Archive for the ‘What the???’ Category
THE IRANIANS ARE KNOCKING! THE IRANIANS ARE KNOCKING!
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
There are known knowns; there are things we know we know.
We also know there are known unknowns; that is to say, we know there are some things we do not know.
But there are also unknown unknowns – the ones we don’t know we don’t know.
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
“Mankdrake, come over here, the Redcoats are coming!”
THE IRANIANS ARE DDOS’ing OUR BANKS! UNCLE FRED CAN’T SEE HIS BANK ACCOUNTS OH THE HUMANITY!
The hue and cry over the DDoS that has been taking place since the summer on certain banks has been increasing over the last week and of course the secret squirrels and the hangers on who want to sell their wares and stories have been rife on the mainstream media. Of course the likes of Droopy Dawg (former Senator Lieberman) have also been making the rounds at podiums near you droning their dire warnings that Iran is double secretly “out to get us with cyber attacks”
Several of my contemporaries have posted articles this week pointing out that emperors all, have have no clothes on and yet, only within this small verse known as the INFOSEC community am I seeing this fact being leveled at all. It’s sad really that we the community in the know should be so marginalized by the media because we do not take the party line. Thusly the truth of the matter never reaches the unwashed masses and they live on in mortal fear and loathing over the great Muslim Shaitan that is Iran.
For us in the know though, we can only continue to say “No, that’s not what’s happening” to those who will listen or yell it out as I am here once again on my screed… Uhh.. I mean blog. Sad but true as well as for me at least cathartic to at least yell in ALL CAPS for a while. I feel better usually after a good screed here…
But I digress…
“What difference does it make if it’s true? If it’s a story and it breaks, they’re gonna run with it.”
Truth is something that media outlets and the government tell you they are giving you but really are they? In the case of the DDoS attacks on the banks there is no solid evidence as to any kind of attribution of who is doing it. This however has not stopped “government sources” and certain secret squirrels within the INFOSEC community *cough VENDORS cough* who are more than willing to tell you that it’s GOTTA be Iran. Why? well… Because.. IRAN DAMMIT! That’s about the sum of it right there. It is so because they say it is, we don’t need no stinkin proof or anything do we?
Now, had any of these people made the caveat that there is no real proof of this but my gut say’s it’s Iran that’d be ok but then again really? Really? That’s going to be an answer? If there is no proof then you say that there isn’t any and that you CANNOT say who did it. It’s simple really but instead we get the Iran angle because that is the party line for the saber rattling du jour right? Who am I kidding though right? After all according to Karl “Turdblossom” Rove back in the Bush administration “we make the reality” right? So the reality is, since it’s on the news and the secret squirrels have told us on background, that Iran is HACKING OUR BANKS!
*chuckle*
Hacking.. Ugh, that’s another issue altogether. The nomenclature is completely ignored by the media and the masses just eat it up because it has the word “hack” in it and that is god damned scary! Never mind that the DDoS really isn’t that harmful to anyone. Honestly, DDoS of the banks does not mean that they are down for the count. Sure they will lose some revenues while the sites are down but this is no nuclear strike or massive hack on the banking system that siphons trillions of dollars to Swiss accounts ala Dr. No. It’s all really much ado about nothing yet it is being flogged for the masses in one assumes is a preparatory campaign against Iran and nothing more.
“Can’t have a war without an enemy…You could have one, but it would be a very dull war…”
So yeah Iran is a repressive authoritarian theocratic government that treats its people poorly and seeks to engender itself as powerful to the global scene. They do have some technological know how and they are fixin on getting them some revenge but is a DDoS really going to be their raison d’etre? Think about it isn’t it laughable as a serious attack? Sure Anonymous does it but that isn’t all they have been doing right? THEY have actually been HACKING!
Good lord! I mean c’mon people! If you are gonna frame up Iran for some cyber shit at least do it with some serious hacks against corporations or infrastructure!! Oh, wait, I know, if they were to really do that then there’d be some real reasons for action right? Then perhaps the people might ask if what they are being sold is the truth or not right? Ahh that must be it right there huh? Just some DDoS, pay no attention, it’s not the end of the world.. Oh and IRAN IRAN IRAN CYBER CYBER CYBER!
*subliminal fear images flash across the screen as Anderson Cooper looks sternly into the camera*
Derp derp derp… So yeah, the government needs an enemy and attribution is soooo hard! It’s Iran.. No doubt about it. No, really, it’s a really complex attack! I mean no ordinary group of hackers or security folks could do this kind of thing! Well, except for those guys who have bitcoins and go to the darknet and rent some botnets.. Wait.. SHHHH… It’s IRAN! It HAS TO BE IRAN! IT’S A NATION STATE DDoS!
*takes drag on cig and looks through wayfarers*
You people make my ass twitch…
No no no no no, fuck freedom.
So once again we are left with the media not taking the full measure of things and that even includes NPR which had a report this week that nearly gave me an aneurysm. Brian Krebs told me yesterday in fact that he declined an interview/comment on this because they were not really willing to hear the truth about this. By the way Brian KUDOS to you man. YOU are my new hero! I presume that others who lack a certain moral ethical compass will be blathering every chance they get and those people should be publicly taken to task for their perpetuation of this farce.
Of course others like Jeff Carr have been a voice of sanity on NPR and elsewhere in the past but you know what? Jeff’s logic and truth doesn’t make for bleeding headlines that will draw clicks for ad revenue will it? Marginalize those who tell the truth that is too dull to sell ad space is the way of it today. So on it goes, the media drumbeat will continue saying that Iran is at the heart of every little cyber hiccup that we have from now on. Iran is in good company with China now. Hey, at least China isn’t alone! Now China can just glibly point at Iran and Mahmoud saying “It was them!” and surely many in the government and the media will say AH HA!
