03:45 PM

Anonymous Hacks Wal-Mart, CapitalOne, Finland, El Salvador

Releases troves of stolen data, some of unknown origin, and issues call for mass disruptions of the Iowa caucuses.

10 Massive Security Breaches
(click image for larger view)
Slideshow: 10 Massive Security Breaches
It's been a busy few days for the hacktivist collective known as Anonymous.

On Saturday, Anonymous released data it had stolen after hacking the websites of CapitalOne and Wal-Mart. According to Anonymous, its data dump includes information on everyone from Warren Buffet and Michael Bloomberg to Monsanto CEO Hugh Grant and embattled ex-Harvard president and former Obama financial advisor Lawrence Summers.

Also on Saturday, the group released a YouTube video calling for people to occupy "campaign offices of presidential headquarters in Des Moines, Iowa," come December, in a bid to disrupt the Iowa caucuses in January. The Anonymous communication accused both the Democratic and Republican parties of "committing crimes against humanity on behalf of American people" and destroying "the American democracy." As a result, the group said that it was extending "Operation Empire State Rebellion"--a nod to the Occupy Wall Street movement, which it has been supporting with hack attacks--to Iowa.

Meanwhile, on Monday, officials in El Salvador disclosed that Anonymous had launched a cyber attack against government websites there, two weeks ago. All told, the distributed denial of service (DDoS) attack flooded government websites with a total of 30 million hits, reported AFP. The government said it took the websites offline until the attack had subsided.

[A former Anonymous hacker offers security tips. See 14 Enterprise Security Tips From Anonymous Hacker.]

On Saturday in Finland, officials discovered that Anonymous had released a data dump involving information on 16,000 Finns, but from an unknown website or websites. "We still do not know if the data has been collected by breaking into the services, or if some other method of obtaining information has been used. In the related Internet conversations there is a rumor circulating, according to which this would be a list for adult education marketing purposes," Mikko Hypponen, chief research officer at Finland's F-Secure, told the Finnish newspaper Helsingin Sanomat on Tuesday.

The newspaper said that the released data includes "the names, full social security numbers, addresses, telephone numbers, street addresses, and email addresses of the victims." Government officials said the list seems to combine information from multiple higher-education institutions, including the country's police college.

Again in Finland, Anonymous claimed on Monday to have hacked a database that stores requests for joining the mailing list for the website of a far-right political party in Finland. The Suomen Kansallinen Vastarinta (SKV) party, according to one Finland commentator, Enrique Tessieri, espouses the position of "many neo-Nazi organizations in Europe, who live in a delusionary views about racial purity that date back to Germany and Europe of the 1930s."

The Anonymous exploits in El Salvador, Finland, and the United States follow recent, claimed attacks against numerous Israeli government websites, as well as a campaign--later called off--against Mexico's Zetas drug cartel.

In other words, various parts of Anonymous have been busy lately, quite possibly due to it having been Guy Fawkes Day on November 5. The day holds special significance for the collective, which has incorporated graphic novelist Alan Moore's V For Vendetta take on the day, which transformed Fawkes, a religious zealot bent on exploding the British Parliament, into a modern crusader against a corrupt, totalitarian government, sporting what's now become the trademark Anonymous mask. (As also featured in the film version.) However, as noted in a recent Guardian story, there's no small irony in the fact that a portion of the sale of every mask goes to Warner Brothers, which is part of TimeWarner, which is part of the Motion Picture Association of America, which promotes an anti-online-piracy ethos that's decidedly not part of the Anonymous philosophy.

[Update: Capital One has contacted InformationWeek with a correction to this story: "Capital One's site was under a scheduled routine maintenance on Saturday evening. This was something we controlled and our customers were still able to access online account servicing and complete their transactions. The news that our website was hacked is inaccurate and at no time were our customers unable to transact," the spokesman said.]

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.