Murdoch's Sun Newspaper Hacked In The Name Of LulzSec

They're baaack, although they never really left: The LulzSec spin-off of the hacking group Anonymous has claimed responsibility for a high-profile hack of the website of Rupert Murdoch's tabloid newspaper "The Sun." LulzSec also promised to post online emails it stole from News International.

Late yesterday, LulzSec declared via its Twitter account that it had "owned Sun/News of the World," with the website displaying a phony front page story on The Sun's website that read, "Media moguls body discovered." The group also redirected the site's visitors to its Twitter feed and leaked the mobile phone numbers of three News International officials.

Meanwhile, the FBI today announced that it has arrested 14 suspected members of Anonymous from Alabama, Arizona, California, Colorado, the District of Columbia, Florida, Massachusetts, Nevada, New Mexico, and Ohio, in hacking allegations against PayPal's website. The distributed denial-of-service (DDoS) attacks on PayPal were waged by Anonymous in the wake of the WikiLeaks scandal.

The FBI also arrested two other individuals for other hacking charges, and conducted raids at the homes of three suspects in New York.

The agents removed a laptop from the home of Giordani Jordan in Baldwin, N.Y., and then raided homes in Long Island and Brooklyn, according to an earlier report by Fox. According to the report, Jordan's computer had allegedly been used in DDoS attacks against multiple companies.

But given the loose affiliations and multiple splinter and spin-off groups of Anonymous, the reported arrests won't likely stop the hacktivist attacks anytime soon, security experts say. "The larger question is whether the ideas and tactics will continue fresh in the mind of other aspiring “hacktivists”, or whether this will have a cooling off effect on this, and other efforts," said Cameron Camp, an ESET researcher today in a blog post.

And experts say the busts are likely lower-level participants in Anonymous. "It is likely that the suspected Anonymous members were no more than foot soldiers in the larger Anonymous battle," says Andrew Herlands, director of security strategy for Application Security Inc. "It’s likely that the people arrested are merely pawns, and while they may be made an example of, their arrest will likely have little to no short term impact on the hacktivist attacks."

LulzSec late last month said it was signing off after 50 days of publicly wreaking havoc on a wide range of victims, from Sony to the CIA. The group then basically joined forces under the AntiSec umbrella with Anonymous and its other spin-off hacking groups. Researchers say it's the same hackers, swapping different banners.

"This was the work of Lulz Security, dear media. We would like to give a shout-out to our bros at @AnonymousIRC though, we love those guys!" LulzSec tweeted yesterday in the wake of The Sun website hack.

According to a report today in The Guardian, the hackers discovered a hole in a Solaris server for News International's smaller or less-important articles. They then exploited a local file inclusion flaw to take over the server, the article said.

News International, the British subsidiary of News Corp., is embroiled in a phone hacking scandal at its now-defunct News of The World newspaper. The case spans Murdoch's businesses, police officials, and politicians.

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.