Last LOL for LulzSec as hackers disband group
LulzSec, also known as Lulz Security, the hacker group that has been making headlines with almost daily attacks, has announced that it is disbanding. LulzSec had gained headlines in the media with their attacks on well known targets such as Sony, Nintendo, Fox and PBS; lesser known targets including the FBI affiliate InfraGard and security company Univeillance; and government agencies such as the US Senate, the CIA and, most recently, the Arizona police and the UK's Serious Organised Crimes Agency (SOCA).
Only a few days ago, LulzSec announced that it was allying itself with the hacktivist group Anonymous and that they were launching a joint operation called "Operation Antisec" which was to take on governments with a campaign of disclosure. But that came to an end on Sunday 26 June, when LulzSec announced in a statement entitled "50 days of Lulz" that it had only planned to run its campaign for fifty days – "So with those last thoughts, it's time to say bon voyage. Our planned 50 day cruise has expired." The six members of LulzSec said "While we are responsible for everything that The Lulz Boat is, we are not tied to this identity permanently. Behind this jolly visage of rainbows and top hats, we are people."
The announcement on Twitter pointed to the statement and to a torrent file on The Pirate Bay site which included the statement along with a 480 MB archive of what appears to be information acquired during recent operations. This includes 550,000 user names and encrypted passwords for players of a beta of Battlefield Heroes, 200,000 user records including encrypted passwords for Hackforums.net, 50,000 user records with encrypted passwords for "random gaming forums" and 12,000 user names and plain text passwords from the recently compromised NATO E-Bookshop.
Other files included an AOL "best practices" memo for network configuration, a stack trace apparently from the fbi.gov site, IP addresses of corporate networks, emails from private investigators, a PNG of what appears to be an attack on navy.mil, a list of routers with default passwords and a large RAR archive of files from AT&T, the largest of which is a bootable USB drive image.
Last week saw the arrest of Ryan Cleary who is believed to have hosted a LulzSec IRC chat room and who has been charged with conspiring to carry out DDoS attacks using a botnet. A group calling itself "The A-Team" published information purported to be about members of LulzSec on Pastebin; this placed various members in the UK, the Netherlands, Sweden and the USA. Though this information has not been validated, it did point to much more active interest in exposing LulzSec and its previously apolitical agenda, and it may be this which has prompted the disbanding of the organisation. LulzSec's most recent tweet encouraged "Antisec enthusiasts" to join forces with Anonymous.