STE WILLIAMS

Arizona Department of Public Safety Hit by Lulzsec

The hacker group LulzSec released what it said are sensitive documents from the Arizona Department of Public Safety on Thursday, to protest against the agency’s “racial-profiling anti-immigrant” policies.

LulzSec logo

The hacker group LulzSec has released what it said are sensitive documents from the Arizona Department of Public Safety. Image credit: LulzSec

“We are releasing hundreds of private intelligence bulletins, training manuals, personal email correspondence, names, phone numbers, addresses and passwords belonging to Arizona law enforcement,” the group said in a statement on its site. “We are targeting AZDPS specifically because we are against SB1070 and the racial-profiling anti-immigrant police state that is Arizona.”

SB1070 makes it a crime to be in Arizona without documentation proving US residency. The leaked documents — classified as “law-enforcement sensitive”, “not for public distribution” and “for official use only” — are “primarily related to border patrol and counter-terrorism operations and describe the use of informants to infiltrate various gangs, cartels, motorcycle clubs, Nazi groups and protest movements,” LulzSec said. A Department of Public Safety spokesman told The New York Times that the data appeared to be authentic.

Lulzsec Leader Apparently Arrested in Essex

The Press Association reports that, “A 19-year-old suspected of being a mastermind behind notorious international computer hacking group LulzSec has been arrested in Essex, after a joint operation by the FBI and Scotland Yard.”

A spokesman for the Metropolitan Police states, “The arrest follows an investigation into network intrusions and distributed denial of service attacks against a number of international business and intelligence agencies by what is believed to be the same hacking group.

“Searches at a residential address in Wickford, Essex, following the arrest last night have led to the examination of a significant amount of material. These forensic examinations remain ongoing.”

Hackers pwn PBS in Revenge for WikiLeaks Documentary

Hackers aligned with WikiLeaks broke into and defaced the website of US broadcaster PBS over the weekend shortly after it had aired a less than flattering documentary about the whistle-blowing site.

LulzSec took particular offence at the portrayal of presumed WikiLeaks source Bradley Manning during of an episode of PBS’s Frontline news magazine programme. In response, the hackers broke into PBS website before swiping passwords and other sensitive information.

The hacker pranksters uploaded usernames and hashed passwords for the PBS database administrators and users onto Pastebin.com. Even more embarrassingly, the prankster also posted the logins of PBS local affiliates, including plain-text passwords.

Just so everyone would know the hack had happened, LulzSec also defaced PBS’s website, posting a bogus story (cached here) that claimed dead rapper Tupac Shakur was alive and well in and living in the same New Zealand town as nemesis Biggie Smalls. PBS posted a statement on the hack but that was defaced as well with an abusive message posted against Frontline.

Hacks of this type are normally carried out using SQL injection attacks. Flaws in content management systems are also a popular target. However LulzSec said that it had used a zero day exploit in Movable Type 4 on Linux servers running outdated kernels. That in itself would only have allowed LulzSec to deface the PBS website, but the use of the same password across multiple systems within PBS allowed the hackers to pull off a far more deeply penetrative attack.

Since the hack, LulzSec has turned it attention towards patriot hacker Jester, the most prominent member of the anti-Wikileaks cyber-militia, who attacked WikiLeaks after the release of US diplomatic cables. Unsurprisingly, LulzSec claimed his hacks were “lame” before threatening an attack against long-running hacker magazine 2600

Source