http://nakedsecurity.sophos.com/2011/06/04/infragard-atlanta-an-fbi-affiliat e-hacked-by-lulzsec/
Infragard Atlanta, an FBI affiliate, hacked by LulzSec by Chester Wisniewski <http://nakedsecurity.sophos.com/author/chesterwisniewski/> on June 4, 2011 | Infragard logoIn a self-titled hack attack called "F**k FBI Friday" the hacking group known as LulzSec has published details on users and associates of the non-profit organization known as Infragard <http://en.wikipedia.org/wiki/Infragard> . Infragard describes itself as a non-profit focused on being an interface between the private sector and individuals with the FBI. LulzSec published 180 usernames, hashed passwords, plain text passwords, real names and email addresses. Where did the plain text passwords come from? Considering LulzSec was able to decrypt them it would imply that the hashes were not salted <http://en.wikipedia.org/wiki/Password_salt> , or that the salt used was stored in an insecure manner. One interesting point to note is that not all of the users passwords were cracked... Why? Because these users likely used passwords of reasonable complexity and length. This makes brute forcing far more difficult and LulzSec couldn't be bothered to crack them. In addition to stealing data from Infragard, LulzSec also defaced their website with a joke YouTube video and the text "LET IT FLOW YOU STUPID FBI BATTLESHIPS" in a window titled "NATO - National Agency of Tiny Origamis LOL". Aside from defacing their site and stealing their user database, they tested out the users and passwords against other services and discovered many of the members were reusing passwords on other sites - an violation of FBI/Infragard guidelines. LulzSec singled out one of these users, Karim Hijazi, who used his Infragard password for both his personal and corporate Gmail accounts according to the hackers. They've published a BitTorrent with what they claim are nearly 1000 of Hijazi's corporate emails and a IRC chat transcript that proclaims to be a conversation they had with him. They also disclosed a list of personal information including his home address, mobile phone and other details. It's hard to say when these attacks will end, but a great start would be to carefully analyze your security practices and ensure that your data is properly encrypted and to regularly scan your servers for vulnerabilities. As for LulzSec? It appears they have declared war on one of the premier police forces in the world... Their fate remains a mystery. [Non-text portions of this message have been removed] ------------------------------------ -------------------------- Want to discuss this topic? Head on over to our discussion list, discuss-os...@yahoogroups.com. -------------------------- Brooks Isoldi, editor biso...@intellnet.org http://www.intellnet.org Post message: osint@yahoogroups.com Subscribe: osint-subscr...@yahoogroups.com Unsubscribe: osint-unsubscr...@yahoogroups.com *** FAIR USE NOTICE. This message contains copyrighted material whose use has not been specifically authorized by the copyright owner. OSINT, as a part of The Intelligence Network, is making it available without profit to OSINT YahooGroups members who have expressed a prior interest in receiving the included information in their efforts to advance the understanding of intelligence and law enforcement organizations, their activities, methods, techniques, human rights, civil liberties, social justice and other intelligence related issues, for non-profit research and educational purposes only. We believe that this constitutes a 'fair use' of the copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use this copyrighted material for purposes of your own that go beyond 'fair use,' you must obtain permission from the copyright owner. For more information go to: http://www.law.cornell.edu/uscode/17/107.shtmlYahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/osint/ <*> Your email settings: Individual Email | Traditional <*> To change settings online go to: http://groups.yahoo.com/group/osint/join (Yahoo! ID required) <*> To change settings via email: osint-dig...@yahoogroups.com osint-fullfeatu...@yahoogroups.com <*> To unsubscribe from this group, send an email to: osint-unsubscr...@yahoogroups.com <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/