Salted Hash — IT security news
About this Blog:
IT security news analysis, over easy!
Anonymous meets its own insider threat
When I was at RSA in February, people trembled with unease whenever the subject of Anonymous came up. One of the big stories that week was the vandalism of HBGary's exhibit booth and that vendor's hasty exit from the conference.
The fear was that members of Anonymous could be anywhere, even inside one of the world's biggest annual security gatherings.
The unease is still there, but a few of you might take comfort in knowing that Anonymous has its own threats to deal with.
Postings by administrators of the group's AnonOps Network suggest they are dealing with an insider attack.
The message reads:
Dear Users of the AnonOps Network,
We regret to inform you today that our network has been compromised by a former IRC-operator and fellow helper named "Ryan". He decided that he didn't like the leaderless command structure that AnonOps Network Admins use. So he organised a coup d'etat, with his "friends" at skidsr.us . Using the networks service bot "Zalgo" he scavenged the IP's and passwords of all the network servers (including the hub) and then systematically aimed denial of service attacks at them (which is why the network has been unstable for the past week). Unfortunately he has control of the domain names AnonOps.ru (and possibly AnonOps.net, we don't know at this stage) so we are unable to continue using them. We however still have control over AnonOps.in, and will continue to publish news there.
We would STRONGLY ADVISE all users to STAY AWAY from AnonOps.net and AnonOps.ru, and they should be considered COMPROMISED. Using or connecting to any service on those addresses may put your computer, and by extension your person, at risk.
We will continue to update you on this story, as well as on how we proceed with the future of Anonops.
We are profoundly sorry for this drama, and we can't give you a an estimate on when service will resume normally.
Alas, the IRC-network will probably remain down until we can sort this out.
We will try to keep you up to date you via our official channel (anonops.in).
Signed,
The "Old" AnonOps netstaff.
"shitstorm", "Nerdo","owen","blergh", and "Power2All"
P.S: Further notices on AnonOps.net/ru will probably be posted to dispell this one, and any unavailablity of AnonOps.in will only prove this message is true. THIS IS NOT A JOKE, THIS ISN'T A LIE, THIS IS THE TRUTH AND WE ARE SORRY FOR THAT.
P.P.S: The person behind this attack is also involved in the "new" Encyclopedia Dramatica (encyclopediadramatica.ch) . If you have previously signed up as a user with a legitimate email-address/password, you should take caution and consider that your account and password *might* be compromised.
This probably doesn't change the overall threat from Anonymous in the long run, but it goes to show that the corporate world isn't alone in its struggle with malicious insiders.
--Bill Brenner
The fear was that members of Anonymous could be anywhere, even inside one of the world's biggest annual security gatherings.
The unease is still there, but a few of you might take comfort in knowing that Anonymous has its own threats to deal with.
Postings by administrators of the group's AnonOps Network suggest they are dealing with an insider attack.
The message reads:
Dear Users of the AnonOps Network,
We regret to inform you today that our network has been compromised by a former IRC-operator and fellow helper named "Ryan". He decided that he didn't like the leaderless command structure that AnonOps Network Admins use. So he organised a coup d'etat, with his "friends" at skidsr.us . Using the networks service bot "Zalgo" he scavenged the IP's and passwords of all the network servers (including the hub) and then systematically aimed denial of service attacks at them (which is why the network has been unstable for the past week). Unfortunately he has control of the domain names AnonOps.ru (and possibly AnonOps.net, we don't know at this stage) so we are unable to continue using them. We however still have control over AnonOps.in, and will continue to publish news there.
We would STRONGLY ADVISE all users to STAY AWAY from AnonOps.net and AnonOps.ru, and they should be considered COMPROMISED. Using or connecting to any service on those addresses may put your computer, and by extension your person, at risk.
We will continue to update you on this story, as well as on how we proceed with the future of Anonops.
We are profoundly sorry for this drama, and we can't give you a an estimate on when service will resume normally.
Alas, the IRC-network will probably remain down until we can sort this out.
We will try to keep you up to date you via our official channel (anonops.in).
Signed,
The "Old" AnonOps netstaff.
"shitstorm", "Nerdo","owen","blergh", and "Power2All"
P.S: Further notices on AnonOps.net/ru will probably be posted to dispell this one, and any unavailablity of AnonOps.in will only prove this message is true. THIS IS NOT A JOKE, THIS ISN'T A LIE, THIS IS THE TRUTH AND WE ARE SORRY FOR THAT.
P.P.S: The person behind this attack is also involved in the "new" Encyclopedia Dramatica (encyclopediadramatica.ch) . If you have previously signed up as a user with a legitimate email-address/password, you should take caution and consider that your account and password *might* be compromised.
Get your morning news fix with the daily Salted Hash e-newsletter! Sign up today.
This probably doesn't change the overall threat from Anonymous in the long run, but it goes to show that the corporate world isn't alone in its struggle with malicious insiders.
--Bill Brenner
WEBCAST
Transition Confidently to the Cloud
Thanks to cloud computing, your business data is everywhere and being accessed by everyone. Making the wrong decision to protect your data can result in high costs, increased risk and executive exposure. View this live webinar on cloud security and the evolving data center, and learn why a data-centric approach to security is the best bet for today's virtual environment.
WHITE PAPER
Magic Quadrant for Enterprise Information Archiving
Gartner evaluates vendors offering products and services that provide archiving for email, files and other content types.
Recent Comments
Webcasts
- Enterprise File Sharing: All You Need to Know
- Forrester Research and EMC on Continuous Availability
- Big Ideas; Big Tech-Continuous Availability for VMware
- Security Analytics Video
- Reduce Costs, Maximize Performance and Ensure High Availability of your Business Critical Applications
- B2B Integration on Cloud: Real World Solutions and Technology Advances
White Papers