My friends we are doomed. The truth no longer matters and I suppose it hasn’t for some time. I am a dinosaur I suppose to believe that there are truths out there that should be told. Could Iran be behind the attacks by using proxy orgs? Sure. Do we have definitive proof? No. That’s all that needs to be said. That is of course not what we are getting from the government and media today though.
Hmm how long til Glenn Beck or O’Rielly are “Cyber Experts” I wonder….
K.
STUXNET-APOCALYPSE! Say’s the Israeli Who Doesn’t Have Nuclear Silo’s and Bombs….
From Infosec Island
Tomer Teller, a security evangelist for Check Point, warned of the likelihood that the Stuxnet virus could be adapted to undermine systems that control nuclear missile arsenals.
Teller made the prediction at a conference in Sydney, Australia last week hosted by Check Point.
“Nuclear warheads are controlled by computers so if someone managed to slip a worm inside a facility that will reach the warhead component, they could launch it and than aim it back at the country’s facility… Stuxnet is the first cyber weapon that could cause major disruption” Teller explained.
Teller indicated he has conducted a detailed analysis of the Stuxnet code, and given the size and complexity of the file, Teller believes it is likely that a successful attack would require utilization of an insider.
“This is a huge file, it’s 1 megabyte [MB] of code and I respect the skill required to engineer that code as it is very complex,” Teller said.
The most likely avenue of for the attack, Teller postulated, would be through the use of a tainted USB drive.
“In order to get something trusted by Microsoft, you need to get those exploits signed… What we think happened is that an insider broke into JMicron, a chip manufacturing company based in Taiwan, as there is a computer at that office which is dedicated to signing these Microsoft drivers,” Teller said.
My first reaction to this posting online came when I saw it on Greg Evans website where he had scraped the story from another source (never mind why I was there) Since then, this story ended up on the headlines section of Infosec Island and once again my reaction is HOLY WTF? How does this get into the news cycle at all without people calling it into question rather vociferously?
So I decided to talk to a source of mine who is in the know about most things nuclear. I asked him if indeed the supposition I had that Stuxnet would be pretty much useless in a Silo because of the way the systems were designed to be ultra redundant as well as segregated within that redundancy. What I got back was the following:
OK, at a high-level:
– The ~concept~ of a StuxNet and Nuclear Silos really only applies to operational readiness. With the exception of Pakistan no ~known~ nuclear player doesn’t already implement a variant of the PAL and CMS systems in their launch controls.
– The levels of redundancy involved for both the ability to launch, preventing launch, arming, and self-destruction at exist in nuclear silos is quite possible the most perfectly decision/failure tree designed/redesigned systems known to man. This wasn’t due to a one-time effort, its been decades in the making.
– The availability of the hardware, software, network access, peripherals access, etc. is SOOOO ridiculously limited that ~development~ of such a tool would be purely speculative. This isn’t SIPREnet or CRONOS or NAUTILUS we’re talking about here. The levels of control and network isolation, and again redundancy, within these installations at major players is appropriately absurd.
– In terms of ancillary systems and operational readiness there are two ways to look at it. Could something cause a scare a a general shutdown due to FUD? Yes. Could something be used for ~press~ purposes to indicate a lack of operational readiness. Yes. The reality is that those who would be deterred in a MAD scenario know better.
– We’re talking submarines too, a WHOLE different level of player and communication and control systems. The likes of which are even further unknown and more specific.
– W/ submarines there is a different sort of risk because some major players (namely the UK) don’t have the same level of controls on subs so a rogue commander w/ a key could start a launch. If talking StuxNet like situations, you’re not reducing their readiness so easily. It is know in these cases from various leaks that the control pathways are also isolated by design and ~MECHANICAL~ to what might even be considering a fault.
– If you’re a Nation-State that has been tutored in the ‘art’ by the US or USSR you’re also likely to have bizarre levels of controls like fan speed detectors, temperature detection, computational state metrics, etc. to show the slightest change in behavior. Some of this was designed around the idea of more traditional things like a Y2K bug maybe affecting ~some~ system. This that are, to any person who designs hardware, known to be fairly absurd and unnecessary but indeed they would trigger an alarm to ~look~ at something.
– All that said.. could a StuxNet like system affect the ~production~ and ~development~ of a nuclear weapon? Yes and no. Yes as in it certainly could screw up enrichment (obviously) but wouldn’t screw up the end-result (hence why StuxNet was found in the first place).
So, once again, I call shenanigans on Tomer and this little story. At worst, if there were a Stux variant that were worked out AND carried into a silo it would cause (maybe) a failure to launch, it is much more likely that Stuxnet and variants would instead be more used (as it was in Iran) to manipulate the production of fissile material so as to have a weapon that would not actually work once launched in the payload vehicle. This story though, and the way it has been put out there by Tomer Teller, makes it sound as though imminent failure could happen to nuclear bombs and this is just not right.
Even more ludicrous is the idea that a Stux variant could infect a system and cause the payload to come back from where it was launched, in effect changing the target coordinates. THIS would be more along the lines of just some malware, not Stuxnet that would infect specific systems in guidance on board the payload vehicle, and that is a totally different animal from Stuxnet. Indeed, this would be a completely different effort altogether and would require something else completely.
