Anonymous Hacks Public Intelligence in “Friendly Audit”

A screenshot of the hacked front page taken by the hackers and posted on the AnonymousIRC Twitter account.

Public Intelligence

On January 16, 2012 an unauthorized party associated with the hacktivist collective Anonymous gained access to this site’s web server. The attacker gained root access and posted a number of versions of a photo of a naked man. These images were used to deface the front of the site in multiple locations and contained the message “WAS HERE WITH 0DAY, ONLY SHIT I FOUND BAD WAS U LOGGING IN FROM A DSL CONNECTION… THEN AGAIN U BOUGHT THIS SERVER WITH UR PERSONAL CARD SO U CAN BE DOX’D… LEFT U THESE COX AS A FRIENDLY REMINDER THAT YOUR BOX CAN BE PWNED AT ALL TIMES…” The attackers then manipulated configuration files for the server which caused an error message to appear to visitors of the site. This state persisted for approximately eight hours blocking access to the site before it was later fixed by the attacker, who left a longer explanation for the hack in the server’s root directory.

Though the hackers were fairly polite and we do not believe that there is any current threat to our users, we have disabled our submissions form and will not be accepting new information at the moment. We have also disabled some of the user features on the site, which were more a remnant of a previous phase of this site’s operation and served little practical value. If you, at any point, have had an account on this site with a password that is also used elsewhere, you should change it. The hackers claim that they did not look into our database to retrieve this information. However, you would be wise to protect against that possibility.

We feel that this action by Anonymous was misguided. While we understand their desire to demonstrate their ability to “penetrate” anything, their defacement of this platform was unnecessary. This site has functioned for several years now as a vital source of information that is concealed and restricted from the general public. Large amounts of people in all walks of life utilize its resources. At the time of the defacement, this site was serving several files as source material for articles in publications around the world, including information on the automated scanning of license plates and other forms of public surveillance in Germany, the Department of Defense’s Non-Lethal Weapons Reference Book which received a large amount of coverage in Russia and Eastern Europe after it was reported on by the BBC, and a particularly frank Marine Corps handbook that describes the CIA’s history of funding the Mujahideen via the Pakistani ISI. Because of the defacement, many people visiting the site were then confronted with pictures of naked men which may have dissuaded them from accessing the extremely important information contained in these documents.

We’ve never professed to be extremely adept technologically, nor have we ever claimed to be creating a massively secure system for the submission of high-profile leaks. In fact, we hate “leaks” in general and we try to avoid using the word as much as possible. Leaking implies an accident, like something that escaped through a crack or water passing through a sieve. How can you leak something that should never have been secret in the first place? We are simply average, humble people who are trying to inform ourselves and others about the world in which we live. Nearly every piece of information on this site is something that was obtained from a publicly-accessible source using means available to any member of the public. We have published this material using open-source software in an attempt to inform others and demonstrate the potential for public action in the sphere of intelligence and media.

And so, if we are to create anything lasting, we must work together towards a society where everyone can express themselves freely and share information openly. We must not attack one another, for this only undermines the legitimacy of our cause. If we are to live in a world where knowledge truly is free, we must act with the gravity that this freedom demands. Anarchy is not chaos, it is self-governance.

A message left by the hacker:

sorry for this but we consider u friendly so i just left a message and
wiped /var/log

there was nothing u could do against this breach, this was just to
remind you that we can breach anything and so can the enemy :)

be careful what u do, improve ur OPSEC

maybe buy the server/hosting with a temp card and access is via Tor

try and remove links from ur personal life from this service :)

keep up the good work and hope u enjoy the cox :D



PS: i didnt steal any of ur credentials neither i even look into the mysql
db, i  dont know any of ur passwords though u should change them of course.
this was a direct root via a 0day we have :) it was not ur fault... i just
thought that i should leave u this message apart from the cox so u get a feel
what penetration looks like... our enemies dont leave messages ;)

Share this: