Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Archive for the ‘What the???’ Category

THE IRANIANS ARE KNOCKING! THE IRANIANS ARE KNOCKING!

with 4 comments

Iran-cyber-attackZOMG

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

There are known knowns; there are things we know we know.
We also know there are known unknowns; that is to say, we know there are some things we do not know.
But there are also unknown unknowns – the ones we don’t know we don’t know.

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

“Mankdrake, come over here, the Redcoats are coming!”

THE IRANIANS ARE DDOS’ing OUR BANKS! UNCLE FRED CAN’T SEE HIS BANK ACCOUNTS OH THE HUMANITY!

The hue and cry over the DDoS that has been taking place since the summer on certain banks has been increasing over the last week and of course the secret squirrels and the hangers on who want to sell their wares and stories have been rife on the mainstream media. Of course the likes of Droopy Dawg (former Senator Lieberman) have also been making the rounds at podiums near you droning their dire warnings that Iran is double secretly “out to get us with cyber attacks”

Several of my contemporaries have posted articles this week pointing out that emperors all, have have no clothes on and yet, only within this small verse known as the INFOSEC community am I seeing this fact being leveled at all. It’s sad really that we the community in the know should be so marginalized by the media because we do not take the party line. Thusly the truth of the matter never reaches the unwashed masses and they live on in mortal fear and loathing over the great Muslim Shaitan that is Iran.

For us in the know though, we can only continue to say “No, that’s not what’s happening” to those who will listen or yell it out as I am here once again on my screed… Uhh.. I mean blog. Sad but true as well as for me at least cathartic to at least yell in ALL CAPS for a while. I feel better usually after a good screed here…

But I digress…

“What difference does it make if it’s true? If it’s a story and it breaks, they’re gonna run with it.”

Truth is something that media outlets and the government tell you they are giving you but really are they? In the case of the DDoS attacks on the banks there is no solid evidence as to any kind of attribution of who is doing it. This however has not stopped “government sources” and certain secret squirrels within the INFOSEC community *cough VENDORS cough* who are more than willing to tell you that it’s GOTTA be Iran. Why? well… Because.. IRAN DAMMIT! That’s about the sum of it right there. It is so because they say it is, we don’t need no stinkin proof or anything do we?

Now, had any of these people made the caveat that there is no real proof of this but my gut say’s it’s Iran that’d be ok but then again really? Really? That’s going to be an answer? If there is no proof then you say that there isn’t any and that you CANNOT say who did it. It’s simple really but instead we get the Iran angle because that is the party line for the saber rattling du jour right? Who am I kidding though right? After all according to Karl “Turdblossom” Rove back in the Bush administration “we make the reality” right? So the reality is, since it’s on the news and the secret squirrels have told us on background, that Iran is HACKING OUR BANKS!

*chuckle*

Hacking.. Ugh, that’s another issue altogether. The nomenclature is completely ignored by the media and the masses just eat it up because it has the word “hack” in it and that is god damned scary! Never mind that the DDoS really isn’t that harmful to anyone. Honestly, DDoS of the banks does not mean that they are down for the count. Sure they will lose some revenues while the sites are down but this is no nuclear strike or massive hack on the banking system that siphons trillions of dollars to Swiss accounts ala Dr. No. It’s all really much ado about nothing yet it is being flogged for the masses in one assumes is a preparatory campaign against Iran and nothing more.

“Can’t have a war without an enemy…You could have one, but it would be a very dull war…”

So yeah Iran is a repressive authoritarian theocratic government that treats its people poorly and seeks to engender itself as powerful to the global scene. They do have some technological know how and they are fixin on getting them some revenge but is a DDoS really going to be their raison d’etre? Think about it isn’t it laughable as a serious attack? Sure Anonymous does it but that isn’t all they have been doing right? THEY have actually been HACKING!

Good lord! I mean c’mon people! If you are gonna frame up Iran for some cyber shit at least do it with some serious hacks against corporations or infrastructure!! Oh, wait, I know, if they were to really do that then there’d be some real reasons for action right? Then perhaps the people might ask if what they are being sold is the truth or not right? Ahh that must be it right there huh? Just some DDoS, pay no attention, it’s not the end of the world.. Oh and IRAN IRAN IRAN CYBER CYBER CYBER!

*subliminal fear images flash across the screen as Anderson Cooper looks sternly into the camera*

Derp derp derp… So yeah, the government needs an enemy and attribution is soooo hard! It’s Iran.. No doubt about it. No, really, it’s a really complex attack! I mean no ordinary group of hackers or security folks could do this kind of thing! Well, except for those guys who have bitcoins and go to the darknet and rent some botnets.. Wait.. SHHHH… It’s IRAN! It HAS TO BE IRAN! IT’S A NATION STATE DDoS!

*takes drag on cig and looks through wayfarers*

You people make my ass twitch…

No no no no no, fuck freedom.

So once again we are left with the media not taking the full measure of things and that even includes NPR which had a report this week that nearly gave me an aneurysm. Brian Krebs told me yesterday in fact that he declined an interview/comment on this because they were not really willing to hear the truth about this. By the way Brian KUDOS to you man. YOU are my new hero! I presume that others who lack a certain moral ethical compass will be blathering every chance they get and those people should be publicly taken to task for their perpetuation of this farce.

Of course others like Jeff Carr have been a voice of sanity on NPR and elsewhere in the past but you know what? Jeff’s logic and truth doesn’t make for bleeding headlines that will draw clicks for ad revenue will it? Marginalize those who tell the truth that is too dull to sell ad space is the way of it today. So on it goes, the media drumbeat will continue saying that Iran is at the heart of every little cyber hiccup that we have from now on. Iran is in good company with China now. Hey, at least China isn’t alone! Now China can just glibly point at Iran and Mahmoud saying “It was them!” and surely many in the government and the media will say AH HA!

My friends we are doomed. The truth no longer matters and I suppose it hasn’t for some time. I am a dinosaur I suppose to believe that there are truths out there that should be told. Could Iran be behind the attacks by using proxy orgs? Sure. Do we have definitive proof? No. That’s all that needs to be said. That is of course not what we are getting from the government and media today though.

Hmm how long til Glenn Beck or O’Rielly are “Cyber Experts” I wonder….

K.

Written by Krypt3ia

2013/01/11 at 20:32

China’s cyber-warfare capabilities are ‘fairly rudimentary’… What is it with these crazy Australians?

with 5 comments


Conclusions
Chinese strategists are quite aware of their own deficiencies and
vulnerabilities with respect to cyber-warfare. In June 2000, “a series of high-
technology combat exercises” being conducted by the PLA “had to be
92 suspended” when they were attacked by “a computer hacker”.

China‟s telecommunications technicians were impotent against the intermittent
hijacking of the Sinosat-1 national communications satellite by Falun Gong
„practitioners‟ in the early 2000s. China‟s demonstrated offensive cyber-
warfare capabilities are fairly rudimentary. Chinese hackers have been able
to easily orchestrate sufficient simultaneous „pings‟ to crash selected Web
servers (i.e., Denial-of-Service attacks). They have been able to penetrate
Web-sites and deface them, erase data from them, and post different
information on them (such as propaganda slogans). And they have
developed various fairly simple viruses for spreading by e-mails to disable
targeted computer systems, as well as Trojan Horse programs insertible by
e-mails to steal information from them. However, they have evinced little
proficiency with more sophisticated hacking techniques.

The viruses and Trojan Horses they have used have been fairly easy to detect and remove
before any damage has been done or data stolen. There is no evidence that
China‟s cyber-warriors can penetrate highly secure networks or covertly
steal or falsify critical data. They would be unable to systematically cripple
selected command and control, air defence and intelligence networks and
databases of advanced adversaries, or to conduct deception operations by
secretly manipulating the data in these networks. The gap between the
sophistication of the anti-virus and network security programs available to
China‟s cyber-warriors as compared to those of their counterparts in the
more open, advanced IT societies, is immense. China‟s cyber-warfare
authorities must despair at the breadth and depth of modern digital
information and communications systems and technical expertise available
to their adversaries.

China is condemned to inferiority in IW capabilities for probably several
decades. At best, it can employ asymmetric strategies designed to exploit
the (perhaps relatively greater) dependence on IT by their potential
adversaries—both the C ISREW elements of adversary military forces and
the vital telecommunications and computer systems in the adversary’s
homelands. In particular, attacks on US information systems relating to
military command and control, transportation and logistics could “possibly
degrade or delay U.S. force mobilisation in a time-dependent scenario”, such
as US intervention in a military conflict in the Taiwan Straits.

China‟s cyber-warfare capabilities are very destructive, but could not compete in
extended scenarios of sophisticated IW operations. In other words, they
function best when used pre-emptively, as the PLA now practices in its exercises.

In sum, the extensive Chinese IW capabilities, and the
possibilities for asymmetric strategies, are only potent if employed first.

Desmond Ball: China’s Cyber Warfare Capabilities


Oh Desmond…

Desmond, Desmond, Desmond… You spend so much time pointing out all of the Honker Union activities, the malware created by China, and all their overall IW/Espionage activities and then you say;

“Well, because there’s no real proof of their actually having done anything, they are unable to do so”

*blink blink*

Crikey! Have you been sipping what Dr. Wright has been drinking or what? Tell me Desmond, what is your classification rating? Because I think you are lacking some pertinent information that might change your hypothesis quite a bit. Either way, your contention is lacking understanding of the playing field I think, so let me enlighten you a bit ok?

Rudimentary? Really?

I personally have heard of “on the fly” coding of malware to affect pertinent systems within a defense contractor network to not only keep access within said network, but, also to exfiltrate even more interesting data. Now, that sounds rather advanced to me..

How about you?