You see, the point of stuxnet was that it was manipulating PLC code to specific PLC’s Tomer, what you are talking about would be something completely different.
Go back to firewall evangelizing and leave the nuclear weapons alone.
K.
The END IS NIGH! What? We’re still here? Oh, well, I must have been misled by Satan!
Heironymous Bosch: Garden of Earthly Delight Triptych (rght)
Once, long ago, we all as a species were about three hairs away from being classified as Baboons. It was around that time, that someone got the bright idea to write a bunch of stories in a big book about the sky dad and his rules on how he demanded we live all our lives. Approximately two thousand years later, there are unfortunately some of these Baboons still lurking about who daily screech about the sky dad and his unhappiness with us all.
On Saturday, according to one of the more vocal baboons. we are all about to enter a world of pain because the sky dad has seen fit to tell this ‘civil engineer’ that end is in indeed nigh. Of course, this particular baboon has made this claim before and wouldn’t you know it, he was wrong. So why is it that this guy is back in 2011 with a radio ministry that is worth over 100 million dollars?
I will tell you a secret… There are many fucking morons amongst us.
*gasp*
Yes, yes it is true. We have reached a point in our existence that we can tame (almost) the atom and we can walk in space, but we just can’t seem to get rid of all these backward thinking barely upright walking throwbacks who still think that an Atlatl is a pretty nifty weapon. They just don’t seem to be able to get past the idea that there is no sky dad and that things like the ‘rapture’ are all parts of an imaginary tale in a big book created by hegemonic men some time after an alleged profit’s life.
So, you might look at the graphs above and think;
“Boy, this guy’s got it in for religion!”
And, you’d be mostly right. I personally think that religion, is in fact the opiate for the masses. An easy way for people to absolve themselves of the bad things that they have done with their lives (confession and absolution) while not really coming to grips with what they may have done and why. Religion also seems to be just a general crutch for those unable to grasp the idea that there is no destiny and perhaps there is nothing after life. Instead, they cling desperately to the idea that the sky dad has a great condo on a cloud for them all and their very own neighbor is ‘The Jeez’ himself.
Right…
Meanwhile, the charlatans like Mr Camping crow like the cock at first light that they have the inside knowledge on it all and can help YOU go to that heavenly condo with the Jeez…
For just a small donation YOU TOO can be saved!
Seems to me that the only difference between noodnicks like Camping and someone like L. Ron Hubbard is that Hubbard at least had some creativity. Camping’s only creative streak is the use of AM radio to bilk people of their money before the end comes. Hubbard on the other hand came up with the ‘I own you forever’ contract that every Scientology freak signs up for.. For a hefty fee that is. Nope, the two of these guys only vary in their particular brands of crazy that they pimp out. Camping went ‘old school’ (aka old testament) and Hub, well Hub went all out schizoid with aliens who inhabit our bodies (Thetans) that we must rid ourselves of by holding some useless electric cans in our hands!
Now that’s creative.
Nope, instead Camping and company have chosen the tried and true carnival revival tent approach. Even to the point of buying a set of RV’s and travelling the country preaching the word of apocalypse in the months before the end. An end mind you, pulled out of his ass once again (remember the 1994 thing) for May 21st 2011.
COME ON FOLKS! Tithe it all to us and SALVATION CAN BE YOURS!
Just how did he come up with this date? Well, he magically came up with it.. Cuz, ya know he admits to not studying the scriptures extensively. Yeah, you heard that right. Admittedly he just sorta ‘knows’ in his gut that the time is nigh.
Fucknut.
What’s worse? He has followers and that 100 million that they have given him over the years. So, I guess the question becomes; “Who is worse? The fool who is fleecing the flock? Or the flock of sheeple being fleeced?” In my opinion, I do surely hope the rapture comes and takes them all. Then at least we would be without all of these intolerant and ignorant fools and perhaps we could actually progress as a civilization.
So, on Monday if you answer that phone Camping, and you know we will be all calling you to rag on you, you better have one hell of a great story to sell to all your sheeple.
Oh who am I kidding.. You will just pull another date out of your ass and say it’s the sky dad’s mysterious ways blah blah blah while passing the hat for donations.
Collectively we are doomed until we get past this intolerant and superstitious claptrap.
K.
Inside The LOIC: Anonymous Is Still Using It?
A source has sent in some information on the DoS attacks ongoing at Sony and I have to say I was surprised that the anon’s are still using the LOIC. Unless that is, there have been upgrades made? Does the LOIC now in fact obfuscate IP addresses? Meh, dropping Sony for their douchery is negligible in my book but, there is some interesting information in the data sent.
Such as a server called: staff.anonops.ru vlad.anonops.ru Really? Staff? For a headless org, you have a staff server per its naming convention?
//DATA
”LOIC utilizes the following commands for AnonOps and this is how I did it:”
sh# telnet loic.anonops.ru 6667 <– Open connectionTrying 92.241.162.211…
Connected to loic.anonops.ru.
Escape character is ‘^]’.
