling to the ethical rules of a governing system of laws. However, it seems to me, and others here, that this system of laws is not working against these offenders in the hidden wiki. Sure, you could say that the LEO’s have ongoing investigations, but, just how many busts have there been as opposed to the massive amount of content located on the hidden wiki and within i2p, Freenet, and TOR?
So far, I have not seen law enforcement really winning this battle.
Oh well, the Deontologists have their point of view and others have theirs. The key here is that Sammy and others like Packetknife are entitled to their point of view. They are right for themselves, and that is the issue with all philosophy and ethics arguments. Like I said, it’s all about your world view. However, I do not ascribe to a moral absolute unlike someone like Sammy.
There are no right answers. There is only what you are willing to accept for yourself.
Legal Aspects of Digital Vigilantism:
Now, on to the legal aspects here.
The US code on activities related to sexual exploitation of minors alludes to the fact that one has to “knowingly” access such content and to have more than 3 pieces of “content” to be considered guilty of child exploitation/pornography. This of course also alludes to the trafficking thereof etc etc in legalese. Where this is important for the digital Batman is where there are caveats.
(c) Affirmative Defense. - It shall be an affirmative defense to a charge of violating paragraph (4) of subsection (a) that the defendant - (1) possessed less than three matters containing any visual depiction proscribed by that paragraph; and (2) promptly and in good faith, and without retaining or allowing any person, other than a law enforcement agency, to access any visual depiction or copy thereof - (A) took reasonable steps to destroy each such visual depiction; or (B) reported the matter to a law enforcement agency and afforded that agency access to each such visual depiction.
So, as I said before, if you are trying to take one of these sites down, then do turn off your browser’s images capabilities.. Hell, why not just use Lynx for that matter so as to negate the issue. However, there is a key point here that you all should take into account. It’s the bit about making the LEO’s aware of the content. This is what I was trying to get at before. If Anonymous or anyone is going to go after this content, then it would be best if you tipped off the LEO’s to the site and the content. Now, the above statement implies that if you make the tip, then you are going to let the police have your system to look at… And we all know Anonymous is not going to do that. So, just be judicious about your tip off’s to the authorities. Do your homework and dump the data to them directly, not on Pastebin.
Of course, then there are the issues of hacking a system in the first place… Well, in the DarkNet, the only thing as I see it that is key would be not leaving a trace that you were there. You know, kinda like the whole hiking ethos of only leaving footprints.. But in this case I would suggest not even a footprint should be left behind. It seems to me, that if you hack a paedo site, even with good intentions, you could get the double whammy from the authorities of hacking as well as accessing child porn…
And that could really be problematic.
So, in the end, I circle back to recommending that you become intelligence gatherers and locate the sources to report. If you locate them, and you get some good details for the authorities without having to SQLi them, all the better. You will be doing a good thing AND you will be satisfying the Deontologists in the room.
Keep your wits about you kids.
K.
Anonymous, SCADA, LULZ, DHS, and Motivations
Anonymous Is Interested In PLC’s & SCADA?
A recent .pdf bulletin put out by Homeland Security (i.e. DHS) claims that certain actors within Anonymous (and by that they mean “anonymous”, I added the distinction) have shown interest in at least Siemens SIMATIC PLC’s and how to locate them online for exploitation. It seems that DHS though warning about this threat, is not too concerned about its actually being exploited by the group because they lack the expertise to attack them. So, why the BOLO on this at all? If the collective cannot do the damage to the infrastructure that you are entrusted in keeping safe, then why report on it at all as credible intelligence? It would seem to some, myself included, that Anonymous is not the problem that they are really worried about on the macro scale, but instead, those who may claim to be Anonymous hitting small scale facilities or pockets of targets for their own purposes.
And therein lies the difference.
If indeed Anonymous the collective is looking at attacking SCADA, one has to wonder at their reasons to target such systems. After all, if Anonymous takes out the power or poisons the water, it will not look good for them PR wise. In fact, were such things to happen in the name of Anonymous, I can pretty much guarantee you all that they would be enemy #1 pretty darned quick post an attack. However, if they were to target a company such as a car maker that pollutes, then, you have a real agenda (per their social agenda of late) So, the targeting is really key here and I will cover that later on.
