Attacks/Breaches
3/27/2012
08:53 AM
Connect Directly
RSS
E-Mail
50%
50%

LulzSec Reborn Claims Military Dating Site Hack

Hacktivists exposed details of 170,000 people on militarysingles.com, as the LulzSec reboot appears to be gaining steam.

Anonymous: 10 Facts About The Hacktivist Group
Anonymous: 10 Facts About The Hacktivist Group
(click image for larger view and for slideshow)
Picking up the mantle where LulzSec left off, a new group calling itself LulzSec Reborn this week announced that it had hacked a military dating website and released usernames and passwords for 170,937 subscribers.

LulzSec Reborn announced the hack Sunday via Pastebin post: "The website http://www.militarysingles.com/ was recently closed day ago or so, so we dumped email db. There are emails such as @us.army.mil; @carney.navy.mil; @greatlakes.cnet.navy.mil; @microsoft.com; etc." The group also released a 13-MB file, compressed using RAR, that contained stolen user data.

Meanwhile, a Tuesday tweet from Operation Digiturk (Anonymous News Turkey)--which had initially publicized the breach--promised, "You will see the full database of military singles which includes priv messages etc soon :)."

MilitarySingles bills itself as "an online dating service created to provide soldiers a means to find a match with someone who is interested in the military lifestyle," as well as "a great way for any civilian to find the soldier of their dreams." But according to DataBreaches.net, instead of members' images displaying on the website Monday, there was instead this text: "Error: Slideshow data cannot load due to security issue." By Tuesday, however, the site's images appeared to once again be working.

[ It's no longer a matter of if or when you get hacked. See Security's New Reality: Assume The Worst. ]

In a comment posted to DataBreaches.net Sunday, the administrator for ESingles--the company that runs MilitarySingles--disputed that the site had been hacked. "We at ESingles Inc. are aware of the claim that someone has hacked MilitarySingles.com and are currently investigating the situation. At this time there is no actual evidence that MilitarySingles.com was hacked and it is possible that the Tweet from Operation Digiturk is simply a false claim. We do however take the security and privacy of our members very seriously and will therefore treat this claim as if it were real and proceed with the required security steps in order to ensure the website and its database is secure."

But in response to that comment, a post from DataBreaches.net read, "I compared the database in the .rar file to the 'online members' pictured on your home page and the entries in the data dump correspond to those usernames."

Likewise, LulzSec Reborn tweeted Monday: "Stupid Administrator 'There is no evidence militarysingles is hacked' Well guess what?" and linked to a page on the MilitarySingles.com website which read: "lulz is sb."

Accordingly, any users of the dating site should expect to see their username and password choices leaked online. "If you know anyone who has ever used the Military Singles website, it would be a good idea to tell them to change their password as a precaution--and to ensure that they are not using the same password anywhere else," said Graham Cluley, senior technology consultant at Sophos, in a blog post.

The dating website hack was the first data release associated with LulzSec Reborn, which announced its return, or at least reboot, last week via YouTube. "You haven't stopped us, you have merely disrupted the active faction," said the video, which didn't yet sport the "LulzSec Reborn" name. While that communication had promised that April 1, 2012, would be the group's official launch date, a Monday tweet from the LulzSec Reborn account claimed, "we don't know who is planning that..."

Did whoever's behind LulzSec Reborn have anything to do with LulzSec, or is the nomenclature just a hacktivist branding exercise? "Of course, on the Internet, anyone can claim to be whatever they want," said Cluley. In addition, the FBI announced earlier this month that it had arrested the leaders of LulzSec, as well as some of the key members of Anonymous.

Regardless of who's involved, LulzSec Reborn appears to be gearing up for more "data dumps." Tuesday, the group also announced via Pastebin the release of a 500-k zip file, distributed via cyberlocker file-sharing services, containing what appear to be files from the CSS Corp website. Early Tuesday morning, the website for the company, which offers information and communication technology services, appeared to be offline. The leaked file includes website surveys, contact information for CSS media relations personnel, as well as a "users" file containing what appear to be usernames, email addresses, and passwords for nine CSS employees.