:vlad.anonops.ru NOTICE AUTH :*** Looking up your hostname…
:vlad.anonops.ru NOTICE AUTH :*** Found your hostname
NICK LOIC_JDOFOO <– Send Nickname Command
PING :BFCA576C <– Server sends a ping
PONG :BFCA576C <– Respond with exact sequence or it logs you off
USER IRCLOIC bleep blah :IRC NewFag Bitches <– Send usercommand with password, blah, and User Info
:vlad.anonops.ru 001 LOIC_JDOFOO :Welcome to the AnonOps IRC Network LOIC_JDOFOO!IRCLOIC@whiterabbitobject
:vlad.anonops.ru 002 LOIC_JDOFOO :Your host is vlad.anonops.ru, running version Unreal3.2.8.1
:vlad.anonops.ru 003 LOIC_JDOFOO :This server was created Tue Jan 18 2011 at 19:28:18 UTC
:vlad.anonops.ru 004 LOIC_JDOFOO vlad.anonops.ru Unreal3.2.8.1 iowghraAsORTVSxNCWqBzvdHtGp lvhopsmntikrRcaqOALQbSeIKVfMCuzNTGj
:vlad.anonops.ru 005 LOIC_JDOFOO UHNAMES NAMESX SAFELIST HCN MAXCHANNELS=51 CHANLIMIT=#:51 MAXLIST=b:60,e:60,I:60 NICKLEN=30 CHANNELLEN=32 TOPICLEN=307 KICKLEN=307 AWAYLEN=307 MAXTARGETS=20 :are supported by this server
:vlad.anonops.ru 005 LOIC_JDOFOO WALLCHOPS WATCH=128 WATCHOPTS=A SILENCE=15 MODES=12 CHANTYPES=# PREFIX=(qaohv)~&@%+ CHANMODES=beI,kfL,lj,psmntirRcOAQKVCuzNSMTG NETWORK=AnonOps CASEMAPPING=ascii EXTBAN=~,cqnr ELIST=MNUCT STATUSMSG=~&@%+ :are supported by this server
:vlad.anonops.ru 005 LOIC_JDOFOO EXCEPTS INVEX CMDS=KNOCK,MAP,DCCALLOW,USERIP :are supported by this server
:vlad.anonops.ru 481 LOIC_JDOFOO :Permission Denied- You do not have the correct IRC operator privileges
:vlad.anonops.ru 375 LOIC_JDOFOO :- vlad.anonops.ru Message of the Day –
:vlad.anonops.ru 372 LOIC_JDOFOO :- 18/1/2011 19:28
:vlad.anonops.ru 372 LOIC_JDOFOO :- 🙂
:vlad.anonops.ru 376 LOIC_JDOFOO :End of /MOTD command.
:LOIC_JDOFOO MODE LOIC_JDOFOO :+iwx
:Global!Service@AnonOps.net NOTICE LOIC_JDOFOO :[Logon News – Feb 16 2011] Please do not silence the media, it does no good and prevents free speech. Thank you.
:Global!Service@AnonOps.net NOTICE LOIC_JDOFOO :[Logon News – Mar 30 2011] Network help: #help | Nick registration: /msg nickserv register [password] [email] | Channel registration: /msg chanserv register [#channel] [password] [description] | Other help: /msg helpserv help
:Global!Service@AnonOps.net NOTICE LOIC_JDOFOO :[Random News – Mar 03 2011] this just in: iowa’s cock is the size of a horses. /breakingnews
JOIN #loic <– Make it join the channel (if you dont do appropriate sequences, channel will be invite only):LOIC_JDOFOO!IRCLOIC@whiterabbitobject JOIN :#loic
:vlad.anonops.ru 332 LOIC_JDOFOO #loic :!lazor default targethost=store.playstation.com port=80 message=Payback_is_a_frak,_isn’t_it? method=tcp speed=4 threads=20 wait=false random=true checked=false start
:vlad.anonops.ru 333 LOIC_JDOFOO #loic tflow 1302037670
:vlad.anonops.ru 353 LOIC_JDOFOO @ #loic :LOIC_JDOFOO &Wolfy @Sean &LOIC_UIRXWT &tflow
:vlad.anonops.ru 366 LOIC_JDOFOO #loic :End of /NAMES list.
WHO #loic <– List channel users:
:vlad.anonops.ru 352 LOIC_JDOFOO #loic IRCLOIC An-E075F605 vlad.anonops.ru LOIC_JDOFOO H :0 IRC NewFag Bitches
:vlad.anonops.ru 352 LOIC_JDOFOO #loic Howling the.moon.tonight tiny.anonops.in Wolfy Hr& :2 Wolfy Ragnarok
:vlad.anonops.ru 352 LOIC_JDOFOO #loic IRCLOIC an-E23BCDH1.anonops.net hidden LOIC_UIRXWT H& :0 Newfag’s remote loic
:vlad.anonops.ru 352 LOIC_JDOFOO #loic tflow staff.anonops.ru vlad.anonops.ru tflow Hr*& :0 Sejus Christ
:vlad.anonops.ru 315 LOIC_JDOFOO #loic :End of /WHO list.
:vlad.anonops.ru 352 LOIC_WMGVIJ #loic owen loves.isis tranquility.anonops.net owen Hr@ :1 owen
:vlad.anonops.ru 352 LOIC_WMGVIJ #loic ni staff.anonops.ru vlad.anonops.ru Ryan Hr*@ :0 ni
:vlad.anonops.ru 352 LOIC_WMGVIJ #loic evilworks evil.machine doom.anonops.ru wowelrisk Hr& :2 Jesus H. Christ
:vlad.anonops.ru 352 LOIC_WMGVIJ #loic MM an-544B51BC.bb.sky.com belldandy.anonops.ru MM Gr*@ :2 …
:vlad.anonops.ru 352 LOIC_WMGVIJ #loic tflow staff.anonops.ru vlad.anonops.ru tflow Gr*& :0 Sejus Christ
:vlad.anonops.ru 352 LOIC_WMGVIJ #loic IRCLOIC an-E23BCDH1.anonops.net hidden LOIC_UIRXWT H& :0 Newfag’s remote loic
:vlad.anonops.ru 315 LOIC_WMGVIJ #loic :End of /WHO list.