DHS Jumping The Shark?
The motivations of the release by DHS have also been called into question by some as to why they chose to talk about this at all. This is especially prescient since they take pains to say that the Anonymous movement “most likely” does not have the technical means and motive to really pull of these types of attacks on the infrastructure. So why even bother? Perhaps they are just covering their bases (or asses) just in case the Anon’s actually attack? Or perhaps, they too are clued in on the fact that even if claimed to be anonymous, it could be others working against the US (Nation State Actors) who have chosen to attack and use Anonymous as a cover so as to throw off attribution.
Either way, as some look at it, it is almost like they are daring Anonymous to do it out of spite because they are calling Anonymous’ factions and actors “inept” or “unskilled” which, might get their dander up a bit. All of these scenarios pretty much do not preclude someone hitting SCADA systems in the future and it being blamed on Anonymous, which will bring on a new wave of efforts by the government to stamp them out. Reciprocity being what it is, this too will mean that Anonymous might in fact gain strength and sympathy from such actions and fallout as well.
For me though, I just see DHS covering the bases so as to not be blamed later on should something happen. Not so much am I of the opinion that they are in some kind of propaganda war here with this little missive.
Motives, Means, Technical Abilities
So lets go with the theory that certain elements of the Anonymous collective want to mess with the infrastructure. Who would they target and why? More to the point, what companies would they target that fits their agenda?
- Telco?
- Power?
- Manufacturing?
Those are the three areas that I could see as potential attack vectors. Though, once again I have to say that the only two that I see as real possible would be the telco and manufacturing and even the telco would be dangerous for them to try as well. I mean, if you start messing with Ebay or Paypal that’s one thing, its quite another to mess with national infrastructure, as these two would be considered. If indeed Anonymous hit them and took them down for whatever reason, they would then be directly considered terrorists… And that would be seriously bad for their movement and its legitimacy.
Now, we do know that the Anon’s hit the BART system but as I remember it, it was BART that took out the communications infrastructure themselves so as to prevent communication between anon’s. So, this just doesn’t seem to fit for me either. Manufacturing though, as I made the case above, could be something they would try. It’s not national infrastructure and it will not take the country down if they stop something like cars being made.
Is it just me? Or does anyone else just see this as a non starter for Anonymous central? What I do see is the threat of other actors using the nomme de guerre of Anonymous as cover for their actions to mess with the national infrastructure. Perhaps some of these people might in fact be motivated by anonymous, but, my guess that if there were to happen, it would be nation state driven… And something I have been warning about for some time.
Anonymous, as an idea, as a movement, will be subverted by those looking to fulfil their own ends and justify their means. All the while, they will let the Anon’s take the fall for it.
Governments
Nations
Nation States
… AND.. Corporations.
You know, those with the money and the people who could pull off the technical hacks required to carry these capers off.. Not a bunch of rag tag hacktivists and hangers on.
Blowback
In the end, what I fear is that there will be a great deal of blowback on Anonymous even talking about hacking and messing with infrastructure. The same can be said for their attempts on taking down Wall Street or the NYSE with their DD0S. If they had succeeded, they would have been an annoyance really, but that would not have caused any great fluctuation in the markets I think. No, unless they hacked into NYSE itself and exposed the fact that they had root in there, I think that it would have a very minimal effect on Wall Street and the economy at large.
Not to say that everything is going ever so well now…
DHS seems to have jumped the shark a bit for me on their BOLO and the coverage of this just tends to add to the FUD concerning SCADA and PLC code. Hell, for that matter we have the new Symantec report on DUQU that yells out about it being the “Son of Stuxnet” but in reality, it is more like a clone of Stuxnet used for APT style attacks by persons uknown..
Get yer FUD here!
Same goes for this DHS warning.
Your results may vary…
K.