Secure Sockets Layer isn't perfect, but there are ways to optimize it. The new Web Encryption That Works supplement from Dark Reading shows four places to start. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
MyW0r1d
50%
50%
MyW0r1d,
User Rank: Apprentice
3/27/2012 | 11:42:42 PM
re: LulzSec Reborn Claims Military Dating Site Hack
I would have to say in a word the Pvt. Mannings of the military are the reason to hack a military dating site. While LulzSec have so far demonstrated more interest in embarrassment, causing discomfort, or highlighting deficiencies, the information could be used by others to exert pressure on young soldiers in sensitive positions as effectively as monetary incentives. The results are data and operational compromises which put them in danger. Think of the deployed soldier concerned about losing contact with a future subject of interest and writes to this friend on the site that they would be out of touch for a few days because they are moving. The next thing you read in the press is of a military convoy ambush wth casualties near a deployed location. This is why some of the services initially tried to block these sites on DoD channels. A poorly conceived effort with mobile access now commonplace. Actually, variations of the tactic can be traced back years if you consider the radio broadcasts during the great wars, Mata Hari, or Anna Chapman's of the world.
TT Millard
50%
50%
TT Millard,
User Rank: Apprentice
3/27/2012 | 7:33:50 PM
re: LulzSec Reborn Claims Military Dating Site Hack
As a consultant, the problem I find with many of the companies I work with is the simple fact that they don't have the IT dollars to spend to bring security to where it should / needs to be. They really don't take a lot of it seriously. Comments like "why would they want our information?". Even more problematic is when the attacks are stealthy enough so companies are not even aware of the breach.

I look at the internet these days as the Wild West back in the early days as we settled the US. We've got a ways to go before things become a bit more civilized and we find ways to protect our systems more easily and with less overhead.

Until then, just have to keep your 6 shooter strapped to your belt and hope you get the first shot...
Hey you over there!
50%
50%
Hey you over there!,
User Rank: Apprentice
3/27/2012 | 6:16:36 PM
re: LulzSec Reborn Claims Military Dating Site Hack
Hacking a dating site?! What's the point? There are a lot of much more deserving targets out there, like Monsanto which is poisoning OUR food supply with genetically-modified frankenfoods.

This corporate villain has bribed officials in OUR government to allow this crap to be sold in our supermarkets UNLABELED so consumers can't avoid it!

And as Wikileaks has revealed, Monsanto has corrupted OUR government so much, it's putting pressure on European countries (who do a better job of protecting their citizens) to allow these frankenfoods in their countries.

If a corporation ever deserved to be hacked, it's Monsanto.
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-7877
Published: 2014-10-30
Unspecified vulnerability in the kernel in HP HP-UX B.11.31 allows local users to cause a denial of service via unknown vectors.

CVE-2014-3051
Published: 2014-10-29
The Internet Service Monitor (ISM) agent in IBM Tivoli Composite Application Manager (ITCAM) for Transactions 7.1 and 7.2 before 7.2.0.3 IF28, 7.3 before 7.3.0.1 IF30, and 7.4 before 7.4.0.0 IF18 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof s...

CVE-2014-3668
Published: 2014-10-29
Buffer overflow in the date_from_ISO8601 function in the mkgmtime implementation in libxmlrpc/xmlrpc.c in the XMLRPC extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows remote attackers to cause a denial of service (application crash) via (1) a crafted first argument t...

CVE-2014-3669
Published: 2014-10-29
Integer overflow in the object_custom function in ext/standard/var_unserializer.c in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an argument to the unserialize function ...

CVE-2014-3670
Published: 2014-10-29
The exif_ifd_make_value function in exif.c in the EXIF extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 operates on floating-point arrays incorrectly, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly exec...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.