Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

Accused LulzSec Member Pleads Not Guilty

Alleged LulzSec lieutenant accused of masterminding Stratfor hack, along with numerous other charges. Jeremy Hammond, a.k.a. Anarchaos, served prison time for previous hacking incident.

Alleged LulzSec lieutenant Jeremy Hammond, 27, who's been indicted on computer hacking and other charges, entered a not guilty plea Monday in a New York federal courtroom.

Hammond also entered no bail request at his arraignment, reported AP. He's been held at a Manhattan lockup since his arrest in early March and an initial court hearing in Chicago. He's next due to appear in court on July 23, 2012.

A federal indictment revised earlier this month accused Chicago-based Hammond (a.k.a. Anarchaos, burn, POW, ghost, and anarchaker, among other aliases) of being involved in numerous exploits. Those include hacks of the websites of the Arizona Department of Public Safety (DPS) and global intelligence firm Stratfor (a.k.a. Strategic Forecasting), and other attacks that were launched under the banner of Internet Feds, Anonymous, LulzSec, and AntiSec.

[ Not surprisingly, cybercrime is on the rise. See ID Theft, Online Fraud Rose Slightly In 2011. ]

The federal indictment also charged four other men--Ryan Ackroyd (a.k.a. kayla, lol, lolspoon), Jake Davis (a.k.a. topiary, atopiary), Darren Martyn (a.k.a. pwnsauce, raepsauce, networkkitten), and Donncha O'Cearrbhail (a.k.a. Palladium) with having participated in hacking attacks against InfraGard Atlanta, the Fox Broadcasting Company's X-Factor participant database, Sony Pictures Entertainment, HBGary Federal, and the Public Broadcasting Service (PBS), among other sites.

Federal prosecutors have accused Hammond of masterminding the Stratfor exploits, which were carried out between December 2011 and March 2012 and involved the theft of credit card data. The criminal complaint also charged Hammond and multiple co-conspirators with using "some of the stolen credit card data to make at least $700,000 worth of unauthorized charges" and publicly disclosing confidential information, including Stratfor employees' emails and its customers' names, email addresses, and credit card numbers.

According to the indictment, Hammond exchanged chat messages with two unnamed co-conspirators on December 26, 2011, in which he boasted of decrypting 4,500 Stratfor clients' passwords and they "discussed exploiting credit card information that had been stolen from Stratfor's computer servers."

According to the court documents, unnamed co-conspirators of Hammond uploaded the stolen Stratfor data "onto a server located in the Southern District of New York." Authorities have said that admitted Lulzsec Leader Hector Xavier Monsegur (a.k.a. Sabu), who was arrested in June 2011 and was working as a government informant at the time of the Stratfor hacks, had provided the server onto which the exfiltrated Stratfor data was copied.

Hammond's supporters have created a website, freehammond.com, seeking donations to help Hammond, who they've dubbed a "crusader for information liberation and WikiLeaks."

Hammond's defense attorney, Jim Fennerty, told AP that his client is an activist who's protested neo-Nazi groups. He also opposes Chicago's bid to host the 2016 Olympics, saying that it would disadvantage low-income residents. Hammond has been arrested numerous times on disorderly conduct and property damage charges--all related to protests--and for marijuana possession.

By many accounts, Hammond is a skilled programmer and penetration tester. Hammond has said that he began programming video games in QBasic at the age of nine, and after graduating high school, created HackThisSite.org, which is billed as "a free, safe and legal training ground for hackers to test and expand their hacking skills."

Hammond's March arrest wasn't his first brush with authorities investigating hack attacks. In 2005, the Chicago Reader reported that Hammond, then 20 years old and a self-described "hacktivist," had been accused of hacking into ProtestWarrior, a politically conservative website with the tagline "Fighting the left ... doing it right." His alleged goal was to prank the website by obtaining donors' credit card numbers, then using them to make donations to more left-leaning organizations, including the American Civil Liberties Union and the Communist Party USA. Hammond ultimately served two years in prison and a three-year probation. Under the terms of his probation, he was prohibited from being a part of activist or hacking groups until 2011.

Put an end to insider theft and accidental data disclosure with network and host controls--and don't forget to keep employees on their toes. Also in the new, all-digital Stop Data Leaks issue of Dark Reading: Why security must be everyone's concern, and lessons learned from the Global Payments breach. (Free registration required.)

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/10/2020
Pen Testers Who Got Arrested Doing Their Jobs Tell All
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/5/2020
Researcher Finds New Office Macro Attacks for MacOS
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/7/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-17476
PUBLISHED: 2020-08-10
Mibew Messenger before 3.2.7 allows XSS via a crafted user name.
CVE-2020-9525
PUBLISHED: 2020-08-10
CS2 Network P2P through 3.x, as used in millions of Internet of Things devices, suffers from an authentication flaw that allows remote attackers to perform a man-in-the-middle attack, as demonstrated by eavesdropping on user video/audio streams, capturing credentials, and compromising devices.
CVE-2020-9526
PUBLISHED: 2020-08-10
CS2 Network P2P through 3.x, as used in millions of Internet of Things devices, suffers from an information exposure flaw that exposes user session data to supernodes in the network, as demonstrated by passively eavesdropping on user video/audio streams, capturing credentials, and compromising devic...
CVE-2020-9527
PUBLISHED: 2020-08-10
Firmware developed by Shenzhen Hichip Vision Technology (V6 through V20, after 2018-08-09 through 2020), as used by many different vendors in millions of Internet of Things devices, suffers from buffer overflow vulnerability that allows unauthenticated remote attackers to execute arbitrary code via ...
CVE-2020-9528
PUBLISHED: 2020-08-10
Firmware developed by Shenzhen Hichip Vision Technology (V6 through V20), as used by many different vendors in millions of Internet of Things devices, suffers from cryptographic issues that allow remote attackers to access user session data, as demonstrated by eavesdropping on user video/audio strea...