Attacks/Breaches
11/8/2011
03:45 PM
Connect Directly
RSS
E-Mail
50%
50%

Anonymous Hacks Wal-Mart, CapitalOne, Finland, El Salvador

Releases troves of stolen data, some of unknown origin, and issues call for mass disruptions of the Iowa caucuses.

10 Massive Security Breaches
(click image for larger view)
Slideshow: 10 Massive Security Breaches
It's been a busy few days for the hacktivist collective known as Anonymous.

On Saturday, Anonymous released data it had stolen after hacking the websites of CapitalOne and Wal-Mart. According to Anonymous, its data dump includes information on everyone from Warren Buffet and Michael Bloomberg to Monsanto CEO Hugh Grant and embattled ex-Harvard president and former Obama financial advisor Lawrence Summers.

Also on Saturday, the group released a YouTube video calling for people to occupy "campaign offices of presidential headquarters in Des Moines, Iowa," come December, in a bid to disrupt the Iowa caucuses in January. The Anonymous communication accused both the Democratic and Republican parties of "committing crimes against humanity on behalf of American people" and destroying "the American democracy." As a result, the group said that it was extending "Operation Empire State Rebellion"--a nod to the Occupy Wall Street movement, which it has been supporting with hack attacks--to Iowa.

Meanwhile, on Monday, officials in El Salvador disclosed that Anonymous had launched a cyber attack against government websites there, two weeks ago. All told, the distributed denial of service (DDoS) attack flooded government websites with a total of 30 million hits, reported AFP. The government said it took the websites offline until the attack had subsided.

[A former Anonymous hacker offers security tips. See 14 Enterprise Security Tips From Anonymous Hacker.]

On Saturday in Finland, officials discovered that Anonymous had released a data dump involving information on 16,000 Finns, but from an unknown website or websites. "We still do not know if the data has been collected by breaking into the services, or if some other method of obtaining information has been used. In the related Internet conversations there is a rumor circulating, according to which this would be a list for adult education marketing purposes," Mikko Hypponen, chief research officer at Finland's F-Secure, told the Finnish newspaper Helsingin Sanomat on Tuesday.

The newspaper said that the released data includes "the names, full social security numbers, addresses, telephone numbers, street addresses, and email addresses of the victims." Government officials said the list seems to combine information from multiple higher-education institutions, including the country's police college.

Again in Finland, Anonymous claimed on Monday to have hacked a database that stores requests for joining the mailing list for the website of a far-right political party in Finland. The Suomen Kansallinen Vastarinta (SKV) party, according to one Finland commentator, Enrique Tessieri, espouses the position of "many neo-Nazi organizations in Europe, who live in a delusionary views about racial purity that date back to Germany and Europe of the 1930s."

The Anonymous exploits in El Salvador, Finland, and the United States follow recent, claimed attacks against numerous Israeli government websites, as well as a campaign--later called off--against Mexico's Zetas drug cartel.

In other words, various parts of Anonymous have been busy lately, quite possibly due to it having been Guy Fawkes Day on November 5. The day holds special significance for the collective, which has incorporated graphic novelist Alan Moore's V For Vendetta take on the day, which transformed Fawkes, a religious zealot bent on exploding the British Parliament, into a modern crusader against a corrupt, totalitarian government, sporting what's now become the trademark Anonymous mask. (As also featured in the film version.) However, as noted in a recent Guardian story, there's no small irony in the fact that a portion of the sale of every mask goes to Warner Brothers, which is part of TimeWarner, which is part of the Motion Picture Association of America, which promotes an anti-online-piracy ethos that's decidedly not part of the Anonymous philosophy.

[Update: Capital One has contacted InformationWeek with a correction to this story: "Capital One's site was under a scheduled routine maintenance on Saturday evening. This was something we controlled and our customers were still able to access online account servicing and complete their transactions. The news that our website was hacked is inaccurate and at no time were our customers unable to transact," the spokesman said.]

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0640
Published: 2014-08-20
EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote authenticated users to bypass intended restrictions on resource access via unspecified vectors.

CVE-2014-0641
Published: 2014-08-20
Cross-site request forgery (CSRF) vulnerability in EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers to hijack the authentication of arbitrary users.

CVE-2014-2505
Published: 2014-08-20
EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers to trigger the download of arbitrary code, and consequently change the product's functionality, via unspecified vectors.

CVE-2014-2511
Published: 2014-08-20
Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop before 6.7 SP1 P28 and 6.7 SP2 before P14 allow remote attackers to inject arbitrary web script or HTML via the (1) startat or (2) entryId parameter.

CVE-2014-2515
Published: 2014-08-20
EMC Documentum D2 3.1 before P24, 3.1SP1 before P02, 4.0 before P11, 4.1 before P16, and 4.2 before P05 does not properly restrict tickets provided by D2GetAdminTicketMethod and D2RefreshCacheMethod, which allows remote authenticated users to gain privileges via a request for a superuser ticket.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Three interviews on critical embedded systems and security, recorded at Black Hat 2014 in Las Vegas.