Attacks/Breaches
4/26/2013
11:23 AM
Connect Directly
RSS
E-Mail
50%
50%

Anonymous Australia Disavows Self-Proclaimed LulzSec Leader

Australian police trumpet hacktivist mastermind takedown, but Anonymous dismisses him as a wannabe.

Anonymous: 10 Things We Have Learned In 2013
Anonymous: 10 Things We Have Learned In 2013
(click image for larger view and for slideshow)
Australian police this week arrested IT professional Matt Flannery, 24, on charges of defacing a government website.

According to the police charges, Flannery (aka "Aush0k") "attacked and defaced a government website" and accessed one or more sites without authorization.

The Australian Federal Police (AFP) said his arrest resulted from a two-week investigation that commenced after a government website had been defaced. "This individual was operating from a position of trust who had access to sensitive information from clients including government agencies," said the AFP's manager of cybercrime operations commander, Glen McEwen, in a Wednesday press briefing. "The AFP believes this man's skill sets and access to this type of information presented a considerable risk for Australian society."

McEwan said Flannery had also boasted that he was the leader of the Anonymous hacktivist offshoot group known LulzSec. The police force earlier this week issued a press release trumpeting that Flannery was "the first member of the group to be charged by the AFP."

Australia Anonymous, however, quickly dismissed Flannery's claims of a leadership role in LulzSec: "Nope not part of the usual suspects on any of our chans of communication I suspect some DDos skid on his mums win box," read a tweet issued by the group. Other Anonymous channels, meanwhile, took to tweeting what was labeled as a link to the real leader of LulzSec, which resolved to a picture of a kitten.

[ Legislation can't stop hacktivists. Read Laws Can't Save Banks From DDoS Attacks. ]

According to police, Flannery worked for Content Security, an Australian reseller of products made by Tenable Network Security, which develops Nessus vulnerability scanning software. Content Security officials said they had no knowledge of the attacks allegedly launched by Flannery. Tenable, meanwhile, said it didn't employ Flannery. "Matt Flannery is not and has never been an employee of Tenable Network Security," according to a Wednesday tweet from Tenable.

If convicted on all charges relating to the alleged government website defacement, Flannery faces up to 12 years in prison.

In related LulzSec news, last week Cody Kretsinger (aka Recursion), 25, was sentenced to one year in prison, after pleading guilty in April 2012 to two charges relating to his participation in a SQL injection attack against the Sony Pictures Entertainment website. Kretsinger also admitted to using the LulzSec website and Twitter to post 150,000 stolen Sony usernames and passwords. Following his prison sentence, Kretsinger will be required to serve one year's home detention, perform 1,000 hours of community service and pay $605,663 in restitution.

Also this month, fellow LulzSec participant member Ryan Ackroyd (aka Kayla), 26, pleaded guilty in a London courtroom to one charge relating to disrupting numerous websites in 2011, including the Arizona State Police and 20th Century Fox sites. Also this month, Jake Davis (aka topiary), 20, and Mustafa al-Bassam (aka Tflow), 18, pleaded guilty in a London courtroom to launching website attacks against the CIA, Britain's Serious Organized Crime Agency and National Health Service, as well as News International, 20th Century Fox and Sony Pictures Entertainment. Ackroyd, Davis and al-Bassam are due to be sentenced next month.

People are your most vulnerable endpoint. Make sure your security strategy addresses that fact. Also in the new, all-digital How Hackers Fool Your Employees issue of Dark Reading: Effective security doesn't mean stopping all attackers. (Free registration required.)

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, September 16, 2014
Malicious software is morphing to be more targeted, stealthy, and destructive. Are you prepared to stop it?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2006-1318
Published: 2014-09-19
Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, Office 2004 for Mac, and Office X for Mac do not properly parse record lengths, which allows remote attackers to execute arbitrary code via a malformed control in an Office document, aka "Microsoft Office Control Vulnerability."

CVE-2012-2588
Published: 2014-09-19
Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Enterprise 6.5 allow remote attackers to inject arbitrary web script or HTML via the (1) From, (2) To, or (3) Subject header or (4) body in an SMTP e-mail message.

CVE-2012-6659
Published: 2014-09-19
Cross-site scripting (XSS) vulnerability in the admin interface in Phorum before 5.2.19 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

CVE-2014-1391
Published: 2014-09-19
QT Media Foundation in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file with RLE encoding.

CVE-2014-3614
Published: 2014-09-19
Unspecified vulnerability in PowerDNS Recursor (aka pdns_recursor) 3.6.x before 3.6.1 allows remote attackers to cause a denial of service (crash) via an unknown sequence of malformed packets.

Best of the Web
Dark Reading Radio