Sure, the coders could have been just about anyone, but, the data was being exfiltrated to areas that were in the Asia Pacific and more than likely were Chinese in origin so, yeah, it likely was them and not say, Germany. However, once again, we have no real proof of it being “solely” China. Oddly enough though, when data was caught in the hands of the Chinese we pretty much had to admit it was them doing it. So, no Desmond, they are not wholly unskilled and certainly as unsophisticated as you would paint them. This is just one instance of access and hacking that allowed for the APT (Advanced Persistent Threat) activity that, well Desmond, was coined for their activities against the defense industrial base here in the US.

Simply Desmond, you can cite all the articles from the internet you want.. You still won’t have the whole picture.

PSSST… Guess What?

So, to move this further along the philosophical and technical path for you let me explain it another way for you. The Chinese, as with most of the Asiatic countries, have a different perspective on things than we in the West. Something core to the Chinese mindset on warfare are the following:

The Chinese do not have a goal of outright cyber warfare with us. In fact, they would use the subterfuge angle you speak of by leaving trap doors in software and hardware, which they have done in the past (and have been caught) However, more than likely, they would use the supply chain that we have allowed them to become the lions share of via outsourcing of cheap parts/labor to infiltrate our systems with bad chips or said same back doors. Why do you think we spend so much time (the military) checking everything that we get for the government/mil from China?
Soft power Desmond would dictate that they use the thousand grains of sand to not only steal our IP but also use the technology and our dependence on their cheap rates to insert bad data/systems/hardware into our own infrastructure for them to call up when needed to fail. This is not to say that they do not also have operators who have inserted code into other systems remotely to late be used when needed as well.
Simply Desmond, you don’t see the whole picture and its rather sad that you go on to make such defined claims. The simple truth is that the Chinese don’t need to attack us pre-emptively. They have been undermining us (US) for a very long time as we sell out to them for cheap goods. and services. THIS is soft power. They now sit in the catbird seat in many ways financially (though yes, they could lose much by us defaulting) however, from the soft power perspective, they hold the upper hand. A coup de grace would be to take down military systems were we to get uppity about Taiwan.. but really, are we in a position to do so after being wholly owned by them and their capital?
Desmond.. It’s not so much Red Dawn as it is “They Live” if you are into movie references.

網絡戰 !!!

Alrighty, now that I have gotten that off my chest, Cyberwar is to me, too hard to carry out for ANY of the countries out there now. China being only one country that might want to. The systems are too disparate and to control a single node would take great effort. So, yes, I can agree with you that they are not in a position to do us major damage from a CYBERWAR booga booga booga perspective. Frankly, no one could in my opinion. However, your contention that they could not insert bad data during a time of war is a load of crap.

ANYONE could IF they had the access and the desire. It would not need to be nation state, it could be a private citizen for that matter. What is more interesting Desmond is that you fail to understand the espionage angle here. The Chinese use their expat’s to do their bidding under threat, or, mostly under the “poor poor China” argument. Imagine an insider adding code to systems that could be triggered…

Yeah.. Soft power once again.. It could turn hard though with the right circumstances.

Once again Desmond, you think too one dimension-ally.

The Sad Truth…

Now, with all of that said, lets turn it around a bit. The saddest truth is this;

“Given all of what has happened recently with Lulzsec, it has become clear that it does not take an uber hacker to take down pretty much anyone”

The systems out there have not been protected well enough. Patching, and secure coding have not been at the fore here and thus it is trivial for the most part to hack into systems throughout the internet. So, the Chinese need not be uber haxx0rs to do the damage needed because we collectively have done a bad job at securing our own networks.

*sadface*

Once again, you fail to look at the problem from a more multidimensional angle.

Please go back to the drawing board Desmond because you lack the proper information and perspective to really make the claims you are making.

K.

STUXNET-APOCALYPSE! Say’s the Israeli Who Doesn’t Have Nuclear Silo’s and Bombs….

with 3 comments

From Infosec Island

Tomer Teller, a security evangelist for Check Point, warned of the likelihood that the Stuxnet virus could be adapted to undermine systems that control nuclear missile arsenals.

Teller made the prediction at a conference in Sydney, Australia last week hosted by Check Point.

“Nuclear warheads are controlled by computers so if someone managed to slip a worm inside a facility that will reach the warhead component, they could launch it and than aim it back at the country’s facility… Stuxnet is the first cyber weapon that could cause major disruption” Teller explained.

Teller indicated he has conducted a detailed analysis of the Stuxnet code, and given the size and complexity of the file, Teller believes it is likely that a successful attack would require utilization of an insider.

“This is a huge file, it’s 1 megabyte [MB] of code and I respect the skill required to engineer that code as it is very complex,” Teller said.

The most likely avenue of for the attack, Teller postulated, would be through the use of a tainted USB drive.

“In order to get something trusted by Microsoft, you need to get those exploits signed… What we think happened is that an insider broke into JMicron, a chip manufacturing company based in Taiwan, as there is a computer at that office which is dedicated to signing these Microsoft drivers,” Teller said.

My first reaction to this posting online came when I saw it on Greg Evans website where he had scraped the story from another source (never mind why I was there) Since then, this story ended up on the headlines section of Infosec Island and once again my reaction is HOLY WTF? How does this get into the news cycle at all without people calling it into question rather vociferously?