LulzSec/Sabu Paedo Hack = Turd Shining, Disinformation, or Lulz?
The recent dump on pastebin of what the alleged “Sabu” claimed was a ‘paedo’ (Pedophilia) site has pretty much turned out to be a lie. What could have been a good thing in outing a paedo ring, has instead turned out to be the hacking of an anime site and the outing of email addresses for the users of ‘densetsu.com’, a defunct site that featured Japanese anime/hentai. Now sure, one might look at the imagery that the Japanese tend toward (young schoolgirls being raped in their school uniforms by demons or alien plants) as a form of paedophilia, however, it is technically not by the law. So, in reality this alleged hack is non sequitor to any kind of legal or moral aegis.
When I looked at the site from the perspective of Googling, then looking at it historically I saw a site that did not contain child pornography. However, when you look at the site closely now, you can see, as the Duck Pond Blog has, that a couple images have been uploaded on the 28th of August post the hacking of the site by users unknown. So, what was the idea here? Being that I was a part of the panel at Defcon that mentioned why not use your hacking skills to take down paedo sites, I had thought on the face of this, that it was at least a step in the right direction.
I was wrong.
So, who did this and why? Could it be that the Lulz team just felt bored in these last few days before going back to school and decided to pick on an easy target? Perhaps they wanted to appeal to the masses a little bit with hitting an ‘alleged’ paedo site because they have been losing popularity? Or, was this even Lulz at all who did this? Perhaps it was just someone else doing it for the kicks and decided to pin it on Lulz? Net/net though, they have only served to out innocent people’s email addresses to the masses who may not know any better as to what really happened with this site. From what I am hearing at present, some of these people may in fact be currently being harrassed by people because now their addresses and names have been tagged to the idea that they are paedophiles, and that is just stupid.
I’m sorry kids, but this is just useless and once again you miss the mark on making any kind of difference. Had this site been trafficking in large amounts of imagery and you outed them, I could say ok, you did half the job right. The other half would have been to instead of doxing them on pastebin, I would have dropped a note to the FBI…
But..
Wait, wouldn’t that just go against everything you have said lately? Indeed, where would FFF (Fuck FBI Friday) be if you actually were helping “The Man” right? Well, at the very least you should be able to agree that this type of behaviour (paedo) is wrong and drop the dime on it.. But, I don’t think you all really care, and this is what brings me back to the Rogues Gallery and my assessment of the Lulz/Antisec movement. The short and sweet of it is that you all seem to be displaying narcissistic tendencies. In this instance, whoever did this obviously just did it for the kicks and attention because there was nothing here to warrant the action against densetsu.com that can be found.
Duck Pond goes further into the background of the site and proves out what I am saying here too but I think it would be just pedantic to go over it again. Please go read their post because they did a good job. For my part, I will sit back again and watch the goings on. I am sure things will slow down a bit as the kids are, like I said, headed back to the school room or the dorms and will be busy for a bit.. But sure enough come November/December it will be digital Animal House all over again.
For those of you out there in Anon who are re-thinking all of this, you may want to consider the ways you all could change your image a bit and perhaps do some real good. The protests at Bart were a good thing… Keep that up.. Though, I am not so sure of the whole Wall Street sit in… Word on the street there is that the AQ/AQAP set want to join in. If that were to happen (say you protest and then a bomb goes off) it would be a double blow. First there would be deaths, the second would be the reaction of the government on actual protests, writing all of our rights of assembly off due to terrorism threats.
Be careful.
K.
Krypt3ia 
Virtual Arkham: Explaining Anonymous, Lulzsec, and Antisec Animus in Our Digital Gotham City
with 12 comments
Personae Dramatis: The Rogues Gallery
In this post I would like to show you what I have been seeing with regard to Anonymous the other groups that have spawned from it. Increasingly over the last year or two I have been seeing analogies both literally, and figuratively between the forces at play and I feel that all of it is directly affected by the comic book world of Batman. The analogies that I am making come from observing not only the actions of the parties but also the methods that they use (down to the imagery in word and graphical) to get that message out to the masses.
