Saturday, December 31, 2011

Anonymous targets military-gear site in latest holiday hack.

On Christmas Day the target was security think tank Strategic Forecasting, or Stratfor. This time it was SpecialForces.com, a Web site that sells military gear. 

Specialforces.com
"Continuing the week long celebration of wreaking utter havoc on global financial systems, militaries, and governments, we are announcing our next target: the online piggie supply store SpecialForces.com," the group wrote in a Pastebin posting today. 

The hackers said they breached the SpecialForces.com site months ago, but only just got around to posting the customer data. Even though the site's data was encrypted, they claim to have 14,000 passwords and details for 8,000 credit cards belonging to Special Forces Gear customers. 

Special Forces Gear founder Dave Thomas confirmed that his company's Web servers were compromised by Anonymous in late August, resulting in a security breach that allowed the hackers to obtain customer usernames, passwords, and possibly encrypted credit card information in some cases. "We have no evidence of any further security breaches, and we believe that the recent Stratfor incident is being used to bring this old news back into the spotlight," he noted.


Thomas added that the compromised passwords were from a backup of a previous version of the Web site that is more than a year old. "Most of the credit card numbers are expired, and we don't have evidence of any credit card misuse at this time," he wrote. "The current Web site does not store customer passwords or credit card information."

After the security breach, "we completely rebuilt our Web site and hired third-party consultants to help us shore up Web site security," he said, adding that the vast majority of the sites' sales are custom t-shirts and related gifts, and that the company donates a portion of its profits to charity.


Identity Finder, a New York-based data loss and identity theft prevention service, determined that files posted to date by Anonymous and its AntiSec offshoot related to this breach include 7,277 unique credit card numbers; 68,830 e-mail addresses (of which 40,854 are unique); and 36,368 plain-text usernames and passwords, some of which might be duplicates.
In the statement issued today, the hackers also took another shot at Stratfor for its alleged confusion over whether its data had been encrypted or not.

How Mark Zuckerberg Hacked Into Rival ConnectU In 2004.

ConnectU Founder's
This is the story of how, in the summer of 2004, Mark Zuckerberg hacked into a Facebook rival called ConnectU, whose founders had accused him of stealing their idea to build Facebook.  The details of this story were developed from a broader investigation of the origins of Facebook.  The investigation included interviews with more than a dozen sources over two years, as well as what we believe to be relevant IMs and emails from the period.

During the summer of 2004, Mark Zuckerberg's new social network theFacebook.com was already wildly popular.

After Mark launched it in February, the site dominated the conversation at Harvard all spring.  It reached 250,000 users by the end of August and a million users that fall.

TheFacebook.com was so popular that one thing Mark probably never needed to worry about was competition from the other social network launched at Harvard in 2004, ConnectU, whose founders had accused him of stealing their idea.

ConnectU's founders -- Cameron Winklevoss, Tyler Winklevoss, and Divya Narendra -- had launched the site that spring at 15 schools. But it never gained anywhere close to the critical mass of user adoption that Facebook did. Today, 400 million people visit Facebook each month while ConnectU exists only in the Internet archives.

Nevertheless, during 2004, Mark Zuckerberg still appeared to be obsessed with ConnectU. Specifically, he appears to have hacked into ConnectU's site and made changes to multiple user profiles, including Cameron Winklevoss's.

At one point, Mark appears to have exploited a flaw in ConnectU's account verification process to create a fake Cameron Winklevoss account with a fake Harvard.edu email address.

In this new, fake profile, he listed Cameron's height as 7'4", his hair color as "Ayran Blond," and his eye color as "Sky Blue." He listed Cameron's "language" as "WASP-y."

Next, Mark appears to have logged into the accounts of some ConnectU users and changed their privacy settings to invisible.  The idea here was apparently to make it harder for people to find friends on ConnectU, thus reducing its utility.   Eventually, Mark appears to have gone a step further, deactivating about 20 ConnectU accounts entirely.

Mark appeared to be worried about the risk of his actions, but reasoned that ConnectU's developers wouldn't notice a succession of account deactivations coming from the same IP address. He took comfort that Apache logs didn't reveal that type of activity either. Mark also figured that if ConnectU developers did notice anything, their most natural conclusion would be to think that someone had emailed people convincing them to deactivate their accounts.

It is not clear how Mark accessed these accounts. (In an earlier hack of the email accounts of two Harvard Crimson editors, he used login information stored in Facebook's servers.)  It does appear that he retained access to ConnectU's servers for quite some time.

Hacker who bypassed Facebook security pleads guilty.

A British student has pleaded guilty to charges that he breached security at Facebook earlier his year, despite arguing that his intentions were not malicious.


York computer science student Glenn Steven Mangham, 26, attempted to bypass security on the company's internal systems, raising alarm amongst the FBI that industrial espionage was occurring, according to media reports.

Mangham, who had previously been rewarded by Yahoo for finding vulnerabilities in its systems, discovered that Facebook was far from amused by his activities.

The social networking giant discovered evidence that pointed back to Mangham and he was arrested by the Metropolitan Police Central e-Crime Unit (PCeU) in June.

Specifically, Mangham was accused of using a computer program to secure unauthorized access to Facebook, of attempting to hack into Facebook's Mailman server (used to run internal and external email lists), and attempting to secure access to the Facebook Phabricator server used by internal developers.

Southwark Crown Court was told Mangham produced software scripts that could hack into Facebook's Phabricator server to download "highly sensitive intellectual property".

In addition, the student was said to have breached a webserver used by Facebook to set software development puzzles to programmers who might be interested in working for the company.
Mangham's defence team has argued that he was an "ethical" or "white-hat" hacker, whose intentions - rather than being malicious - were to uncover security vulnerabilities at Facebook with the intention of getting them fixed.


Facebook users will be relieved to hear that the social network told BBC News that the attack "did not involve an attempt to compromise or access user data."