//END
Now, if I were looking to make life painful for Anonymous, I might go blackhat against a server like the afore mentioned staff server. There might be some tasty information there… Just an OPSEC observation there kids… But that’s just me.. Others might actually do it, ya know, like those companies and agencies out there you are pissing off?
On the other hand, what if one were to re-engineer the LOIC to reverse the exploit so to speak and actually inhibit the servers? After all, the genesis of the LOIC and some of the code here seems to come from an early IRC DoS exploit based on obstruct.c right? The mind wanders at the potential of re-engineering that could be made… And, as I remember it, a certain j35t3r already got his hands on the code before and backdoor’d it.. Well as the story goes. So, how long till someone comes along who wants to go against the flow and messes with the LOIC?
Kids, I think its time you found another product…
Meanwhile, Wolfy, dude, your data is hanging out all over the place. Quite the Xbox freak aren’t you?
If I were you, I would perhaps ease up on the activities because yet again, the data that Backtrace has offered up seems to be correct. Oh, and way to go having your page carry the anon aphorism.. Do you want to be caught?
PS.. Re-using that nick has now gotten it to the point that your IP address can be found here 174-49-41-193.hsd1.tn.comcast.net
Sure, its perhaps a dhcp address, but now its easy enough to link your name to an account at Comcast in Tennessee huh?
Anyway….
To LOIC or Not To LOIC… I still say not.
More interesting times ahead.
K.
Anonymous vs. Anonymous: Enough Hubris To Go Around
The nameless revolution that calls itself Anonymous may be about to have its own, online civil war.
A hacker startup calling itself Backtrace Security–made up of individuals who formerly counted themselves as part of Anonymous’ loose digital collective–announced plans Friday to publish identifying information on a handful of active members of Anonymous. According to one source within the Backtrace group, it will release the names and instant messaging logs of dozens of Anonymous hackers who took part in attacks onPayPal, Mastercard, the security firm HBGary, Westboro Baptist Church, and the Marine officials responsible for the detainment of WikiLeaks source Bradley Manning.
That spokesman, who goes by the name Hubris and calls himself BackTrace’s “director of psychological operations,” tells me that the group (Backtrace calls itself a company, but Hubris says it’s still in the process of incorporating) aims to put an end to Anonymous “in its current form.” That form, Hubris argues, is a betrayal of its roots: Fun-loving, often destructive nihilism, not the political hacktivism Anonymous has focused on for much of the past year. “[Anonymous] has truly become moralfags,” says Hubris, using the term for hackers who focus on political and moral causes instead of amoral pranks. “Anonymous has never been about revolutions. It’s not about the betterment of mankind. It’s the Internet hate machine, or that’s what it’s supposed to be.”
The rest is HERE
“Cyberdouchery” it’s a term coined within the last year as far as I know for snake oil or hype mongers within the Infosec community. I have to say that this alleged group of ex-anon’s kinda fits the term for me. Whether it’s the reason that they state of being tired of Anonymous’ being moral fags, or the idea that they just want to get back to their troll roots, I pretty much just think its a publicity stunt. Of course, the darker side of me could see the way to believing that this is just some sort of psyop by person/persons unknown to get a reaction out of Anonymous.
I have written in the past about the herd mentality as well as convergence theory where it regards Anonymous. In each of those scenarios though, there is the idea that there are leaders. No matter the number of times Anonymous may say they are leaderless, I say that this is just impossible from the point both of these theories take. Even if someone is a leader for a day or minute, there is a leader, and there are followers, either anointed by the pack or by themselves. There are also the minions that do the work, such as the mods and the managers of the servers and systems. Those too could be seen as leaders within the infrastructure too. Now it seems though, that this new group is going to attempt to name leaders by use of social engineering and data collection.
… And that is what Aaron Barr wanted to do.. Well sorta… Then he shot himself in the foot with his own machine gun of hubris.
All in all though, this looks to be on the face of it, just an attempt at #LULZ by these folks at Backtrace. The use of the crystal palace image alone screams nearly the same shrill tune as using too many numbers in one’s nickname in leet terms. If you look closely though, you will see that they also claim to offer services such as “Cyber Espionage” *blink* Not counter intelligence nor counter cyber espionage, but cyber espionage. Just as they also offer cyber warfare and a host of other hot terms with cyber in them. That just reeks of the cyberdouchery I spoke of at the top of the post. So, in reality I don’t take this all too seriously.
I guess we will just have to wait and see what develops with this insurance file and the alleged outing that will happen…
There will be #lulz
K.
OH NOES! THE MACIP’s WEREN’T PROTECTED! I Told You, Th3j35t3r Told You, But Did You Listen? Noooo.
The FBI has joined in the hunt for those who participated in the retaliation attacks against companies that cut off services to Wikileaks, executing more than 40 search warrants across the United States on Thursday, the bureau announced.
In what seem to be timed raids, British police arrested five men Thursday morning who allegedly participated in the Anonymous group’s denial of service attacks on Visa, Mastercard, Paypal and Amazon in mid-December. Anonymous was seeking to bring attention to — and punish — the financial-service companies’ decisions to prohibit donations to Wikileaks. Amazon was targeted after it kicked Wikileaks off its web-hosting service.
OH NOES! THE MACIP’s WEREN’T PROTECTED!
