Anonymous 'hack FBI and Scotland Yard phone call'

Originally posted by DrNotforhire
You know....

these organizations don't make "Phone calls"

just letting you all know. I call hoax

Nope its a conference call and every law enforcement, judicial authority and corporation in the world hosts conference calls as its cheaper than moving people around. Ive participated in many in the role I do

reply to post by lacrimaererum


hell yeaaaar - monitter.com...

This is the Sheriff chasing Robin Hood, then finding all of his own plans drawn on a piece of paper nailed to a tree.

We all know Robin Hood wins, anyway!

from this article and what they were saying...

it seemed like anon had broke into some secret meeting between Langley and Scottland yard. Which is bull as they are NOT ON THE SYSTEM IN PLACE....

But yes those briefing conference calls are easy to get into.. HECK sometimes the number is posted on the various websites...

reply to post by DrNotforhire


but without password...

besides the biggest problem is to have the guts to intercept, record and publish...

Originally posted by Hessdalen
reply to post by DrNotforhire

 

but without password...

besides the biggest problem is to have the guts to intercept, record and publish...

I hear the password was 5859...

Lulz...

The only way they could have intercepted the call is from the weakest link. US Gobernment agencies

typically use BRI (basic rate interface) or isdn circuits, which means intercepting the call is nearly impossible outside of the end user phone and the local exchange (ilec central office) or at a crossbox/vault...the "hackers" which are actually phone "phreaks" were probably able to intercept it within the central office, at the ds3 or transport level, by monitoring the channels within the circuit.

Or they are inside the feds voice lan and compromised a computer that is on that network to forward voip packets.

Its not impossible, but does take a lot of skill to pull off undetected.

Or they simply joined their conference bridge (usually hosted by either users pbx), and they happened to get away with it, which is not very difficult, but easy to get caught.

I will add this link to the story which gives the following background on one of the discussed

"Update: Jake Davis to enter plea May 11th," says a tweet from a Twitter account associated with Anonymous.

According to a tweet from freelance journalist Ryan Gallagher, the case has been delayed because there is suspicion of involvement of other parties, possibly in the US.

www.theinquirer.net...


PS Ryan Cleary was thrown to the wolves by anonymous because
1. he kept DOSing Anon sites for lulz
2. he was boasting about being involved in the distribution/hosting of CP

I read the above on a chat log waaaay back and as you will have noticed from the call they have found indecent images on his machine and are going to pursue that first

they heard what they wanted them to hear..

to think anon is smarter than the intelligence field... is downright ignorant.

NOW they have something BIG to pin them too... and now it's just a matter of time before the ones doing harm are arrested...

Grats on this...

Originally posted by YouAreLiedTo
Any simple SQL injection into the bootstrap algorithm into a Cisco 2*** router will reset it into a base factory config with all ports open and no ACLs, and from there it's all fun and games.

Can you explain how you can use an SQL Injection attack on a Cisco 2000 series router?

Second line.

Originally posted by sicksonezer0
The only way they could have intercepted the call is from the weakest link. US Gobernment agencies

typically use BRI (basic rate interface) or isdn circuits, which means intercepting the call is nearly impossible outside of the end user phone and the local exchange (ilec central office) or at a crossbox/vault...the "hackers" which are actually phone "phreaks" were probably able to intercept it within the central office, at the ds3 or transport level, by monitoring the channels within the circuit.

Or they are inside the feds voice lan and compromised a computer that is on that network to forward voip packets.

Its not impossible, but does take a lot of skill to pull off undetected.

Or they simply joined their conference bridge (usually hosted by either users pbx), and they happened to get away with it, which is not very difficult, but easy to get caught.

edit on 3-2-2012 by sicksonezer0 because: (no reason given)

If I were a betting man, my money wouldn't be on a direct intercept...

More likely the audio file was saved as an mp3 file on a server for anyone that missed the call to listen to. Otherwise you would have heard an Anon bust out at the end of the call when they asked if anyone joined with something epic...

reply to post by DrNotforhire


You would be shocked by how poorly thought out things with our government are, and the crazy money they spend on solutions that my six year old could probably come up with.

reply to post by YouAreLiedTo


Haha you probably hit the nail on the head! Didnt think of that.

I have a tendency to over complicate things. : P

I am thinking (that perhaps) the FBI is allowing this hacking to happen...as a way to locate...where and who some of the members of Anonymous are. While Anonymous is hacking...the FBI is collecting information on them.

Originally posted by EasyPleaseMe

Originally posted by YouAreLiedTo
Any simple SQL injection into the bootstrap algorithm into a Cisco 2*** router will reset it into a base factory config with all ports open and no ACLs, and from there it's all fun and games.

Can you explain how you can use an SQL Injection attack on a Cisco 2000 series router?

Second line.

It's quite easy to either change the registry to reboot in a default mode with no passwords or factory passwords... As another has already said, routers are the weakest link unless backed by some pretty sophisticated ACLs... Hell you secure a VLAN on an active switch better than most routers...

