« Week of Mayhem »: Antisec/Lulzsec deals a severe blow to the US security/police infrastructure

Antisec exposes Stratfor, a multi-million intelligence corporation (…plus other goodies)

Found on Anews

  /     \   __________________ ___.__.
 /  \ /  \_/ __ \_  __ \_  __ <   |  |
/    Y    \  ___/|  | \/|  | \/\___  |
\____|__  /\___  |__|   |__|   / ____|
        \/     \/              \/     

.____          .__         ____  ___
|    |    __ __|  | _______\   \/  / _____ _____    ______
|    |   |  |  |  | \___   /\     / /     \\__  \  /  ___/
|    |___|  |  |  |__/    / /     \|  Y Y  \/ __ \_\___ \
|_______ |____/|____/_____ /___/\  |__|_|  (____  /____

Did you enjoy looting and plundering the pocketbooks of the rich and powerful during Lulzxmas? Did you enjoy using and abusing the personal emails and passwords of feds and corporate executives? How about all those « Law Enforcement Sensitive » documents stolen from NY police chief emails? And that epic cslea.com defacement on New Years Eve? Yes, many lulz were had during this past week, and rest easy fellow pirates, that was only a taste of the chaos to come.

We’re ringing in the new year with another exciting #antisec zine release, and this is a big one. Lots of servers were rooted and rm’d. More than a few clueless sysadmins had their .bash_history and mail spools spilled. A lot of cops got doxed — shit, with all the live passwords being dropped here one could easily own police departments in nearly every U.S. state.

To match this truly epic hacking spree, we also had to go on an epic shopping spree. In an act of loving egalitarian criminality, we used company credit cards to make donations to dozens of charities and revolutionary organizations, including the Bradley Manning Support Organization, the EFF, the ACLU, CARE, American Red Cross, Amnesty International, Greenpeace, some commies, some prisoners, various occupations, and many more unnamed homies. It took weeks of hard work, but it paid off: to the tune of over $500,000 dollars liberated in total. Some examples we publicized were eventually returned: other payments made more discretely were confirmed to have been received and changed to hard cash. Of course, we had to engage in some pranks as well. What’s life without a little laughter at the expense of the 1%? We sent Pop-Tarts to the sysadmins with the hopes they would appreciate the humor. We also transferred to ourselves some form of anonymous currency that can’t be traced or returned. Maybe we even sold or traded some of these cc dumps and password lists with other black hat comrades for botnets and 0days. Fuck em’ if they can’t take a joke!

While we attacked the institutions of capitalism, it would only make sense to attack those who enforce it, the inherently oppressive protectors of property and purveyors of social control; the pigs, the fuzz… the police. Do you remember a month ago when the mayors of over eighteen major cities in the U.S. collaborated with the swine to launch a coordinated attack on Occupation sites? The indiscriminate, and unprovoked, arrest and brutalization of thousands of protesters? We the 99% face an endless cycle of evictions and layoffs, while the powerful elite laugh all the way to the bank, comforted by their lucrative federal contracts and billion dollar bailouts. All our lives we have been robbed blind, and now it’s time to start pointing our guns in the right direction.

In retaliation for this unprovoked, premeditated police-state brutality, we executed our own raid against New York and California police targets. And no, we will not be using pepper spray or tasers: we’ll leave that for the boys in blue. Did you think we forgot? Did you think we would let you kick us out of our parks, teargas us, send veterans to the hospital, and conspire with other police forces to repress our uprising? We do not forgive, we do not forget: our vengeance will swallow you whole, and we will shit you out in to a place more hellish than the prisons you fill.

On New Years Eve, while revolutionary comrades brought the noise to the front of jails across the world in support of the incarcerated, we were opening fire on the websites and emails of the 1%, publishing stolen information from police departments in both California and New York. From coast to coast we lulzed as we hit the top police chiefs: skimming their private email and Facebook accounts, blissfully abusing their internal law enforcement portals, and making off quick with their private documents which we then published on tor hidden services and BitTorrent. Finally, we defaced their websites and rm’d their servers, live on IRC and Twitter for the whole world to see.

While we attacked police targets, we also decided to go after their supply chain. We bring you the full story of how we gutted the military and law enforcement equipment supply store, SpecialForces.com. Truth be told, we had been keeping quiet about this particular target for a time while we lived large off its pillaged goods. However, just prior to this release, a former member leaked the cleartext password lists, and some media picked up on it. Now that the jig is up, the full story of this owning can be told. To top this target off, we threw in some credit cards and home address info to thousands of their mostly military and police customer base. Hope they don’t mind. Just kidding.

We’re calling upon all allied battle ships, all armies of darkness, to rise up and use and abuse all the personal information of these tyrannical agents and supporters of the 1%. You wanted lulz? With the sheer amount of passwords, credit cards, and mail spools we plastered all over the internet, you can guarantee that the richest and most powerful people will continue to get owned hard well into 2012.


