Attacks/Breaches
4/26/2013
11:23 AM
50%
50%

Anonymous Australia Disavows Self-Proclaimed LulzSec Leader

Australian police trumpet hacktivist mastermind takedown, but Anonymous dismisses him as a wannabe.

Anonymous: 10 Things We Have Learned In 2013
Anonymous: 10 Things We Have Learned In 2013
(click image for larger view and for slideshow)
Australian police this week arrested IT professional Matt Flannery, 24, on charges of defacing a government website.

According to the police charges, Flannery (aka "Aush0k") "attacked and defaced a government website" and accessed one or more sites without authorization.

The Australian Federal Police (AFP) said his arrest resulted from a two-week investigation that commenced after a government website had been defaced. "This individual was operating from a position of trust who had access to sensitive information from clients including government agencies," said the AFP's manager of cybercrime operations commander, Glen McEwen, in a Wednesday press briefing. "The AFP believes this man's skill sets and access to this type of information presented a considerable risk for Australian society."

McEwan said Flannery had also boasted that he was the leader of the Anonymous hacktivist offshoot group known LulzSec. The police force earlier this week issued a press release trumpeting that Flannery was "the first member of the group to be charged by the AFP."

Australia Anonymous, however, quickly dismissed Flannery's claims of a leadership role in LulzSec: "Nope not part of the usual suspects on any of our chans of communication I suspect some DDos skid on his mums win box," read a tweet issued by the group. Other Anonymous channels, meanwhile, took to tweeting what was labeled as a link to the real leader of LulzSec, which resolved to a picture of a kitten.

[ Legislation can't stop hacktivists. Read Laws Can't Save Banks From DDoS Attacks. ]

According to police, Flannery worked for Content Security, an Australian reseller of products made by Tenable Network Security, which develops Nessus vulnerability scanning software. Content Security officials said they had no knowledge of the attacks allegedly launched by Flannery. Tenable, meanwhile, said it didn't employ Flannery. "Matt Flannery is not and has never been an employee of Tenable Network Security," according to a Wednesday tweet from Tenable.

If convicted on all charges relating to the alleged government website defacement, Flannery faces up to 12 years in prison.

In related LulzSec news, last week Cody Kretsinger (aka Recursion), 25, was sentenced to one year in prison, after pleading guilty in April 2012 to two charges relating to his participation in a SQL injection attack against the Sony Pictures Entertainment website. Kretsinger also admitted to using the LulzSec website and Twitter to post 150,000 stolen Sony usernames and passwords. Following his prison sentence, Kretsinger will be required to serve one year's home detention, perform 1,000 hours of community service and pay $605,663 in restitution.

Also this month, fellow LulzSec participant member Ryan Ackroyd (aka Kayla), 26, pleaded guilty in a London courtroom to one charge relating to disrupting numerous websites in 2011, including the Arizona State Police and 20th Century Fox sites. Also this month, Jake Davis (aka topiary), 20, and Mustafa al-Bassam (aka Tflow), 18, pleaded guilty in a London courtroom to launching website attacks against the CIA, Britain's Serious Organized Crime Agency and National Health Service, as well as News International, 20th Century Fox and Sony Pictures Entertainment. Ackroyd, Davis and al-Bassam are due to be sentenced next month.

People are your most vulnerable endpoint. Make sure your security strategy addresses that fact. Also in the new, all-digital How Hackers Fool Your Employees issue of Dark Reading: Effective security doesn't mean stopping all attackers. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
GinaR276
50%
50%
GinaR276,
User Rank: Apprentice
10/24/2014 | 4:32:50 PM
LulzSec Whats this Matthew Flannery did what?
"AFP's manager of cybercrime operations commander, Glen McEwen, in a Wednesday press briefing. "The AFP believes this man's skill sets and access to this type of information presented a considerable risk for Australian society."

The above statement worries me. If the AFP truly believes that this man's skill set is a risk , who in hell will they rely on to protect Australia??

By using this mans knowledge and others like him we would have the ability to stop hackers in their tracks. Also giving these talented men and woman a job they would be proud of.

I believe someone in authority is running scared and has their wires crossed. They wouldn't know the first place to start to screen these guys, for the job of preventing attacks against the security of Australia and or other countries for that matter.

Enough said here I will leave you all to have a really good think about what I have written.

Regards

GG

Do they compensate this guy for the years he kept trying to prove his innocence of the accused crime?
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2001-1594
Published: 2015-08-04
GE Healthcare eNTEGRA P&R has a password of (1) entegra for the entegra user, (2) passme for the super user of the Polestar/Polestar-i Starlink 4 upgrade, (3) 0 for the entegra user of the Codonics printer FTP service, (4) eNTEGRA for the eNTEGRA P&R user account, (5) insite for the WinVNC Login, an...

CVE-2002-2445
Published: 2015-08-04
GE Healthcare Millennium MG, NC, and MyoSIGHT has a default password of (1) root.genie for the root user, (2) "service." for the service user, (3) admin.genie for the admin user, (4) reboot for the reboot user, and (5) shutdown for the shutdwon user, which has unspecified impact and attack vectors.

CVE-2002-2446
Published: 2015-08-04
GE Healthcare Millennium MG, NC, and MyoSIGHT has a password of insite.genieacq for the insite account that cannot be changed without disabling product functionality for remote InSite support, which has unspecified impact and attack vectors.

CVE-2003-1603
Published: 2015-08-04
GE Healthcare Discovery VH has a default password of (1) interfile for the ftpclient user of the Interfile server or (2) "2" for the LOCAL user of the FTP server for the Codonics printer, which has unspecified impact and attack vectors.

CVE-2004-2777
Published: 2015-08-04
GE Healthcare Centricity Image Vault 3.x has a password of (1) gemnet for the administrator account, (2) webadmin for the webadmin administrator account of the ASACA DVD library, (3) an empty value for the gemsservice account of the Ultrasound Database, and possibly (4) gemnet2002 for the gemnet2002...

Dark Reading Radio
Archived Dark Reading Radio
What’s the future of the venerable firewall? We’ve invited two security industry leaders to make their case: Join us and bring your questions and opinions!