As for the injection, the router goes through a bootstrap sequence before loading any passwords or ACLs, that is how the registry hexs work... It's not terribly difficult to inject a separate instruction into that sequence that will execute before the router fully loads...

And I'm being vague and using slightly incorrect terminology for a reason... This isn't a hacking website, nor do I condone the activity.

Edit: (But no, I wouldn't expect a low CCNA to know about injections, but they do teach you the hex values. So I shouldn't say anyone can do it, you are correct, my apologies for the inflation on that. My point is just that this stuff isn't that hard and there are many people trained to do it.)

Originally posted by caladonea
I am thinking (that perhaps) the FBI is allowing this hacking to happen...as a way to locate...where and who some of the members of Anonymous are. While Anonymous is hacking...the FBI is collecting information on them.

Disagree, just think its the more skilled and older members finding out if there is any pressure on them. As stated above nothing is secure, nothing, nada. The CIA had an SQL exploit in their website a few days back which was posted on pastebin, using free to download tools admin access could have been gained to their site. It has happened before yet continues to happen.

You want to know how easy it is to hack? type in dorks in google, then google each dork and you have websites which are potentially unsecure. Then with some specialist tools ...... honestly a 5 year old could successfully carry out many of these attacks. This one however is more sophisticated just like the stratfor one etc. No conspiracy here, just skills in an unsecure world


PS Im waiting on them hacking NSA. They have renamed it No Secrets Anymore, lol

Originally posted by DrNotforhire
You know....

these organizations don't make "Phone calls"

just letting you all know. I call hoax

Authorities make phone-calls all the time, as someone else mentioned it is cheaper than physically moving people around.

Several ways this could have been done.

#1 The conference call was "digitised" as such that it took place on a VoIP server, in which the call was broadcasted over the internet, a central server (PBX system) hosting the call could have been rooted by a member of anonymous, allowing them to record the call.

#2 Someone from anonymous took control of a switchboard (old school 90's style hacking) and recorded the call in transit. I would assume they gained network access using a dial-up line or gained access to an internal network which was connected to the conference-line in some way.

#3 An anonymous member gained root access to a server of some kind where the authorities had recorded the call themselves to hand out to other officials for study/examination/breifing, and an anon simply retrieved/copied the file.

#4 Someone from inside leaked the recording it to an anonymous member.


These are the most obvious, and it isn't impossible as some might suggest. I would assume #1 and #2 are the most likely scenario's as they could both include using an unsecure line for the phone-call or involving an idiotic decision by a sys-admin to leave the network connected to the entire internet, which is just asking for someone to get unauthorized access. Governments and authorities are not as "prepped" as they appear in pop-culture, and some of the mistakes they make from day to day involve lack of securing themselves from attackers, especially in the case of encryption or firewalling internal networks from public ones (such as the internet).

I am a network administrator, and what people have been saying is correct, there really isn't "true" network security. Its pretty much fancy toys to make people feel at ease. That is not saying there is no skill involved, i believe the guy who stated a simple script kitty could restore a cisco 2xxx to defaults is full of #, it would take much more than that, someone with some real skill would have to be able to crack one of those guys, unless the guy on the other end is a retard (could be).

Although i haven't heard the video, i want to say fake and gay, but sophos confirms so i'm not sure.

I'm betting on someone on the inside, i would also doubt that there would be a mp3 file sitting on the server that wasn't encoded is AES256.

Originally posted by doom27
I am a network administrator, and what people have been saying is correct, there really isn't "true" network security. Its pretty much fancy toys to make people feel at ease. That is not saying there is no skill involved, i believe the guy who stated a simple script kitty could restore a cisco 2xxx to defaults is full of #, it would take much more than that, someone with some real skill would have to be able to crack one of those guys, unless the guy on the other end is a retard (could be).

Although i haven't heard the video, i want to say fake and gay, but sophos confirms so i'm not sure.

I'm betting on someone on the inside, i would also doubt that there would be a mp3 file sitting on the server that wasn't encoded is AES256.

I worked the IS department for a DoD contractor and you would be shocked and amazed at some of the retarded stuff they do and people like me had to put up with. I've had the people that decide security funding call me for tech support on where to plug a mouse in.

That's the only reason I don't watch what I say most of the time. I still have an active security clearance (I don't think they revoke them after you leave your employment anyways...)

I've always assumed they've watched where I surf and what I say anyways. At this point I'm just a lowly peon scraping by like the rest of the country. I doubt they care what I have to say =\ Land of the free baby...

On that note... To TPTB that are reading this... I work cheap and my current job sucks... Make me an offer...

reply to post by YouAreLiedTo


Yeah one of my favourites is when people press CTRL ALT and Arrow key together by mistake (rotates screen) Ive seen people try to work with that for months, and others who just turn the whole monitor upside down and get on with it lol

Its also fun to "swap primary and secondary buttons" in mouse settings, were always ready for killing each other in here, lesson is never leave your screen unlocked ever lol
Or, take a screenshot, save it as desktop then unplug the keyboard/mouse then watch as they unplug the power and lose a days work