So I decided to talk to a source of mine who is in the know about most things nuclear. I asked him if indeed the supposition I had that Stuxnet would be pretty much useless in a Silo because of the way the systems were designed to be ultra redundant as well as segregated within that redundancy. What I got back was the following:

OK, at a high-level:

– The ~concept~ of a StuxNet and Nuclear Silos really only applies to operational readiness. With the exception of Pakistan no ~known~ nuclear player doesn’t already implement a variant of the PAL and CMS systems in their launch controls.

 The levels of redundancy involved for both the ability to launch, preventing launch, arming, and self-destruction at exist in nuclear silos is quite possible the most perfectly decision/failure tree designed/redesigned systems known to man. This wasn’t due to a one-time effort, its been decades in the making.

– The availability of the hardware, software, network access, peripherals access, etc. is SOOOO ridiculously limited that ~development~ of such a tool would be purely speculative. This isn’t SIPREnet or CRONOS or NAUTILUS we’re talking about here. The levels of control and network isolation, and again redundancy, within these installations at major players is appropriately absurd.

– In terms of ancillary systems and operational readiness there are two ways to look at it. Could something cause a scare a a general shutdown due to FUD? Yes. Could something be used for ~press~ purposes to indicate a lack of operational readiness. Yes. The reality is that those who would be deterred in a MAD scenario know better.

– We’re talking submarines too, a WHOLE different level of player and communication and control systems. The likes of which are even further unknown and more specific.

– W/ submarines there is a different sort of risk because some major players (namely the UK) don’t have the same level of controls on subs so a rogue commander w/ a key could start a launch. If talking StuxNet like situations, you’re not reducing their readiness so easily. It is know in these cases from various leaks that the control pathways are also isolated by design and ~MECHANICAL~ to what might even be considering a fault.

– If you’re a Nation-State that has been tutored in the ‘art’ by the US or USSR you’re also likely to have bizarre levels of controls like fan speed detectors, temperature detection, computational state metrics, etc. to show the slightest change in behavior. Some of this was designed around the idea of more traditional things like a Y2K bug maybe affecting ~some~ system. This that are, to any person who designs hardware, known to be fairly absurd and unnecessary but indeed they would trigger an alarm to ~look~ at something.

– All that said.. could a StuxNet like system affect the ~production~ and ~development~ of a nuclear weapon? Yes and no. Yes as in it certainly could screw up enrichment (obviously) but wouldn’t screw up the end-result (hence why StuxNet was found in the first place).

So, once again, I call shenanigans on Tomer and this little story. At worst, if there were a Stux variant that were worked out AND carried into a silo it would cause (maybe) a failure to launch, it is much more likely that Stuxnet and variants would instead be more used (as it was in Iran) to manipulate the production of fissile material so as to have a weapon that would not actually work once launched in the payload vehicle. This story though, and the way it has been put out there by Tomer Teller, makes it sound as though imminent failure could happen to nuclear bombs and this is just not right.

Even more ludicrous is the idea that a Stux variant could infect a system and cause the payload to come back from where it was launched, in effect changing the target coordinates. THIS would be more along the lines of just some malware, not Stuxnet that would infect specific systems in guidance on board the payload vehicle, and that is a totally different animal from Stuxnet. Indeed, this would be a completely different effort altogether and would require something else completely.

You see, the point of stuxnet was that it was manipulating PLC code to specific PLC’s Tomer, what you are talking about would be something completely different.

Go back to firewall evangelizing and leave the nuclear weapons alone.

K.

Written by Krypt3ia

2011/09/13 at 00:41

The END IS NIGH! What? We’re still here? Oh, well, I must have been misled by Satan!

with 2 comments

Heironymous Bosch: Garden of Earthly Delight Triptych (rght)

Once, long ago, we all as a species were about three hairs away from being classified as Baboons. It was around that time, that someone got the bright idea to write a bunch of stories in a big book about the sky dad and his rules on how he demanded we live all our lives. Approximately two thousand years later, there are unfortunately some of these Baboons still lurking about who daily screech about the sky dad and his unhappiness with us all.

On Saturday, according to one of the more vocal baboons. we are all about to enter a world of pain because the sky dad has seen fit to tell this ‘civil engineer’ that end is in indeed nigh. Of course, this particular baboon has made this claim before and wouldn’t you know it, he was wrong. So why is it that this guy is back in 2011 with a radio ministry that is worth over 100 million dollars?

I will tell you a secret… There are many fucking morons amongst us.

*gasp*

Yes, yes it is true. We have reached a point in our existence that we can tame (almost) the atom and we can walk in space, but we just can’t seem to get rid of all these backward thinking barely upright walking throwbacks who still think that an Atlatl is a pretty nifty weapon. They just don’t seem to be able to get past the idea that there is no sky dad and that things like the ‘rapture’ are all parts of an imaginary tale in a big book created by hegemonic men some time after an alleged profit’s life.

So, you might look at the graphs above and think;

“Boy, this guy’s got it in for religion!”

