Attacks/Breaches
1/28/2013
11:33 AM
50%
50%

Anonymous Plays Games With U.S. Sites

Protesting over death of Internet activist Aaron Swartz, Anonymous defaces U.S. government websites to hide a free game of Asteroids.

Anonymous has gone old-school with its latest attack, altering a number of U.S. government websites to hide a free game of Asteroids.

The hacktivist collective's initial target was the website of the U.S. Sentencing Commission, which establishes sentencing policies and practices for the federal courts. After the site was reportedly altered Friday, the site's administrators expunged the Asteroids game over the weekend. As of Monday morning, the site's administrators had apparently taken the site -- which Anonymous claimed to still control -- offline.

A statement posted by Anonymous to Reddit said the website defacement was meant as retaliation for the manner in which prosecutors handled the case of Aaron Swartz, who co-created the RSS 1.0 specification and helped establish Reddit. Facing a 35-year jail sentence for downloading millions of documents from the academic journal archive JSTOR, Swartz -- who had long battled depression -- earlier this month committed suicide.

Anonymous said it selected the Sentencing Commission's website for its obvious relevance to Swartz's case. "Two weeks ago today, a line was crossed. Two weeks ago today, Aaron Swartz was killed. Killed because he faced an impossible choice," read the Anonymous statement. "Killed because he was forced into playing a game he could not win -- a twisted and distorted perversion of justice -- a game where the only winning move was not to play."

[ For more on Anonymous's recent exploits, see Anonymous DDoS Attackers In Britain Sentenced. ]

The FBI said it's investigating the website defacements. "We were aware as soon as it happened and are handling it as a criminal investigation," read a statement released by Richard McFeely, executive assistant director of the Criminal, Cyber, Response, and Services Branch of the FBI, reported Bloomberg. "We are always concerned when someone illegally accesses another person's or government agency's network."

If the Sentencing Commission's website was offline, Monday morning the Asteroids game could still be played on the U.S. Probation Office for the Eastern District of Michigan website, after entering a so-called Konami code (a series of arrows and letters). After that, a dialog box pops up, reading, "PEW PEW PEW PEW PEW! End Prosecutorial Overreach!" From there, site visitors are given a spaceship and allowed to shoot lasers -- and later, a smart bomb -- which obliterates the Web page. Anonymous promised prizes for "a small fraction of winners."

The Anonymous website defacement -- for lack of a better word -- was made as part of the group's broader Operation Last Resort, which seeks to reform the Computer Fraud and Abuse Act (CFAA) under which Swartz was charged. "There must be reform of mandatory minimum sentencing ... a return to proportionality of punishment with respect to actual harm caused, and consideration of motive and mens rea." (Mens rea refers to acting with a "guilty mind.")

To add impetus to its request, Anonymous on Saturday promised that the Asteroids game defacements aren't the only card up its sleeve. The group tweeted on Monday, "How about a nice game of chess Mr Government?" According to a statement released by the group, it's infiltrated a number of government websites and databases -- it refused to disclose which ones -- and stolen sensitive information, which it's been distributing in an encrypted file that has been mirrored to numerous websites.

"The contents are various and we won't ruin the speculation by revealing them," said Anonymous. "Suffice it to say, everyone has secrets, and some things are not meant to be public. At a regular interval commencing today, we will choose one media outlet and supply them with heavily redacted partial contents of the file."

Threats aside, Anonymous is far from the only group calling for the CFAA to be revised. Notably, George Washington University professor Orin Kerr, a former Department of Justice computer crime prosecutor, has proposed specific changes to CFAA, including making it harder for minor crimes to be classified as felonies.

Kerr's proposals have been picked up and refined by the Electronic Frontier Foundation (EFF), in what calls "Aaron's Law." The group's suggestions have also been endorsed by Jennifer Granick, the director of civil liberties at the Stanford Center for Internet and Society, who described Kerr's initial efforts as "necessary but not sufficient."

Both the EFF and Granick are pushing for a better definition of "without authorization" in the CFAA, which governs when accessing a network resource or system is, or isn't, illegal. "There should be an exception to CFAA liability when a service is offered for free to the public but implements technological controls on either automation, download rate or access time," said Granick in a blog post. "Certainly evading these limits could be a civil violation, or the service may find a way to ban the offender completely, but it should not be a federal crime."

But will Congress pick up on the proposals and reform CFAA?

Hackers Unmasked: Detecting, Analyzing And Taking Action Against Current Threats. In this all-day InformationWeek and Dark Reading Virtual Event, experts and vendors will offer a detailed look at how enterprises can detect the latest malware, analyze the most current cyber attacks, and even identify and take action against the attackers. Attendees of the Hackers Unmasked event will also get a look at how cybercriminals operate, how they are motivated -- and what your business can do to stop them. It happens Feb. 7. (Free registration required.)

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6501
Published: 2015-03-30
The default soap.wsdl_cache_dir setting in (1) php.ini-production and (2) php.ini-development in PHP through 5.6.7 specifies the /tmp directory, which makes it easier for local users to conduct WSDL injection attacks by creating a file under /tmp with a predictable filename that is used by the get_s...

CVE-2014-9209
Published: 2015-03-30
Untrusted search path vulnerability in the Clean Utility application in Rockwell Automation FactoryTalk Services Platform before 2.71.00 and FactoryTalk View Studio 8.00.00 and earlier allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.

CVE-2014-9652
Published: 2015-03-30
The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which might allow remote atta...

CVE-2014-9653
Published: 2015-03-30
readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service (uninitialized memory ...

CVE-2014-9705
Published: 2015-03-30
Heap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allows remote attackers to execute arbitrary code via vectors that trigger creation of multiple dictionaries.

Dark Reading Radio
Archived Dark Reading Radio
Good hackers--aka security researchers--are worried about the possible legal and professional ramifications of President Obama's new proposed crackdown on cyber criminals.