Anonymous hacks US Security company HGBary - Releases email leaks

Hello ATS'ers! I did not see a post about this so I thought I'd make one. Apparently HGBary has been hacked by Anonymous in retaliation for arranging a meeting with the FBI in order to sell knowledge about the group. Thought it was worth a share.

The loose hacker collective Anonymous says it has taken revenge on a US security company whose principal claimed to have penetrated the group and identified some of its key people. They hacked the Twitter account of Aaron Barr, the chief executive of HBGary, and sent out a series of angry tweets while many Americans were watching the Super Bowl match on Sunday night, allegedly including Barr's social security number and address, and his mobile phone number. The tweets link to torrents of the company's emails.

Source:
Guardian news article

Wow...

The tweets link to torrents of the company's emails. Members of the group also put up a brutal set of claims: "Anonymous has:

"entire control of all emails for the company of hbgary.com. we have full admin control of

"hbgaryfederal.com. we have wordpress control of hbgary.com

"all emails will be put up in a torrent.

"full access to all their finincials

"their ssns [social security numbers]

"their w2s [US tax reporting statement]

"their 1099s [US tax identification certificate]

"their software products

"their malware data (although Anonymous rm'd [deleted] their entire terabyte of data sorry)

"their backup server was wiped.

"access to their pbx system via 8x8.com

"control of their support server and their clients logins

"root access to rootkit.com, personal website of greg hoglund

"aaron barr's ipad is now wiped"

Barr could not be contacted to find out how many of these details were correct. The HBGary site had been replaced by a placeholder this morning.

You know, in a way you've got to hand it to them, they definitely get an A for attitude:

In a sarcastic press release on the AnonNews site, someone from the group posted a release (though dated 6 January, it was actually posted on 6 February) saying "Mr Barr has successfully broken through our over 9000 proxy field and into our entirely non-public and secret insurgent IRC lair, where he then smashed through our fire labyrinth with vigor, collected all the gold rings on the way, opened a 50 silver key chest to find Anon's legendary hackers on steroids password."

Poking a beehive full of africanized killer bees is not a good idea.
Neither is messing around with anonymous.

I know that the FBI is all over anonymous.
They have to be.
I'm curious to see how anonymous is going to stay anonymous once everyone is gunning for them.

lol yes anonymous .. Its like being part of a crazy sci-fi movie . Hackers vs . these punks pull it off with such style and ease .


gotta hand it to them . anonymous keep poking the sleeping dragon . I think there are too many anonymous members to ever be shut down

reply to post by cerberus00


S&F& I just LOVE underdogs-win-again stories. David and Goliath. Robin Hood and the aristocracy's minions.

...Just wish we weren't still paying the minions' salaries.

Take a look at this one as well.

nakedsecurity.sophos.com...

Update: According to information from krebsonsecurity.com it appears HBGary was victimized by a combination of social engineering and a shared password between systems. Training employees on the proper verification of identity before exposing secure systems is an essential part of a corporate security program. Staff who feel they need to take any action when someone important like a company executive is apparently asking for help can create disastrous results. The CEO and founders must be subjected to the same rules as everyone else. Employees challenging their superiors should be praised rather than chastised when they follow the policy.

HBGary really screwed up. Shared passwords in a security company???

This was what Anon posted on the HBGary web site

This is awesome. When I think about how angry and defeated these HBGary dudes must feel right now, it truly brings a smile to my face.

Originally posted by grey580
Poking a beehive full of africanized killer bees is not a good idea.
Neither is messing around with anonymous.

I know that the FBI is all over anonymous.
They have to be.
I'm curious to see how anonymous is going to stay anonymous once everyone is gunning for them.