And, you’d be mostly right. I personally think that religion, is in fact the opiate for the masses. An easy way for people to absolve themselves of the bad things that they have done with their lives (confession and absolution) while not really coming to grips with what they may have done and why. Religion also seems to be just a general crutch for those unable to grasp the idea that there is no destiny and perhaps there is nothing after life. Instead, they cling desperately to the idea that the sky dad has a great condo on a cloud for them all and their very own neighbor is ‘The Jeez’ himself.

Right…

Meanwhile, the charlatans like Mr Camping crow like the cock at first light that they have the inside knowledge on it all and can help YOU go to that heavenly condo with the Jeez…

For just a small donation YOU TOO can be saved! 

Seems to me that the only difference between noodnicks like Camping and someone like  L. Ron Hubbard is that Hubbard at least had some creativity. Camping’s only creative streak is the use of AM radio to bilk people of their money before the end comes. Hubbard on the other hand came up with the ‘I own you forever’ contract that every Scientology freak signs up for.. For a hefty fee that is. Nope, the two of these guys only vary in their particular brands of crazy that they pimp out. Camping went ‘old school’ (aka old testament) and Hub, well Hub went all out schizoid with aliens who inhabit our bodies (Thetans) that we must rid ourselves of by holding some useless electric cans in our hands!

Now that’s creative.

Nope, instead Camping and company have chosen the tried and true carnival revival tent approach. Even to the point of buying a set of RV’s and travelling the country preaching the word of apocalypse in the months before the end. An end mind you, pulled out of his ass once again (remember the 1994 thing) for May 21st 2011.

COME ON FOLKS! Tithe it all to us and SALVATION CAN BE YOURS!

Just how did he come up with this date? Well, he magically came up with it.. Cuz, ya know he admits to not studying the scriptures extensively. Yeah, you heard that right. Admittedly he just sorta ‘knows’ in his gut that the time is nigh. 

Fucknut.

What’s worse? He has followers and that 100 million that they have given him over the years. So, I guess the question becomes; “Who is worse? The fool who is fleecing the flock? Or the flock of sheeple being fleeced?” In my opinion, I do surely hope the rapture comes and takes them all. Then at least we would be without all of these intolerant and ignorant fools and perhaps we could actually progress as a civilization.

So, on Monday if you answer that phone Camping, and you know we will be all calling you to rag on you, you better have one hell of a great story to sell to all your sheeple.

Oh who am I kidding.. You will just pull another date out of your ass and say it’s the sky dad’s mysterious ways blah blah blah while passing the hat for donations.

Collectively we are doomed until we get past this intolerant and superstitious claptrap.

K.

Written by Krypt3ia

2011/05/18 at 19:56

Inside The LOIC: Anonymous Is Still Using It?

with one comment

A source has sent in some information on the DoS attacks ongoing at Sony and I have to say I was surprised that the anon’s are still using the LOIC. Unless that is, there have been upgrades made? Does the LOIC now in fact obfuscate IP addresses? Meh, dropping Sony for their douchery is negligible in my book but, there is some interesting information in the data sent.

Such as a server called: staff.anonops.ru vlad.anonops.ru Really? Staff? For a headless org, you have a staff server per its naming convention?

//DATA

”LOIC utilizes the following commands for AnonOps and this is how I did it:”
sh# telnet loic.anonops.ru 6667 <– Open connection

Trying 92.241.162.211…

Connected to loic.anonops.ru.

Escape character is ‘^]’.

:vlad.anonops.ru NOTICE AUTH :*** Looking up your hostname…

:vlad.anonops.ru NOTICE AUTH :*** Found your hostname

NICK LOIC_JDOFOO <– Send Nickname Command

PING :BFCA576C <– Server sends a ping

PONG :BFCA576C <– Respond with exact sequence or it logs you off

USER IRCLOIC bleep blah :IRC NewFag Bitches <– Send usercommand with password, blah, and User Info

:vlad.anonops.ru 001 LOIC_JDOFOO :Welcome to the AnonOps IRC Network LOIC_JDOFOO!IRCLOIC@whiterabbitobject

:vlad.anonops.ru 002 LOIC_JDOFOO :Your host is vlad.anonops.ru, running version Unreal3.2.8.1

:vlad.anonops.ru 003 LOIC_JDOFOO :This server was created Tue Jan 18 2011 at 19:28:18 UTC

:vlad.anonops.ru 004 LOIC_JDOFOO vlad.anonops.ru Unreal3.2.8.1 iowghraAsORTVSxNCWqBzvdHtGp lvhopsmntikrRcaqOALQbSeIKVfMCuzNTGj

:vlad.anonops.ru 005 LOIC_JDOFOO UHNAMES NAMESX SAFELIST HCN MAXCHANNELS=51 CHANLIMIT=#:51 MAXLIST=b:60,e:60,I:60 NICKLEN=30 CHANNELLEN=32 TOPICLEN=307 KICKLEN=307 AWAYLEN=307 MAXTARGETS=20 :are supported by this server

