Anonymous hacks STRATFOR 6 replies

Please wait...

Commissar MercZ

Notable Loser

300,005 XP

29th January 2005

0 Uploads

27,113 Posts

0 Threads

#1 6 years ago

STRATFOR (Strategic Forecasting, Inc) is a firm employed by certain companies and governmental agencies to analyze certain trends in media, decisions undertaken by group, etc. to provide clients with updates on certain individuals or groups/countries as well as what their most likely actions would be.

Anonymous, believed to be striking in protest of Bradley Manning's treatment so far, compromised the security of the site and managed to get information which they claim included payment information of certain customers, which they used to make donations to charities, as well as a list of STRATFOR's clientele.

http://www.nytimes.com/2011/12/26/technology/hackers-breach-the-web-site-of-stratfor-global-intelligence.html

Hackers Breach the Web Site of Stratfor Global Intelligence

By NICOLE PERLROTH

While the rest of the world engaged in merriment and good cheer, hackers used the holidays to attack a United States research group that puts out a daily newsletter on security issues.

On Saturday, hackers who say they are members of the collective known as Anonymous claimed responsibility for crashing the Web site of the group, Stratfor Global Intelligence Service, and pilfering its client list, e-mails and credit card information in an operation they say is intended to steal $1 million for donations to charity. The hackers posted a list online that they say contains Stratfor’s confidential client list as well as credit card details, passwords and home addresses for some 4,000 Stratfor clients. The hackers also said they had details for more than 90,000 credit card accounts. Among the organizations listed as Stratfor clients: Bank of America, the Defense Department, Doctors Without Borders, Lockheed Martin, Los Alamos National Laboratory and the United Nations.

The group also posted five receipts online that it said were of donations made with pilfered credit card details. One receipt showed a $180 donation from a United States Homeland Security employee, Edmund H. Tupay, to the American Red Cross. Another showed a $200 donation to the Red Cross from Allen Barr, a recently retired employee from the Texas Department of Banking. Neither responded to requests for comment.

Mr. Barr told The Associated Press that on Friday he discovered that $700 had been transferred from his account to charities including the Red Cross, Save the Children and CARE, but that he had not been aware that the transfer was tied to a breach of Stratfor’s site.

Stratfor executives did not return calls for comment on Sunday. In an e-mail to subscribers Sunday morning, Stratfor’s chief executive, George Friedman, confirmed that the company’s site had been hacked and said his company was working with law enforcement to track down the parties responsible.

“We have reason to believe that the names of our corporate subscribers have been posted on other Web sites,” Mr. Friedman wrote in the e-mail. “We are diligently investigating the extent to which subscriber information may have been obtained.”

The hackers took responsibility for the Stratfor attack on Twitter and said the attack would be the beginning of a weeklong holiday hacking spree. The breach was the latest in the online group’s ongoing campaign of computer attacks which, to date, has been aimed at MasterCard, Visa and PayPal as well as groups as diverse as the Church of Scientology, the Motion Picture Association of America and the Zetas, a Mexican crime syndicate.

The breach first surfaced on Saturday when hackers defaced Stratfor’s Web site with their own message. “Merry Lulzxmas!” the group wrote in a reference to Lulz Security, a hacking group loosely affiliated with Anonymous. “Are you ready for a week of mayhem?” By Sunday afternoon, the message had been replaced with a banner message that said: “Site is currently undergoing maintenance. Please check back soon.”

According to the hackers’ online postings, the group voted on what charities to contribute to. Among their choices were cancer and AIDS research, the American Red Cross, WikiLeaks and the Tor Project, a software that enables online anonymity.

Also according to their postings, the breach appears to have been conducted in retaliation for the arrest and imprisonment of Pfc. Bradley Manning, the Army intelligence analyst on trial on charges of leaking classified intelligence information and more than 250,000 diplomatic cables to WikiLeaks last year.

The attack was also likely intended to embarrass Stratfor, which specializes in intelligence and security. The hackers said they were able to obtain the credit card details because, they said, Stratfor had failed to encrypt them.

“The scary thing is that no matter what you do, every system has some level of vulnerability,” says Jerry Irvine, a member of the National Cyber Security Task Force. “The more you do from an advanced technical standpoint, the more common things go unnoticed. Getting into a system is really not that difficult.”




Nittany Tiger Forum Mod

*Shrug*

289,107 XP

15th September 2004

0 Uploads

27,136 Posts

0 Threads

#2 6 years ago

So Anonymous is back. I wonder if they'll hit the entertainment industry hard over SOPA and Protect IP.




Guest

I didn't make it!

0 XP

 
#3 6 years ago

This is why I have no respect for "Anonymous". Today they're a bunch of jerks playing at being Robin Hood. Other days they are naive jackasses defending people like Assange and Mannings. All the while the common working man gets screwed over by their actions.