Thats just the thing..
There are soo many "anonymous", in soo many places, all around the Planet..
That they will always remain "anonymous"..
Even if 1, or 2, or a handful, or a basketful get nabbed....
There will always be more~
always finding better ways to stay anonymous and hidden.

p.s.. This is a beautiful thing! lol

Plus if some do get caught, imgine the backlash from the rest of the group.

reply to post by cerberus00


Absolutely B-E-A-Utiful. I love to see the scum of the earth get burned. I hope ANON are the guys that broke into the nasdaq, because then they could really threaten TPTB. As for the security company, they got burned real bad. One would assume they will be out of business shortly.

I commend Anonymous in all of their efforts.

At times - they may seem immature, at times - they may seem brilliant, at times - they may seem malicious, at times - they may seem patriotic, but it boils down to one thing.

They are us.

I guarantee the story of anonymous hackers is going to made into a movie someday- because it sure plays out like one; action, drama, suspense- it's all there.

They need to go for the bigger fish like NASA and the CIA

It's almost futile to even go after them. Even if the FBI were able to get a few of Anonymous' people, they have protégés willing to take the torch should any of them fall.

Sometimes, I don't agree with Anonymous and what they do, but I am not surprised in the least that they retaliated.

That letter on the website home page is brilliant. Agree or disagree with Anon, one thing is for sure, they have a flair for the dramatic.

So why can't you sell this information to the FBI? Because we are going to give it to them for free!

That right there is gold!

reply to post by cerberus00





The idea that no big shot is safe from the masses any more delights me no end. One shot like that can counter years of business good will. I just hope the poor baaaasstarrrd was guilty in the first place.

"Revenge of the Nerds" is more than just a mooovie now.

What’s it like being the victim of an attack by Anonymous? Pretty unpleasant. Aaron Barr found that out yesterday when members of the loosely-knit online group of campaigners hacked into his Twitter account, brought down his company’s Web site and put more than 50,000 of his personal emails online.

Barr is the CEO of a tiny software security firm HBGary Federal based in Washington D.C., and had recently been perusing Facebook and IRC (chat) channels under a fake alias to gather covert research on Anonymous. Then he (sort of) took his findings public: Barr was quoted in the Financial Times a few days ago as saying he had uncovered names of senior figures of Anonymous, and denying he would deliver them to the police.

To his credit, Barr did not expect Anonymous’ reaction to be quite so ferocious. “I had expected some potential retribution,” he says. “I knew some folks would take my research as some kind of personal attack which it absolutely was not. I thought they might take down our Web site with a DDoS attack. I did not prepare for them to do what they did.”

For now Barr is working on damage control to his reputation as well as trying to make sense of what’s happened. “I just feel a bit exhausted by the whole thing,” he says. His biggest problem is the thousands of personal emails that have been released into cyberspace.

Victim Of Anonymous Attack Speaks Out: Forbes

The funniest stuff I read in the article how a security firm CEO unplugs his router to escape from Anonymous

Barr adds that Anonymous is also not quite done with him. “They’re trying to pop my home router. I’m watching IP traffic and they’re trying to get my home box,” he says. “So I just unplugged it.”

Now thats a security expert!

The press release by Anonymous leading upto these events (pretty well written and hilarious).

HBGARY website and his Twitter account hacked.

At the center of the onion is nothing.

reply to post by Prince Of Darkness

The funniest stuff I read in the article how a security firm CEO unplugs his router to escape from Anonymous

Man, I had tears in my eyes from laughing at that..
And some say these are just acne scared 16 year old geeks in their grandma's basement??

Think again..These guys are GOOD....And very cool.

reply to post by backinblack


This is a gem

"This domain seized by Anonymous under section #14 of the rules of the Internet."

Also dont forget to read the press release I posted in my last post, it's well worth a read.

Originally posted by Prince Of Darkness
reply to post by backinblack

 

This is a gem

"This domain seized by Anonymous under section #14 of the rules of the Internet."

Also dont forget to read the press release I posted in my last post, it's well worth a read.

And i thought # 14 was do not argue with trolls---- it means that they win.

reply to post by ANNED


Exactly, you get it.