:vlad.anonops.ru 005 LOIC_JDOFOO WALLCHOPS WATCH=128 WATCHOPTS=A SILENCE=15 MODES=12 CHANTYPES=# PREFIX=(qaohv)~&@%+ CHANMODES=beI,kfL,lj,psmntirRcOAQKVCuzNSMTG NETWORK=AnonOps CASEMAPPING=ascii EXTBAN=~,cqnr ELIST=MNUCT STATUSMSG=~&@%+ :are supported by this server

:vlad.anonops.ru 005 LOIC_JDOFOO EXCEPTS INVEX CMDS=KNOCK,MAP,DCCALLOW,USERIP :are supported by this server

:vlad.anonops.ru 481 LOIC_JDOFOO :Permission Denied- You do not have the correct IRC operator privileges

:vlad.anonops.ru 375 LOIC_JDOFOO :- vlad.anonops.ru Message of the Day –

:vlad.anonops.ru 372 LOIC_JDOFOO :- 18/1/2011 19:28

:vlad.anonops.ru 372 LOIC_JDOFOO :- 🙂

:vlad.anonops.ru 376 LOIC_JDOFOO :End of /MOTD command.

:LOIC_JDOFOO MODE LOIC_JDOFOO :+iwx

:Global!Service@AnonOps.net NOTICE LOIC_JDOFOO :[Logon News – Feb 16 2011] Please do not silence the media, it does no good and prevents free speech. Thank you.

:Global!Service@AnonOps.net NOTICE LOIC_JDOFOO :[Logon News – Mar 30 2011] Network help: #help | Nick registration: /msg nickserv register [password] [email] | Channel registration: /msg chanserv register [#channel] [password] [description] | Other help: /msg helpserv help

:Global!Service@AnonOps.net NOTICE LOIC_JDOFOO :[Random News – Mar 03 2011] this just in: iowa’s cock is the size of a horses. /breakingnews
JOIN #loic <– Make it join the channel (if you dont do appropriate sequences, channel will be invite only)

:LOIC_JDOFOO!IRCLOIC@whiterabbitobject JOIN :#loic

:vlad.anonops.ru 332 LOIC_JDOFOO #loic :!lazor default targethost=store.playstation.com port=80 message=Payback_is_a_frak,_isn’t_it? method=tcp speed=4 threads=20 wait=false random=true checked=false start

:vlad.anonops.ru 333 LOIC_JDOFOO #loic tflow 1302037670

:vlad.anonops.ru 353 LOIC_JDOFOO @ #loic :LOIC_JDOFOO &Wolfy @Sean &LOIC_UIRXWT &tflow

:vlad.anonops.ru 366 LOIC_JDOFOO #loic :End of /NAMES list.

WHO #loic <– List channel users:

:vlad.anonops.ru 352 LOIC_JDOFOO #loic IRCLOIC An-E075F605 vlad.anonops.ru LOIC_JDOFOO H :0 IRC NewFag Bitches

:vlad.anonops.ru 352 LOIC_JDOFOO #loic Howling the.moon.tonight tiny.anonops.in Wolfy Hr& :2 Wolfy Ragnarok

:vlad.anonops.ru 352 LOIC_JDOFOO #loic IRCLOIC an-E23BCDH1.anonops.net hidden LOIC_UIRXWT H& :0 Newfag’s remote loic

:vlad.anonops.ru 352 LOIC_JDOFOO #loic tflow staff.anonops.ru vlad.anonops.ru tflow Hr*& :0 Sejus Christ

:vlad.anonops.ru 315 LOIC_JDOFOO #loic :End of /WHO list.

:vlad.anonops.ru 352 LOIC_WMGVIJ #loic owen loves.isis tranquility.anonops.net owen Hr@ :1 owen

:vlad.anonops.ru 352 LOIC_WMGVIJ #loic ni staff.anonops.ru vlad.anonops.ru Ryan Hr*@ :0 ni

:vlad.anonops.ru 352 LOIC_WMGVIJ #loic evilworks evil.machine doom.anonops.ru wowelrisk Hr& :2 Jesus H. Christ

:vlad.anonops.ru 352 LOIC_WMGVIJ #loic MM an-544B51BC.bb.sky.com belldandy.anonops.ru MM Gr*@ :2 …

:vlad.anonops.ru 352 LOIC_WMGVIJ #loic tflow staff.anonops.ru vlad.anonops.ru tflow Gr*& :0 Sejus Christ

:vlad.anonops.ru 352 LOIC_WMGVIJ #loic IRCLOIC an-E23BCDH1.anonops.net hidden LOIC_UIRXWT H& :0 Newfag’s remote loic

:vlad.anonops.ru 315 LOIC_WMGVIJ #loic :End of /WHO list.

//END

Now, if I were looking to make life painful for Anonymous, I might go blackhat against a server like the afore mentioned staff server. There might be some tasty information there… Just an OPSEC observation there kids… But that’s just me.. Others might actually do it, ya know, like those companies and agencies out there you are pissing off?