Right now, there are at least several thousand kids in underoo’s frantically shredding documents and trying to wipe hard drives because the Feds have finally put the hammer down on Anonymous’ little DDoS attacks on anyone and everyone they feel needs the attention. They thought they were immune, they were naïve…
“With Great Hubris, comes great repercussions” one might say.. Well, hell I just did huh?
The LOIC as I reported before (link to previous post) was and is a flawed tool. Its coding was such that it did nothing to even to attempt to hide the IP addresses of the users who were connecting to IRC and performing the DDoS. Now, partially I think there was a good bit of ineptitude in the programming, but, I would also say there was a greater bit of stupidity on the part of everyone involved in the blowback that they are seeing come to fruition with these search warrants being carried out.
The stupid, as I like to say as an noun, for it has its own power and life today, was immense and dense within the LOIC user base as well as the C&C of Anonymous for allowing it to be used by unsuspecting “skiddies” The Anonymous leaders, will not be fessing up so soon I think and making acts of contrition for those who are being popped for using LOIC and downing sites. For this, they are doubly damned in my book because they ostensibly know better and willfully let the kids out there take the fall for their desire of troops on the digital front line.
And… As tacticians, either you are geniuses or, you are just a bunch of #FAIL. I am not sure which it is really.
So, now the Feds have served 40 warrants. Do you think that your advice that I wrote about before of saying that the machines were infected with LOIC is going to play? Or do you maybe think that the gubment is just that dumb and will say “ok” and walk away? Or, do you see those skiddies all going to court, bankrupting their families, destroying their futures, and generally losing any hope of a normal life as just payment for playing the game?
I guess what I am getting at is this; Was this a calculated risk or were you all just dumbasses?
Now, let me posit another little tactical glitch in your plans.. What if, some of the 40 warrants were on people who actually know who you are? Or know someone who knows who you really are? I mean, you are all about being anonymous, but, you seem to have failed on that account lately a bit. So, do you think that these kids, parents sitting next to them in the “box” are not going to quickly roll on you or someone they know who knows you?
Lets put it this way.. You are thinking “shit, they don’t know me, they only know my MACIP or my Hotmail address!” *blink* So you think that you have been so super slick that you haven’t screwed up somewhere and tied your real identity to such things? Yeah, trust me, you fucked up and the Feds are going to find that chink in the armor. Its only a matter of time before I expect to see more headlines that read “Anonymous leaders arrested”
… And when that day comes, I am gonna chuckle and cluck my tongue at you all….
“The FBI also is reminding the public that facilitating or conducting a DDoS attack is illegal, punishable by up to 10 years in prison, as well as exposing participants to significant civil liability,” the FBI said in a press release. The FBI did not announce any arrests in conjunction with the searches.
See that cutline above? Yeah, that one saying that the FBI reminds everyone that it’s a crime to DDoS? Yeah, they kinda mean it. So, just how long will it be til the 40 are arrested and arraigned? I dunno, but I can assure you, the PC’s have all been red flagged for the DOJ Cybercrimes lab and are likely already DD’d and being picked through as I write this. Oh yeah, you guys are fucked, fucked with a capital F. I also suspect that there will be more warrants being served on some more skiddies as February rolls by, so keep your eyes on the news kids. You may be seeing them knocking at your door on TV like a bad Geraldo Rivera show, LIVE!
Meh, it all matters not to you now. You all feel self delusionally empowered that you are making a difference with the LOIC…
Say, did you drop that whole other product that Jokey sabotaged your source on? I would if I were you, but wait, you aren’t that bright.. I mean, you couldn’t even protect your source from Jokey… Oh and BTW Jokey, WELL PLAYED! Props to you there even with our differences.
Where was I? … Oh yeah, the delusions of grandeur thing. You know that you are not solely the reasons for the things happening in Egypt and Tunisia right? Sure, there is an element I think on this idea that is true, but, you are not the “reason” for the revolts going on. Nope, they have been a long time in coming and frankly, one begets another. Egyptians looked at Tunisia in the news cycle and thought “FUCK! I am tired of the shit here, lets go protest!” and they have.
Let me tell you the secret kiddies, it’s not Twitter here, its BBC, Al-Jazeera, and other news sources on the radio that has incited these revolutions. Not you… Sorry. You see, that has been the history of the whole thing all along. Why do you think that revolutionaries take over the radio and TV stations first huh? They take command of the media to let the word out and stop the other guy’s propaganda to put their own out.
Wipe that spittle from the corner of your mouth and get your head off the school desk son! PAY ATTENTION!
I guess history escapes the new digital facey-space TMZ, Youtube generation… Anyway, back to the point. You are not playing the game well Anonymous. You are burning your troops and in the end, you will all get to see each other in court soon enough. You, like Assange, have become all too full of yourselves to realize that you are screwing the pooch and you are too blind to see it.
Next time you want a revolution.. Plan the security better.. AND for God’s sake read a little Sun Tzu!
EDIT It seems that my Alma Mater is now involved with the LOIC MACIP’S One of the morons at Uconn got popped as one of the 40 raids!
Derp Derp DURRR http://tinyurl.com/4p8bjkp
Krypt0s
Krypt3ia: Hidden Knowledge
Since Ligatt and Evans decided to sully the name of the CoB, I have decided to push the button on something I had been contemplating anyway. Sure, it was fun being a Crabbyolbastard, but, things change. I have purchased the domain krypt3ia.com and will be eventually putting this site on there. For now, the new name I think fits me and you all who interact with me can still call me a crabby ol’ bastard to your hearts content.
This new name is more company oriented….
More soon.
