AntiSec: Christmas attack targets minor intelligence firm

by Steve Ragan - Dec 24 2011, 01:30

Update:

In an email to clients shortly after the attacks, Stratfor’s CEO, George Friedman addressed the attacks.

He said that Stratfor's servers and email have been suspended, due to the AntiSec hack, and that they are taking “this incident very seriously.”

“Stratfor and I take this incident very seriously. Stratfor's relationship with its members and, in particular, the confidentiality of their subscriber information, are very important to Stratfor and me. We are working closely with law enforcement in their investigation and will assist them with the identification of the individual(s) who are responsible. Although we are still learning more and the law enforcement investigation is active and ongoing, we wanted to provide you with notice of this incident as quickly as possible. We will keep you updated regarding these matters.”

In response to the letter, an associate of Anonymous commented:

 

If #Stratfor would give a shit about their subscriber info they wouldn't store CC/CCV numbers in cleartext, with corresponding addresses.

— AnonymousIRC (@AnonymousIRC) December 25, 2011

 

Moreover, the Stratfor attack was once again referenced as only the start.

 

#LulzXmas just began. Stay tuned folks!!! Butthurt guaranteed or we'll give your money back #Anonymous #LulzSec #AntiSec

— AnonymousIRC (@AnonymousIRC) December 25, 2011

 

We’ll update with additional data as it is available. 

Original Article:

Strategic Forecasting Inc., which is better known as Stratfor, is an intelligence gathering firm located in Austin, Texas. On Christmas Eve, they were wiped from the Internet by supporters of the AntiSec movement. Allegedly the actions was taken due to their status as a law enforcement friendly organization, and commentary condemning Anonymous’ OpCartel campaign.

Not too long ago, Anonymous gained some media attention for their promise to release sensitive information related to Los Zetas, a Mexican cartel known for brutal tactics, weapons dealing, drug running, and human trafficking. As part of the news cycle, reporters looked for comments from organizations and experts in the field.

Stratfor gained mass attention from the media when they issued a warning to Anonymous, and offered public commentary on what was known at the time as OpCartel. However, while the attention given to Anonymous’ Los Zetas focused campaign faded, Stratfor earned their fifteen minutes of fame from the technical press for their comments on the operation.

“Anonymous has taken on many powerful entities in the past, such as major transnational corporations and governments. But the repercussions from participating in such operations were never as grave for online activists as they are in this case. Being identified and detained by Scotland Yard or the FBI is a far different situation than being identified and detained by Los Zetas,” a note from Stratfor outlined.

Staffers representing Stratfor appeared on broadcast media offering commentary on Anonymous, the Los Zetas operation specifically, several times during the campaign’s run. Those comments, and the Los Zetas campaign itself were already out of the media’s attention by the second week of November. However, on Christmas Eve, Stratfor’s clock had stopped ticking. Their domain, and all of the contents hosted on the webserver, were wiped from the Internet.

 

 

A wild rm -rf /* appears: stratfor.com | #LulzXmas from #AnonSanta | #AntiSec plundered 200gb of their mails and more booty.

— AnonymousIRC (@AnonymousIRC) December 24, 2011

 

Over 90,000 Credit cards from LEA, journalists, intelligence community and whitehats leaked and used for over a million dollars in donations

— The Real Sabu (@anonymouSabu) December 24, 2011

 

 

For the last week or so, talk on Twitter centered on an upcoming LulzXmas release, which has been said to be large enough now to last until the end of the year. The initial release for LulzXmas centered on Stratfor and consisted of two parts.

The first part was the removal of the Stratfor domain. However, before the webserver was wiped completely, nearly 200GB of emails were taken. These actions was preceded by the reported snatching of 90,000 credit cards from a database maintained by Stratfor, and using them to make donations and other purchases.

Frank Ginac, Stratfor’s CTO, was singled out during the aftermath of the breach. In addition to having snippets of his internal communications leaked, his personal information (including credit card details) was published as well.

The second part of the LulzXmas attack was the leaking of Stratfor’s customer list, which includes current and past clients.

It is unknown what other releases are planned, or if the hijacked emails will be published by AntiSec.

Likewise, considering the clients involved and the amount of data taken from Stratfor, the breach itself could expand even further. If that’s the case, the final week of 2011 promises to be a damning one for law enforcement and supportive firms.

Some of the more notable names in the client list are below. The full list was published online. A mirror of the Stratfor defacement can be seen here.

 

A G Edwards

Associated Press

Army

Air Force

AT&T

Al Jazeera English

Alcatel-Lucent

AMD

American Express

AMTEC Corporation

Apple

Bank of America

Barclays Bank

Best Buy

Boeing

Booz Allen Hamilton

BP

Coast Guard

Capital One

Charles Schwab

Cisco Systems

Citigroup

Defense Intelligence Agency

Dell

Deloitte

Dept. of Defense

Dept. of Energy

Dept. of Justice

Dept. of State

Deutsche Bank

Eli Lilly

Federal Reserve

Fed Ex

Fox News Channel

Halliburton

IBM

ING

Intel Corp.

JP Morgan

The LA Times

Lockheed Martin

Marine Corps

Merrill Lynch

Microsoft

Monsanto

MSNBC

Navy

Nike, Inc.

Northrop Grumman

Oracle

United Nations

 

Around the Web

comments powered by Disqus