Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

Accused LulzSec Member Pleads Not Guilty

Alleged LulzSec lieutenant accused of masterminding Stratfor hack, along with numerous other charges. Jeremy Hammond, a.k.a. Anarchaos, served prison time for previous hacking incident.

Alleged LulzSec lieutenant Jeremy Hammond, 27, who's been indicted on computer hacking and other charges, entered a not guilty plea Monday in a New York federal courtroom.

Hammond also entered no bail request at his arraignment, reported AP. He's been held at a Manhattan lockup since his arrest in early March and an initial court hearing in Chicago. He's next due to appear in court on July 23, 2012.

A federal indictment revised earlier this month accused Chicago-based Hammond (a.k.a. Anarchaos, burn, POW, ghost, and anarchaker, among other aliases) of being involved in numerous exploits. Those include hacks of the websites of the Arizona Department of Public Safety (DPS) and global intelligence firm Stratfor (a.k.a. Strategic Forecasting), and other attacks that were launched under the banner of Internet Feds, Anonymous, LulzSec, and AntiSec.

[ Not surprisingly, cybercrime is on the rise. See ID Theft, Online Fraud Rose Slightly In 2011. ]

The federal indictment also charged four other men--Ryan Ackroyd (a.k.a. kayla, lol, lolspoon), Jake Davis (a.k.a. topiary, atopiary), Darren Martyn (a.k.a. pwnsauce, raepsauce, networkkitten), and Donncha O'Cearrbhail (a.k.a. Palladium) with having participated in hacking attacks against InfraGard Atlanta, the Fox Broadcasting Company's X-Factor participant database, Sony Pictures Entertainment, HBGary Federal, and the Public Broadcasting Service (PBS), among other sites.

Federal prosecutors have accused Hammond of masterminding the Stratfor exploits, which were carried out between December 2011 and March 2012 and involved the theft of credit card data. The criminal complaint also charged Hammond and multiple co-conspirators with using "some of the stolen credit card data to make at least $700,000 worth of unauthorized charges" and publicly disclosing confidential information, including Stratfor employees' emails and its customers' names, email addresses, and credit card numbers.

According to the indictment, Hammond exchanged chat messages with two unnamed co-conspirators on December 26, 2011, in which he boasted of decrypting 4,500 Stratfor clients' passwords and they "discussed exploiting credit card information that had been stolen from Stratfor's computer servers."

According to the court documents, unnamed co-conspirators of Hammond uploaded the stolen Stratfor data "onto a server located in the Southern District of New York." Authorities have said that admitted Lulzsec Leader Hector Xavier Monsegur (a.k.a. Sabu), who was arrested in June 2011 and was working as a government informant at the time of the Stratfor hacks, had provided the server onto which the exfiltrated Stratfor data was copied.

Hammond's supporters have created a website, freehammond.com, seeking donations to help Hammond, who they've dubbed a "crusader for information liberation and WikiLeaks."

Hammond's defense attorney, Jim Fennerty, told AP that his client is an activist who's protested neo-Nazi groups. He also opposes Chicago's bid to host the 2016 Olympics, saying that it would disadvantage low-income residents. Hammond has been arrested numerous times on disorderly conduct and property damage charges--all related to protests--and for marijuana possession.

By many accounts, Hammond is a skilled programmer and penetration tester. Hammond has said that he began programming video games in QBasic at the age of nine, and after graduating high school, created HackThisSite.org, which is billed as "a free, safe and legal training ground for hackers to test and expand their hacking skills."

Hammond's March arrest wasn't his first brush with authorities investigating hack attacks. In 2005, the Chicago Reader reported that Hammond, then 20 years old and a self-described "hacktivist," had been accused of hacking into ProtestWarrior, a politically conservative website with the tagline "Fighting the left ... doing it right." His alleged goal was to prank the website by obtaining donors' credit card numbers, then using them to make donations to more left-leaning organizations, including the American Civil Liberties Union and the Communist Party USA. Hammond ultimately served two years in prison and a three-year probation. Under the terms of his probation, he was prohibited from being a part of activist or hacking groups until 2011.

Put an end to insider theft and accidental data disclosure with network and host controls--and don't forget to keep employees on their toes. Also in the new, all-digital Stop Data Leaks issue of Dark Reading: Why security must be everyone's concern, and lessons learned from the Global Payments breach. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/21/2020
Cybersecurity Bounces Back, but Talent Still Absent
Simone Petrella, Chief Executive Officer, CyberVista,  9/16/2020
Meet the Computer Scientist Who Helped Push for Paper Ballots
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/16/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Latest Comment: Exactly
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-25514
PUBLISHED: 2020-09-22
Sourcecodester Simple Library Management System 1.0 is affected by Incorrect Access Control via the Login Panel, http://<site>/lms/admin.php.
CVE-2020-25515
PUBLISHED: 2020-09-22
Sourcecodester Simple Library Management System 1.0 is affected by Insecure Permissions via Books > New Book , http://<site>/lms/index.php?page=books.
CVE-2020-14022
PUBLISHED: 2020-09-22
Ozeki NG SMS Gateway 4.17.1 through 4.17.6 does not check the file type when bulk importing new contacts ("Import Contacts" functionality) from a file. It is possible to upload an executable or .bat file that can be executed with the help of a functionality (E.g. the "Application Star...
CVE-2020-14023
PUBLISHED: 2020-09-22
Ozeki NG SMS Gateway through 4.17.6 allows SSRF via SMS WCF or RSS To SMS.
CVE-2020-14024
PUBLISHED: 2020-09-22
Ozeki NG SMS Gateway through 4.17.6 has multiple authenticated stored and/or reflected XSS vulnerabilities via the (1) Receiver or Recipient field in the Mailbox feature, (2) OZFORM_GROUPNAME field in the Group configuration of addresses, (3) listname field in the Defining address lists configuratio...