Krypt0s
Setting The Record Straight
Let the record state on this day January 18th 2011, that I have NEVER recommended or in any way endorse Gregory D. Evans nor his sham of a company, LIGATT Security Inc, nor any of his lackeys, for ANYTHING other than an awarding of the name“Charlatan or CyberDouche”
Signed,
Crabbyolbastard AKA…
Heh, gotcha…
Well, it has come to pass that Greggy has reached a new low and created “blog” entries for all of the players involved in this farce he has created for himself as the worlds No.1 Hacker. The below image is the page created for me:
Needless to say, I did not create this page nor do I in any way endorse Ligatt Security nor Greg Evans for anything but the worlds No.1 CyberDouche for which I created that swank poster above! Just what Greggy is thinking other than “Yuk yuk yuk, I am gonna git them!” is beyond me. Frankly, he has just opened himself up to another loss I think, especially where the last court case is concerned. You see Greggy, this is going to make its way to the judge as she decides just how much you will owe for legal fees.
Oh yeah Greggy, more money that you won’t pay huh? I mean I see that you just got spanked again by the court for not actually paying the other mandated payments per the court! So much so that the Sheriff had to come out again with a new order! Gee, he must really be looking at getting that substation at your place huh? Oh wait, you also have a lien against you by the feds.. Or was it the state? Shucks, I will check later and anyone interested just surf on over to the courts site and look it up.
So Greggy, I would say the noose is tightening eh? All of your tricks and your bling tweets aren’t cutting it in the real world huh? Must really suck to be you at night.. Just before you fall asleep and your brain begins to process the events of the day.. You know, its when the fears start to creep into that vacuous head of yours about how you are amounting to nothing in life and wondering what you could have done differently. I seem to remember talking about this before, you remember don’t you? I mean, I am pretty sure that my cutting words echo in your twilight sleep. Especially now as all of your facades are shattering around you…
Face facts man, make amends.. Its the only way out for you. Otherwise, if you keep going the way you are, you will only completely self destruct…
Oh, who am I kidding? You are gonna still be batshit insane and do stupid shit like what you pulled today!
Stay classy Greggy…
CoB
The Apocalypse Cycle: The Tea Party, American Politics, and 2012
But even so, the tragedy wouldn’t change this basic fact: for the past two years, many conservative leaders, activists, and media figures have made a habit of trying to delegitimize their political opponents. Not just arguing against their opponents, but doing everything possible to turn them into enemies of the country and cast them out beyond the pale. Instead of “soft on defense,” one routinely hears the words “treason” and “traitor.” The President isn’t a big-government liberal—he’s a socialist who wants to impose tyranny. He’s also, according to a minority of Republicans, including elected officials, an impostor. Even the reading of the Constitution on the first day of the 112th Congress was conceived as an assault on the legitimacy of the Democratic Administration and Congress.
This relentlessly hostile rhetoric has become standard issue on the right. (On the left it appears in anonymous comment threads, not congressional speeches and national T.V. programs.) And it has gone almost entirely uncriticized by Republican leaders. Partisan media encourages it, while the mainstream media finds it titillating and airs it, often without comment, so that the gradual effect is to desensitize even people to whom the rhetoric is repellent. We’ve all grown so used to it over the past couple of years that it took the shock of an assassination attempt to show us the ugliness to which our politics has sunk.
From: It Doesn’t Matter Why He Did It by George Packer
The multiple shooting alleged to have been carried out by Jared Lee Loughner, a mentally unbalanced 22 year old has been the top story on all of the networks. They have all been falling over themselves trying to cover this tragedy and much of the spin masters have been out there on both sides of the political isle making claims on the “motivations” that Jared had in carrying this out. Once you start to really look at his internet postings, you realize that Jared is and was at the time of the shooting, mentally ill. He seemingly had been escalating for some time and over the summer had begun to ramble on about the loss of literacy in the U.S. as though the “literacy” were some apotheosis of understanding the cosmic truths as well as the ills of our current political system.
In essence, the rhetoric that he was a party to by living in Arizona (the illegal alien situation and the Tea Party’s fringe elements being vocal and armed) as well as his deteriorating mental state, made for a timebomb’s fuse to be lit, finally gong off on Saturday morning in front of a grocery store. Now, before anyone starts to say “but you can’t lay blame on the Tea Party!” let me stop you and say, no, I cannot wholly lay it on the Tea Party, nor would I. I would however, lay it squarely on the fringe elements of ALL of the parties especially those of the right wing persuasion that have used the rhetoric of treason, don’t tread on me, and “The tree of liberty needing to be replenished with blood” as major players in shaping the direction that Jared Loughner took with regard to his shooting rampage.
It seems though to me, that increasingly the world is just losing its collective mind. Between all of the economic troubles globally, the specter of climate change, die off’s of bees, bats, and now seemingly thousands of birds by mysterious means, we are all a little bit on edge. Add to this the ever-present conspiracy theories, leaks of classified documents and the reprisals by embarrassed governments, tightening their grip and expanding their powers to surveill as well as detain, we all are feeling a bit freaked…
Then comes 2012… It’s a trifecta.
Like what happened in the lead up to 2000, I suspect that there will be more and more groups and individuals who are delusional enough to truly believe the end is nigh. These people may take the non violent way of killing themselves like Heaven’s Gate or, they may go the route that Jared did this weekend. The commonality though, is that the outside pressures of every day life and the things going on around them often become their fixation. In the case of Heaven’s Gate, it was the Hale-Bopp comet while for Jared, it was the frothing rhetoric of fringe elements saying that the government was full of traitors that should be killed to re-set the country on the right path to righteous freedoms that the founders had in mind.
