Record-setting document leak targets officers and informants
On Saturday, the AntiSec movement struck again. With a new website, ala-HBGary, participants in AntiSec published more than 200,000 emails and the personal details of hundreds of police officers. The leak is part spite, representing a deep-seated anger towards law enforcement in general, and response to the arrest of those associated with previous attacks on PayPal.
When compared to other AntiSec leaks, Saturday’s is by far the largest. The leaked data includes 1,474 username and password combinations, granting access to webmail accounts, FTP and SSH accounts, Webhosting control panels, and private directories protected with .HTACCESS.
Moreover, they have reposted a list of personal information for more than 7,000 people including usernames, email addresses, home addresses, phone numbers, and passwords. A separate leak is possibly the most damning, as it is a printout of reports made to the various police departments in order to report crimes or locate wanted persons.
In addition, AntiSec published 10GBs of email, or more than 200,000 messages in all, from 300 email accounts maintained by 56 separate law enforcement agencies. In order to present this data, AntiSec developed a new website that is accessible via Tor only and one that uses Tor2HTML. Each email account presents the account's password in addition to the content. Around the same time website went live, AntiSec also published the same information via BitTorrent.
The emails are the focus in this latest data leak, but the exposure of those reporting crime could lead to serious repercussions.
“We hope that not only will dropping this info demonstrate the inherently corrupt nature of law enforcement using their own words, as well as result in possibly humiliation, firings, and possible charges against several officers, but that it will also disrupt and sabotage their ability to communicate and terrorize communities...” a note outlining the leak said.
“We have no sympathy for any of the officers or informants who may be endangered by the release of their personal information… we want them to experience just a taste of the kind of misery and suffering they inflict upon us on an everyday basis. Let this serve as a warning to would-be snitches and pigs that your leaders can no longer protect you: give up and turn on your masters now before it's too late.”
In our previous coverage on the AntiSec raid against law enforcement, we explained that the attack was massive due to the fact all 77 domains were hosted on the same server. Additional details provided on Saturday, explain just how grim the situation was for Brooks-Jeffrey Marketing (BJM), the company who hosted the domains, and is presumed to have developed them.
After receiving a tip from the FBI, BJM moved the law enforcement sites to "better, faster servers", according to Shannon Brooks, BJM president. However, by the time the FBI warning reached BJM, AntiSec supporters had already compromised the server. When BJM transferred the sites from one box to another, they moved the backdoors installed by AntiSec over as well.
“…in less than an hour we rooted their new server and defaced all 70+ domains while their root user was still logged in and active. We lol'd [laughed] as we watched the news reports come in, quoting various Sheriffs who denied that they were ever hacked, that any personal information was stolen, that they did not store snitch info on their servers,” the note explained.
To taunt those making such denials, AntiSec supporters posted the personal information of said individuals, including SSN, home addresses, phone numbers, and other details.
“We also took the liberty to backdoor their online store and capture a few credit card numbers, which were used to make involuntary donations to the ACLU, the EFF, the Bradley Manning Support Network, and more.”
Not long after the public was informed of the latest data leak, Pastebin crashed due to the volume of traffic heading to the release notes. Likewise, the archive itself is under strain as more and more people flock to it.
As mentioned, this is the largest collection of email and personal information leaked to the public since the attacks on HBGary and HBGary Federal. If anyone knows the damage that server breaches can cause, it is former CEO of HBGary Federal, Aaron Barr.
After the attack on HBGary’s servers by Anonymous earlier this year, Barr resigned his post in order to focus on family and escape the spotlight. Speculation suggested that he resigned for those factors, and the public humiliation he suffered at the hands of Stephen Colbert. This is in addition to the problems and criticisms he faced over the content of his leaked emails.
However, he is back in the public eye once again, and it has nothing to do with a security incident. Aaron Barr has a new job. His new role is Director of Cyber Security for Sayers and Associates.
Counting the State Department, Army, Navy, the Department of Energy, and Homeland Security among its clients, Sayers can offer everything from engineering and logistics services, to counterintelligence, physical security, and technical surveillance countermeasures.
In addition to a new job, Barr is also back on the speaking circuit. During Defcon, he was threatened with legal action by his former employer, preventing him from taking part in a discussion panel titled: "Whoever Fights Monsters...Aaron Barr, Anonymous and Ourselves."
While that public talk was taken off the table, he is set to speak during the Software Security Assurance Summit in Washington, D.C., this September. During his session, Barr will present a 45 minute talk on “Social Media and the Potential of Cyber Security Attacks”.
Previously, Barr presented talks on “Social Media: Targeting, Reconnaissance, and Exploitation” and “Social Media: A New Age in Information Exploitation”. It was the second talk, scheduled for the B-Sides security conference earlier this year in San Francisco, that led to the attacks by Anonymous. It is unknown if his September 12 presentation will include new content, or if it will include his previous research on Anonymous.
In contrast, despite forthcoming retraction of his statements to the media, Sheriff John Montgomery isn’t likely to be forced out of office, nor will he face the scorn from the public in the way that Aaron Barr did. The same can be said for Missouri Sheriff's Association Executive Director Mick Covington and President Steve Cox, as well as Sheriff Joe Guy.
Each will have to take back their words, and react to the breach in the coming days. But if they leave their respective offices, it’s likely to be on their own accord.
Despite the obvious risks of targeting law enforcement, this latest leak is a bold move for those participating in AntiSec. Those participants that we’ve spoken to have no fear of being arrested. They make this clear to the public as well with their recent statements:
“You may bust a few of us, but we greatly outnumber you, and you can never stop us from continuing to destroy your systems and leak your data…A recent DHS bulletin has called us ‘script kiddies’ that lack ‘any capability to inflict damage to critical infrastructure’...Yet, we continue to get in and out of any system we please... GIVE UP. You are losing the cyberwar, and the attacks against the governments, militaries, and corporations of the world will continue to escalate.”