On the other hand, what if one were to re-engineer the LOIC to reverse the exploit so to speak and actually inhibit the servers? After all, the genesis of the LOIC and some of the code here seems to come from an early IRC DoS exploit based on obstruct.c right? The mind wanders at the potential of re-engineering that could be made… And, as I remember it, a certain j35t3r already got his hands on the code before and backdoor’d it.. Well as the story goes. So, how long till someone comes along who wants to go against the flow and messes with the LOIC?

Kids, I think its time you found another product…

Meanwhile, Wolfy, dude,  your data is hanging out all over the place. Quite the Xbox freak aren’t you?

If I were you, I would perhaps ease up on the activities because yet again, the data that Backtrace has offered up seems to be correct. Oh, and way to go having your page carry the anon aphorism.. Do you want to be caught?

PS.. Re-using that nick has now gotten it to the point that your IP address can be found here 174-49-41-193.hsd1.tn.comcast.net

Sure, its perhaps a dhcp address, but now its easy enough to link your name to an account at Comcast in Tennessee huh?

Anyway….

To LOIC or Not To LOIC… I still say not.

More interesting times ahead.

K.

Written by Krypt3ia

2011/04/07 at 15:49

Anonymous vs. Anonymous: Enough Hubris To Go Around

leave a comment »

The nameless revolution that calls itself Anonymous may be about to have its own, online civil war.

A hacker startup calling itself Backtrace Security–made up of individuals who formerly counted themselves as part of Anonymous’ loose digital collective–announced plans Friday to publish identifying information on a handful of active members of Anonymous. According to one source within the Backtrace group, it will release the names and instant messaging logs of dozens of Anonymous hackers who took part in attacks onPayPal, Mastercard, the security firm HBGaryWestboro Baptist Church, and the Marine officials responsible for the detainment of WikiLeaks source Bradley Manning.

That spokesman, who goes by the name Hubris and calls himself BackTrace’s “director of psychological operations,” tells me that the group (Backtrace calls itself a company, but Hubris says it’s still in the process of incorporating) aims to put an end to Anonymous “in its current form.” That form, Hubris argues, is a betrayal of its roots: Fun-loving, often destructive nihilism, not the political hacktivism Anonymous has focused on for much of the past year. “[Anonymous] has truly become moralfags,” says Hubris, using the term for hackers who focus on political and moral causes instead of amoral pranks. “Anonymous has never been about revolutions. It’s not about the betterment of mankind. It’s the Internet hate machine, or that’s what it’s supposed to be.”

The rest is HERE

“Cyberdouchery” it’s a term coined within the last year as far as I know for snake oil or hype mongers within the Infosec community. I have to say that this alleged group of ex-anon’s kinda fits the term for me. Whether it’s the reason that they state of being tired of Anonymous’ being moral fags, or the idea that they just want to get back to their troll roots, I pretty much just think its a publicity stunt. Of course, the darker side of me could see the way to believing that this is just some sort of psyop by person/persons unknown to get a reaction out of Anonymous.

I have written in the past about the herd mentality as well as convergence theory where it regards Anonymous. In each of those scenarios though, there is the idea that there are leaders. No matter the number of times Anonymous may say they are leaderless, I say that this is just impossible from the point both of these theories take. Even if someone is a leader for a day or minute, there is a leader, and there are followers, either anointed by the pack or by themselves. There are also the minions that do the work, such as the mods and the managers of the servers and systems. Those too could be seen as leaders within the infrastructure too. Now it seems though, that this new group is going to attempt to name leaders by use of social engineering and data collection.

… And that is what Aaron Barr wanted to do.. Well sorta… Then he shot himself in the foot with his own machine gun of hubris.

All in all though, this looks to be on the face of it, just an attempt at #LULZ by these folks at Backtrace. The use of the crystal palace image alone screams nearly the same shrill tune as using too many numbers in one’s nickname in leet terms. If you look closely though, you will see that they also claim to offer services such as “Cyber Espionage” *blink* Not counter intelligence nor counter cyber espionage, but cyber espionage. Just as they also offer cyber warfare and a host of other hot terms with cyber in them. That just reeks of the cyberdouchery I spoke of at the top of the post. So, in reality I don’t take this all too seriously.

I guess we will just have to wait and see what develops with this insurance file and the alleged outing that will happen…

There will be #lulz

K.

OH NOES! THE MACIP’s WEREN’T PROTECTED! I Told You, Th3j35t3r Told You, But Did You Listen? Noooo.

with one comment


The FBI has joined in the hunt for those who participated in the retaliation attacks against companies that cut off services to Wikileaks, executing more than 40 search warrants across the United States on Thursday, the bureau announced.

In what seem to be timed raids, British police arrested five men Thursday morning who allegedly participated in the Anonymous group’s denial of service attacks on Visa, Mastercard, Paypal and Amazon in mid-December. Anonymous was seeking to bring attention to — and punish — the financial-service companies’ decisions to prohibit donations to Wikileaks. Amazon was targeted after it kicked Wikileaks off its web-hosting service.

OH NOES! THE MACIP’s WEREN’T PROTECTED!