So, where I fall on this whole debacle is pretty clear I think from what I have just said. The whacknuts tend to congregate and now they have a banner under which they can rally in the whole end of the world as well as the ruination of A-mur-ica and our freedom fry loving ways. Nuts beget nuts and they feed off of each other, just ask Dylan and Eric. I suppose its just the banner du jour though, there will be plenty of others as time goes on, in some cases they may not be at all anything external but instead the internal voices of the deranged with the gun. So all of this blame game political posturing will do no good for anyone. The Tea Party has its merits as do the Dem’s and Republicans. Where it gets scary is the fringe elements on each side that take their arguments to the plaid setting. I mean, it is bad enough that the two parties have been so entrenched so as to get absolutely nothing reasonable done for “The People”, who they always seem to be claiming to represent, but are, in my opinion, failing to do.
In the end, Jared Loughner was exactly that, a loner, a misfit, and a boy who needed psychological attention. Just how many knew about his faltering senses is the question as well as is what, if anything, they tried to do about it before he unloaded a 9mm with a 30 round clip into a crowd on a Saturday morning. So all of you out there yammering about the horror and pointing fingers, let me just interject one more little thing;
How about focusing a little more on detecting the mentally ill and disallowing them from obtaining weapons of mass destruction such as a 30 round magazine and a 9mm handgun?
Why not tackle something other than political asshattery and do some good for the next innocent 9 year old that happens to be in the wrong place at the wrong time only to die at the hands of a mentally unstable and well armed individual.
We are all to be blamed.
CoB
Krypt3ia 
China’s cyber-warfare capabilities are ‘fairly rudimentary’… What is it with these crazy Australians?
with 5 comments
Oh Desmond…
Desmond, Desmond, Desmond… You spend so much time pointing out all of the Honker Union activities, the malware created by China, and all their overall IW/Espionage activities and then you say;
“Well, because there’s no real proof of their actually having done anything, they are unable to do so”
*blink blink*
Crikey! Have you been sipping what Dr. Wright has been drinking or what? Tell me Desmond, what is your classification rating? Because I think you are lacking some pertinent information that might change your hypothesis quite a bit. Either way, your contention is lacking understanding of the playing field I think, so let me enlighten you a bit ok?
Rudimentary? Really?
I personally have heard of “on the fly” coding of malware to affect pertinent systems within a defense contractor network to not only keep access within said network, but, also to exfiltrate even more interesting data. Now, that sounds rather advanced to me..
How about you?
Sure, the coders could have been just about anyone, but, the data was being exfiltrated to areas that were in the Asia Pacific and more than likely were Chinese in origin so, yeah, it likely was them and not say, Germany. However, once again, we have no real proof of it being “solely” China. Oddly enough though, when data was caught in the hands of the Chinese we pretty much had to admit it was them doing it. So, no Desmond, they are not wholly unskilled and certainly as unsophisticated as you would paint them. This is just one instance of access and hacking that allowed for the APT (Advanced Persistent Threat) activity that, well Desmond, was coined for their activities against the defense industrial base here in the US.
Simply Desmond, you can cite all the articles from the internet you want.. You still won’t have the whole picture.
PSSST… Guess What?
So, to move this further along the philosophical and technical path for you let me explain it another way for you. The Chinese, as with most of the Asiatic countries, have a different perspective on things than we in the West. Something core to the Chinese mindset on warfare are the following:
網絡戰 !!!
Alrighty, now that I have gotten that off my chest, Cyberwar is to me, too hard to carry out for ANY of the countries out there now. China being only one country that might want to. The systems are too disparate and to control a single node would take great effort. So, yes, I can agree with you that they are not in a position to do us major damage from a CYBERWAR booga booga booga perspective. Frankly, no one could in my opinion. However, your contention that they could not insert bad data during a time of war is a load of crap.
ANYONE could IF they had the access and the desire. It would not need to be nation state, it could be a private citizen for that matter. What is more interesting Desmond is that you fail to understand the espionage angle here. The Chinese use their expat’s to do their bidding under threat, or, mostly under the “poor poor China” argument. Imagine an insider adding code to systems that could be triggered…
Yeah.. Soft power once again.. It could turn hard though with the right circumstances.
Once again Desmond, you think too one dimension-ally.
The Sad Truth…
Now, with all of that said, lets turn it around a bit. The saddest truth is this;
“Given all of what has happened recently with Lulzsec, it has become clear that it does not take an uber hacker to take down pretty much anyone”
The systems out there have not been protected well enough. Patching, and secure coding have not been at the fore here and thus it is trivial for the most part to hack into systems throughout the internet. So, the Chinese need not be uber haxx0rs to do the damage needed because we collectively have done a bad job at securing our own networks.
*sadface*
Once again, you fail to look at the problem from a more multidimensional angle.
Please go back to the drawing board Desmond because you lack the proper information and perspective to really make the claims you are making.
K.
Rate this:
Written by Krypt3ia
2011/11/06 at 23:10
Posted in Chairman Meow!, Chinese Overlords, CodeWars, Commentary, CyberFAIL, DarkVisitor, Digital Pearl Harbor, Duh, Espionage, Fucktards, Geopolitics, Industrial Espionage, Infopocalypse, Infosec, Infowar, Infrastructure, Ni Hao Chairman Meow!, OPSEC, Our Chinese Overlords, SECOPS, The Eternal Struggle, The Industry, The Stupid It Burns!, The Thousand Grains of Sand, What the???