Now these employees are short some cash which they may or may not need depending on their financial status. They also have to cancel those credit cards and spend a lot of time and effort addressing identify-theft issues. As a "Christmas gift" they get to deal with this hellish scenario all because some self-righteous Anonymous pricks don't approve of the way they make a living. Because being a "hacktivist" is so much more noble than working for a security firm... right...

Here is a suggestion for these lazy Anonymous bastards. They should get their own job and donate their own money to charity rather than money stolen from other people. Doesn't this rather defeat the concept of charity too?




NuclearTurboPopeXVII

Will code c++ for food.

50 XP

13th August 2010

0 Uploads

778 Posts

0 Threads

#4 6 years ago

There should be serious penalties for corporations that fail to protect their customer's personal info against hacks. If a bank gets broken into, the insurance picks up the tab and I take my money to a competing bank. If my data gets leaked, the damage is irreversible.




Commissar MercZ

Notable Loser

300,005 XP

29th January 2005

0 Uploads

27,113 Posts

0 Threads

#5 6 years ago
ElCommissar;5596121This is why I have no respect for "Anonymous". Today they're a bunch of jerks playing at being Robin Hood. Other days they are naive jackasses defending people like Assange and Mannings. All the while the common working man gets screwed over by their actions.

I don't think the 'common working man' has the resources or the interest to be subscribed to a service like STRATFOR. The values they 'donated' from the clientele subscribed to that service were small- not enough to cause a damage and banks to place the burden on other customers. Only thing beyond that is they said they would threatened to donate larger amounts- but I would imagine STRATFOR probably notified their clients who in turn notified their banks. As far as I know Anonymous or at least those taking up that mantle haven't really done anything 'against' the working man. But Anon can expect some problems over this considering they moved from internet damages and attacks to actual 'theft'. That of course depends on whether they left any tracks though, they're good with that.




Guest

I didn't make it!

0 XP

 
#6 6 years ago
Commissar MercZ;5596266I don't think the 'common working man' has the resources or the interest to be subscribed to a service like STRATFOR. The values they 'donated' from the clientele subscribed to that service were small- not enough to cause a damage and banks to place the burden on other customers. Only thing beyond that is they said they would threatened to donate larger amounts- but I would imagine STRATFOR probably notified their clients who in turn notified their banks. As far as I know Anonymous or at least those taking up that mantle haven't really done anything 'against' the working man. But Anon can expect some problems over this considering they moved from internet damages and attacks to actual 'theft'. That of course depends on whether they left any tracks though, they're good with that.

It seems I misread the article and thought that employees rather than clients were targeted. Yet identify theft is still always a major headache, one I wouldn't wish on any individual just because some "hacktivsts" decided they had too much money in their pockets. The part about Anonymous being self-righteous pricks remains true in this story. Another poster mentioned SOPA, but I imagine hacking companies over that will only serve to increase the (slight) chance that it will ever pass.

I'm not familar with STRATFOR and the security issues they cover, but Anonymous probably targeted them solely thanks to the efforts of those who demonize defense and security related companies. What did they really do to deserve this? Probably nothing other than attracting the attention of some foolish idealists.




Commissar MercZ

Notable Loser

300,005 XP

29th January 2005

0 Uploads

27,113 Posts

0 Threads

#7 6 years ago

ElCommissar;5596300It seems I misread the article and thought that employees rather than clients were targeted. Yet identify theft is still always a major headache, one I wouldn't wish on any individual just because some "hacktivsts" decided they had too much money in their pockets. The part about Anonymous being self-righteous pricks remains true in this story. Another poster mentioned SOPA, but I imagine hacking companies over that will only serve to increase the (slight) chance that it will ever pass.

I'm not familar with STRATFOR and the security issues they cover, but Anonymous probably targeted them solely thanks to the efforts of those who demonize defense and security related companies. What did they really do to deserve this? Probably nothing other than attracting the attention of some foolish idealists.

My question is really why do you feel so strongly about the 'self-righteous' pricks of Anonymous. What have they done to you? Hacking is annoying, but they generally don't do it for self-gain or theft. Their targeting of these sites really won't be affected by SOPA one way or another- SOPA hits website domains, not specific internet users/ IP addresses.

Only time I may've been affected by "Anonymous" was during the PS3 network hackings, which sony blamed on Anonymous IIRC, but the group typically representing the 'real' Anonymous said they had nothing to do with it. One issue with that handle is anyone can take it since their identity isn't public, like the ones who tried to 'down' facebook under that name. Most of the brunt of this is usually on Lulzsec's end more than anything- the rest just kind of tag along.

If anything the people paying top dollar to STRATFOR should wonder how what is typically teens and young adults living with their parents managed to do this in the first place. Especially since a lot of these companies are getting paid handsomely to provide services like STRATFOR, among them certain large corporations and government agencies, something like this shouldn't happen.