In the case of Anonymous and their spin off groups, I have observed a shift in personalities that could be termed an evolution in motivations and thought. Generally though, the game plan seems to be just a general way for the groups to sow anarchy while feeding their narcissistic needs through media attention. This is the crux of the issue I think as the core groups don’t seem to be solely motivated by ethical or political change. Instead, it all seems to be focused on a few drivers;
Equating this with the world of the Batman has been in the back of my mind for some time, especially since my dealings with Jester. His logo and his persona of the “joker” from the last Dark Knight film set the stage for me to start to think in this vein. A more recent video by the History Channel solidified all of this for me. The video, “Batman Unmasked: The Psychology of the Dark Knight” struck me as not only as being the zeitgeist of this article, but, also seemed to show a generation of comic book and movie goers that are internet denizens that want to emulate this last iteration of “The Joker” specifically.
The Heath Ledger portrayal of Joker seems to have been the catalyst to me, of many an internet anarchist. The media surrounding this being his last role as well as the way the character was re-written in this story arc, hit a common nerve with the masses. So much so, that seemingly, the Joker became the more emulated and lauded character in the story over its real hero, Batman. It is from this realisation that I derive the rest of the analogies made here. Of course these are gross generalities, but, I tend to think that given the recent activities (riots in the UK and flash mob thievery in the US as well as all the lulz) there is a strong correlation to be made.
First though, lets look at the Rogues Gallery that end up in Arkham Asylum…
Ra’s Al Ghul and The Shadow Assassins
Ra’s is a control freak. His agenda is to have order but his means to get that order mean subjugation of the masses and removal of anyone that does not conform to his sense of right and wrong. This order that he wishes to impose comes from his shadow assassins and their lethality without question.
The Riddler
The Riddler is a pure narcissistic criminal genius. His narcissism though, is usually his undoing as he cannot perpetrate any crime without leaving overt clues in an attention seeking pathology. It is this pathology, the need for the attention that drives him altogether and is his undoing.
The Penguin & The Joker or PenguiJoker
The Penguin (Societal and Governmental corruption) and The Joker (pure anarchy) are two rogues that have become one in this scenario. Within the world of Batman though, each attacks the order seeking to destroy it for their own ends. In the Penguin we have someone looking to corrupt the system. Meanwhile, the Joker, is pure anarchy diametrically opposed to the order (aka Batman) Joker’s need is fuelled by a nihilistic world view twisted with a good deal of insanity.
All of the Batman wannabes in hockey suits
Lastly, we have the Bat-men, the would be vigilante’s who want to be the Bat, but, don’t have the tools to really be of use. This character set was added from the last film (The Dark Knight) and I generally attribute to one player in the real world (if you call it that) version of Gotham Knights being played out on the internet. That individual(the afore mentioned jester) oddly enough aligns himself visually much of the time with “The Joker” but, he is more like the hockey suit wearing would be Batman.
Now that I have laid down the Batman’s Rogues Gallery, I will move on to the real world players and their motives aligned with my premise.
Anima & Animus:
According to Jung and even Freud, the darker side of the psyche can drive our actions solely by the shadow self. One can see hints of their theories in the actions of each of the groups we are talking about here. Even the subtle connections made from overt symbolism can be made through the icon of Antisec itself. As seen at the top of the page, the connections are there to be made between the characters of Penguin, Joker, and Riddler, even if the original core image came from another source altogether (V for Vendetta) I believe that the collective unconscious here latched on to the images of Riddler/Joker/Penguin and co-opten them, if they didn’t actually do so overtly and with forethought.
So, with all of this said, I will make the claim now that I believe the movements and the players have been created out of vainglorious motives and have not changed at all since taking on the mantle of ethical and political change through civil disobedience. To that end, here are the players aligned to their characters from the world of Gotham as well as their psychological underpinnings.