Soundtrack to the Rev Track #1 – Dead Prez – Hell Yeah

« I know a way we can get paid, you can get down but you can’t be afraid
let’s go to the DMV and get a ID, the name says you but the face is me
now it’s yo’ turn take my paperwork, like 1,2,3 let’s make it work
fill out the credit card application, it’s gonna be bout three weeks of waitin
for American Express, Discover card, Platinum Visa Mastercard,
when we was boostin’ shit we was targets, now we walk right up & say charge it
to the game we rockin’ brand names, well known at department store chains
even got the boys in the crew a few thangs, Po Po never know who true blame
store after store ya’ know we kept rollin’ wait 2 weeks report the card stolen
repeat the cycle like a laundrymat, like a glitch in the system hard to catch
comin’ out the mall, with the shopping bags, we take ’em right back & get the
cash yeah, get a friend and do it again, damn right that’s how we pay the rent

In this release, we will detail the lulzy and agonizing death of Stratfor.com, a premiere « global intelligence » company out of Austin, Texas. Long story short, they got owned hard. Really hard. The sheer amount of destruction we wreaked on Statfor’s servers is the digital equivalent of a nuclear bomb: leveling their systems in such a way that they will never be able to recover. We rooted box after box on their intranet: dumping their mysql databases, stealing their private ssh keys, and copying hundreds of employee mail spools. For weeks we used and abused their customer credit card information (which was all stored in cleartext in their mysql databases), eventually dumping all 75,000 credit cards and 860,000 md5-hashed passwords of their « private client list ». And if dumping everything on their employees and clients wasn’t enough to guarantee their bankruptcy, we laid waste to their webserver, their mail server, their development server, their clearspace and srm intranet portal and backup archives in such a way that ensures they won’t be coming back online anytime soon.

« But why Stratfor?! » came the cries from many butthurt customers, right wingers, confused pacifists, and many others who have never even heard of Stratfor until we blasted their asses off the internet. Now those who are already familiar with Antisec know we have always had a burning hatred for the security and intelligence industries (especially private companies with lucrative federal contracts). After all, these white hat « professionals » work for the corrupt governments and multi-national corporations to develop and protect technology that allow the oligarchical elite to better monitor and repress the general public while plotting for global financial and military dominance. They protect their assets and systems, while providing « accurate » and « non-ideological » intelligence and risk forecasts which the rich depend on to maintain global market stability. Bet they didn’t see this coming. Should have expected us. We found out that just like the cracks in the armor of global capitalism, their professional looking website was vulnerable as hell. Despite all their expensive degrees, meaningless certificates, and padded resumes of the elite, they remain woefully clueless in all matters related to security.


Besides the internal email correspondence between Stratfor and their « private clients » (which are sure to be quite revealing and embarrassing), what we were really after was the names, addresses, passwords, and credit cards to their customers. Who really pays $39.95 a month for daily right-wing political spam and access to a shitty drupal site? The DHS, FBI, Army, Navy, Bank of America, Raytheon, BAE, Lockheed Martin, Merrill Lynch, BP, Chevron, Monsanto, KBR, Booz Allen Hamilton, Microsoft, International Monetary Fund, and the World Bank are just a few on this list made up of the mightiest corporations and government institutions that exist. We shook the rotten tree of Stratfor and some ugly ass ducklings tumbled out: notorious war criminals Henry Kissinger, Paul Wolfowitz, ex-Vice President Dan Quayle, former CIA director Jim Woolsey, and many, many more. Australian billionaires Malcolm Turnbull and David Smorgon? They’re on it. So is Nick Selby from « Police Led Intelligence » who advises pigs on how to secure their systems. Fuck, even notorious white hat right-wing snitch Thomas Ryan from « Provide Security » is up in this shit. And we’re really asked why we hit Stratfor!? About the only person we felt bad about doxing was Harry Shearer. Besides the massive headaches these rich scumbags will have to go through to try to recover all their ill-gotten cash, the password information in these databases will ensure many future ownings of the 1%. So we decided to dump it all – not only because we wanted to share the lulz with everybody, but because we wanted to bring absolute mayhem upon the exploitative capitalist system in which Stratfor and it’s clients perpetuate. Suckaa!!!

The question is, will Stratfor ever recover? If they manage to clean up the remains of their charred servers, analyze the source of the breach and attempt to put up new websites with the hopes we won’t be back for more, will they ever survive as a corporation? Who will trust them ever again? How are their customers going to feel when they realize how hard they’ve been owned? Will anyone ever take their analysis and risk predictions seriously again? We’re excited to hear all the embarrassment and controversy that will ensue in the fallout of this epic death of a corporation, but we’ll let the researchers and journalists handle all that.

We don’t normally give out security advice, but here’s some for free: next time, consider running a free service…

Wired article on the exploit

Read more in their text file here

Votre commentaire

Entrez vos coordonnées ci-dessous ou cliquez sur une icône pour vous connecter:

Logo WordPress.com

Vous commentez à l’aide de votre compte WordPress.com. Déconnexion /  Changer )

Photo Facebook

Vous commentez à l’aide de votre compte Facebook. Déconnexion /  Changer )

Connexion à %s

%d blogueurs aiment cette page :