Right now, there are at least several thousand kids in underoo’s frantically shredding documents and trying to wipe hard drives because the Feds have finally put the hammer down on Anonymous’ little DDoS attacks on anyone and everyone they feel needs the attention. They thought they were immune, they were naïve…

“With Great Hubris, comes great repercussions” one might say.. Well, hell I just did huh?

The LOIC as I reported before (link to previous post) was and is a flawed tool. Its coding was such that it did nothing to even to attempt to hide the IP addresses of the users who were connecting to IRC and performing the DDoS. Now, partially I think there was a good bit of ineptitude in the programming, but, I would also say there was a greater bit of stupidity on the part of everyone involved in the blowback that they are seeing come to fruition with these search warrants being carried out.

The stupid, as I like to say as an noun, for it has its own power and life today, was immense and dense within the LOIC user base as well as the C&C of Anonymous for allowing it to be used by unsuspecting “skiddies” The Anonymous leaders, will not be fessing up so soon I think and making acts of contrition for those who are being popped for using LOIC and downing sites. For this, they are doubly damned in my book because they ostensibly know better and willfully let the kids out there take the fall for their desire of troops on the digital front line.

And… As tacticians, either you are geniuses or, you are just a bunch of #FAIL. I am not sure which it is really.

So, now the Feds have served 40 warrants. Do you think that your advice that I wrote about before of saying that the machines were infected with LOIC is going to play? Or do you maybe think that the gubment is just that dumb and will say “ok” and walk away? Or, do you see those skiddies all going to court, bankrupting their families, destroying their futures, and generally losing any hope of a normal life as just payment for playing the game?

I guess what I am getting at is this; Was this a calculated risk or were you all just dumbasses?

Now, let me posit another little tactical glitch in your plans.. What if, some of the 40 warrants were on people who actually know who you are? Or know someone who knows who you really are? I mean, you are all about being anonymous, but, you seem to have failed on that account lately a bit. So, do you think that these kids, parents sitting next to them in the “box” are not going to quickly roll on you or someone they know who knows you?

Lets put it this way.. You are thinking “shit, they don’t know me, they only know my MACIP or my Hotmail address!” *blink* So you think that you have been so super slick that you haven’t screwed up somewhere and tied your real identity to such things? Yeah, trust me, you fucked up and the Feds are going to find that chink in the armor. Its only a matter of time before I expect to see more headlines that read “Anonymous leaders arrested”

… And when that day comes, I am gonna chuckle and cluck my tongue at you all….

“The FBI also is reminding the public that facilitating or conducting a DDoS attack is illegal, punishable by up to 10 years in prison, as well as exposing participants to significant civil liability,” the FBI said in a press release. The FBI did not announce any arrests in conjunction with the searches.

See that cutline above? Yeah, that one saying that the FBI reminds everyone that it’s a crime to DDoS? Yeah, they kinda mean it. So, just how long will it be til  the 40 are arrested and arraigned? I dunno, but I can assure you, the PC’s have all been red flagged for the DOJ Cybercrimes lab and are likely already DD’d and being picked through as I write this. Oh yeah, you guys are fucked, fucked with a capital F. I also suspect that there will be more warrants being served on some more skiddies as February rolls by, so keep your eyes on the news kids. You may be seeing them knocking at your door on TV like a bad Geraldo Rivera show, LIVE!

Meh, it all matters not to you now. You all feel self delusionally empowered that you are making a difference with the LOIC…

Say, did you drop that whole other product that Jokey sabotaged your source on? I would if I were you, but wait, you aren’t that bright.. I mean, you couldn’t even protect your source from Jokey… Oh and BTW Jokey, WELL PLAYED! Props to you there even with our differences.

Where was I? … Oh yeah, the delusions of grandeur thing. You know that you are not solely the reasons for the things happening in Egypt and Tunisia right? Sure, there is an element I think on this idea that is true, but, you are not the “reason” for the revolts going on. Nope, they have been a long time in coming and frankly, one begets another. Egyptians looked at Tunisia in the news cycle and thought “FUCK! I am tired of the shit here, lets go protest!” and they have.

Let me tell you the secret kiddies, it’s not Twitter here, its BBC, Al-Jazeera, and other news sources on the radio that has incited these revolutions. Not you… Sorry. You see, that has been the history of the whole thing all along. Why do you think that revolutionaries take over the radio and TV stations first huh? They take command of the media to let the word out and stop the other guy’s propaganda to put their own out.

Wipe that spittle from the corner of your mouth and get your head off the school desk son! PAY ATTENTION!

I guess history escapes the new digital facey-space TMZ, Youtube generation… Anyway, back to the point. You are not playing the game well Anonymous. You are burning your troops and in the end, you will all get to see each other in court soon enough. You, like Assange, have become all too full of yourselves to realize that you are screwing the pooch and you are too blind to see it.

Next time you want a revolution.. Plan the security better.. AND for God’s sake read a little Sun Tzu!

EDIT It seems that my Alma Mater is now involved with the LOIC MACIP’S One of the morons at Uconn got popped as one of the 40 raids!

Derp Derp DURRR http://tinyurl.com/4p8bjkp

Krypt0s

Written by Krypt3ia

2011/01/29 at 11:24