Anonymous: Ra’s Al Ghul and The Shadow Assassins
Anonymous started out as a group of people who inhabited the 4chan group but wanted to do something different for ‘entertainment’ This loose idea was co-opted when they began to commit civil disobedience for their own purposes either political or for the aforementioned entertainment value. Either way, their animus is wholly about the control which they can wield over others. This should never be forgotten, that the core of the group ethos has nothing to do with change or moral/ethical betterment. It is in fact all for their own enjoyment.
Lulzsec: The Riddler
Lulzsec came into being because they felt that the ethos and moral constructs of Anonymous were too weak and they wanted to escalate the ‘lulz’ for their own enjoyment. The take away here is that just being pranksters was not enough, instead they wanted to show everyone they were smarter than everyone else AND that they could do so and get away with it. All the while, they performed these acts in an exceedingly narcissistic way. A key player in this that has been caught would be Topiary. It seems that even in the face of prosecution he thumbs his nose at authorities as well as seems to be enjoying the limelight (philosophical book in hand for the cameras)
Antisec: The Penguin & The Joker or PenguiJoker
The love child of Anonymous and LulzSec are #Antisec. This agenda or perhaps subgroup (I tend to think there are cells of Antisec) has chosen a logo that decidedly shows the melding of at least two of the Batman Rogues Gallery (Joker and Penguin as you can see at the top of this article) This too follows into their attitudes about what they are doing and why they are doing it. They really have no rhyme or reason for what they do other than their own entertainment and attention. This is a classical narcissist behaviour and by all communiqués laid out by LulzSec, they fully enjoyed their ‘voyage’ in the lulz sea.
Antisec also has a Penguin side to them too. By using the system against itself (i.e. using the governments lack of network and system security) they poke them in the eye by subverting their own data to shame them. This is a lesser characteristic as I see it, but it is still important to note as well as point out the imagery (homage) to the Penguin in their logo whether it was overtly done or by proxy of some unconscious connection made by the designer.
th3j35t3r: All of the Batman wannabes in hockey suits
Finally, we have the jester. A character who wants to be the Batman, but fails to actually affect any kind of real change in the battle. For all of the attempts made, the efforts fall flat and to date, nothing has been attributed to him that substantially made a difference against the Anonymous/Lulzsec movement. I believe he does this as well as his other DDOS actions out of a self described sense of helplessness. Jester makes the claim that he had to do something as he saw his comrades dying at the hands of Jihadists. He made similar remarks about why he was attacking Anonymous, as they were outing data that could harm those in the field of battle.
Either way, his motivations seem to be tainted with a bit of narcissism as well, seeking the attention of the media as he has in the past makes him part and parcel to the overall problem.
Escalation:
And so it goes on… The Anon movement has begat others who have agenda’s of their own (or perhaps pathos is a better word) As the movements lose interest in the day to day grind of operations, they will increasingly seek to up the ante. As the media winds down on them, they will need to seek even bigger targets and outcomes to end up back on the top of the news, all the while feeding their collective need to be the centre of attention. The flip side of this will be that the authorities, unable to cope easily with the problem at hand, will create new and more stringent laws that will harm us all. Though this will not matter to the groups.. Because this is unimportant to their end goal of satisfying their needs. It will keep going round and round and the outcomes are likely not to be good. There will be a lot of collateral damage and in the end, no one will have profited at all from it all.
End Game:
So what is the end game here? Will there be any good outcome from this?
Not if it keeps going the way it has been. More indiscriminate hits against targets without showing anything for it along the lines of showing corruption or malfeasance will only lead to more knee jerk reactions by authorities. I imagine some will be caught and tried for their actions, others will escape and perhaps go on to other things… Overall though, it will not make a better world. It will only have fulfilled the dsires temporarily of the ones perpetrating the acts against.. Well anyone and everyone.. Until they get put into Arkham.
K.
Rate this:
Written by Krypt3ia
2011/08/19 at 17:36
Posted in .gov, A New Paradigm, Anonymous, AntiSec, Commentary, Dystopian Nightmares, FauxSec, Forensic Psych, Forensic Psychology, Infosec, Infowar, Insurgency, Jokey, Lulz, LulzSec, Night Watch, Profiling, Sociology