Anonymous hacks MIT after Aaron Swartz's Suicide

On Sunday, the official site of the Massachusetts Institute of Technology (MIT) went offline. On a couple of the website’s subdomains, Anonymous hackers published a message in memory of Aaron Swartz, the Reddit co-founder and activist who recently committed suicide.

“Whether or not the government contributed to his suicide, the government's prosecution of Swartz was a grotesque miscarriage of justice, a distorted and perverse shadow of the justice that Aaron died fighting for […],” the hacktivists wrote on the defaced pages.

“Moreover, the situation Aaron found himself in highlights the injustice of U.S. computer crime laws, particularly their punishment regimes, and the highly-questionable justice of pre-trial bargaining. Aaron's act was undoubtedly political activism; it had tragic consequences,” they added.

The hackers ask the government to “reform” computer crime and copyright and intellectual property laws.

“We call for this tragedy to be a basis for greater recognition of the oppression and injustices heaped daily by certain persons and institutions of authority upon anyone who dares to stand up and be counted for their beliefs, and for greater solidarity and mutual aid in response,” they wrote.

“We call for this tragedy to be a basis for a renewed and unwavering commitment to a free and unfettered internet, spared from censorship with equality of access and franchise for all.”

They concluded their statement by apologizing to MIT administrators for temporarily taking over the website.

MIT has ordered an internal investigation into the case of Swartz. Furthermore, JSTOR – the digital library that accused him of illegally downloading content – has released its own statement regarding Swartz’s death.

At the time of writing, the main MIT site appeared to be working properly. The subdomains that hosted the hacktivists’ message have been taken offline.

In the meantime, a petition to remove United States District Attorney Carmen Ortiz from office for overreach in the case of Aaron Swartz has been created. The petition appears to be supported by both Anonymous and the controversial Kim Dotcom.
Add me on Google+
FILED UNDER:MIT ANONYMOUS HACKTIVISM PROTEST DEFACED WEBSITE

Sony website defaced by second hacker

A defacer affiliated with Anonymous vandalised Sony's online front door this week over the corporate behemoth's support of SOPA, a hated anti-piracy law proposed in the US.

The Sony Picture's website was defaced and clearly unauthorised comments were posted on the media giant's Facebook page. The digital graffiti was scribbled by a hacker who uses the Twitter handle s3rver_exe. Both acts of vandalism were rapidly purged, while the YouTube video illustrating the hack was quickly pulled.

Neither cyber-assault was significant as the perp readily concedes. Even so, the latest security breach doesn't reflect well on Sony's much vaunted efforts to bolster its electronic defences following last year's PlayStation Network hack, which forced Sony to take down its gaming platform for weeks.

In an ironic twist, the Twitter account of @s3rver_exe was hacked on Friday in the wake of the #OpSony pawnage.

"Sony was hacked because the admin panel was not encrypted ROFL. And I have got my account back," s3rver_exe said. "I don't know why the hacker hacked me. I think he did it for the lulz."

"The hack wasn't big but still the servers were vulnerable and I got access to the admin too," he later added.

Turkish hacking group defaces UPS, TheRegister and others

A number of high profile websites was compromised yesterday by a DNS hack. Among the list are The Register one of the largest british news sites, Telegraph and Ups.com where access to them was redirected to third-party webpages.

Paul Mutton, a web security tester managed to get a screenshot of what visitors to The Register saw:

Part of the message reads:

TurkGuvengligi

"Gel Babana"

HACKED

"h4ck1n9 is not a cr1m3"

"4 Sept. We TurkGuvenligi declare this day as World Hackes Day - Have fun ;) h4ck y0u"

The phrase "Gel Babana" is Turkish for "Come to Papa", and "Guvenligi" is Turkish for "Security".

Further websites which have been affected by the DNS hack include National Geographic, BetFair, Vodafone and Acer.

It's important to note that the websites themselves have *not* been hacked, although to web visitors there is little difference in what they experience - a webpage under the control of hackers.

Instead of breaching the website itself, the hackers have managed to change the DNS records for the various sites affected.

The affected sites' name servers, which govern the Internet address that corresponds to a site's name, have been changed to ns1.yumurtakabugu.com and ns2.yumurtakabugu.com.

The Register tweeted "A DNS hijack, we think [...]. We have shut down access / services as a precaution."

Because of the way DNS works, these changes are currently propagating throughout the global DNS system, and those attempting to access the original sites may find disruption for between three and 24 hours. Different ISPs will vary in if and when they accept the fakes and the consequent valid updates.

Those who are registered with the sites and normally expect to be automatically logged in should clear browser cookies before attempting to access them, as there is a risk that authentication information sent from the browser may be intercepted. Email to the sites may also be disrupted or intercepted.

UPDATE: Three hours after the attack, both The Daily Telegraph and the Register have had their proper name server entries restored, but as i said earlier it will take some time for the proper information to replate the diversions across the global DNS.

We will publish more information as it becomes available. If you prefer, follow me at @prohackingtricks on Twitter for the latest news.

Anonymous hacks SF’s myBART website. Thousands of names, addresses & numbers released.

Anonymous has apparently made good on a promise to wreak havoc on the Web site of the Bay Area Rapid Transit System today, although not exactly as planned.

Earlier, the amorphous collective had threatened to take Bart.gov offline for six hours today, or twice the amount of time BART managers took cell phone service offline at some BART stations Thursday night in order to head off a planned protest then. The distributed denial of service (DDoS) attack was supposed to begin at noon pacific time, according to a release from Anonymous.

As of 30 minutes past noon, the BART site was still online but running a little slow and with one notable change to the mybart.org Web site, which currently displays the Anonymous logo as seen below.

MyBart.org was still defaced as of 12:35 PM Pacific time on Sunday.

As screen captures of the defacement began rocketing around Twitter, news came that Anonymous hackers had also accessed and posted online a database of mybart.org with user e-mails and some addresses and phone numbers.

Shortly after the mybart.org defacement, a more elaborate mark was left on californiaavoid.org, a Web site maintained by the California Office of Traffic Safety. The #opBART Facebook page claims the defacements are part of Anonymous' protest effort against BART.

Californiaavoid.org as of 12:40 PM Pacific on Sunday.

For a brief period, BART posted two news releases on its Web site, one advising customers that its Web site could be attacked and go offline Sunday afternoon, another warning of possible interruptions to train service due to Anonymous' planned peaceful, in-person protest during Monday evening's rush hour. As of this writing, both releases are no longer visible, and BART.gov remains online almost an hour after Anonymous planned to take it down for the remainder of the afternoon.

BlackBerry blog hacked with riot-related threats

RIM’s Inside BlackBerry blog was just hacked some few hours ago after the company declared it would cooperate with UK Police to help bring individuals involved in the London riots to justice.

Although RIM really acted fast in removing the annoying blog post, I have embedded the page for you to view. Click the image to enlarge it.

Yesterday, the Canadian smartphone giant said it had engaged with the authorities and would local communications operators, police authorities and regulatory officials, issuing the following statement:

We feel for those impacted by this weekend’s riots in London. We have engaged with the authorities to assist in any way we can. As in all markets around the world Where BlackBerry is available, we cooperate with local telecommunications operators, law enforcement and regulatory officials. Similar to other technology providers in the UK we comply with The Regulation of Investigatory Powers Act and co-operate fully with the Home Office and UK police forces.

The blog section of the BlackBerry website was defaced by hacking crew TeaMp0isoN, which proceeded to boast about the attack on Twitter. "No Blackberry you will NOT assist the police," it said.

The defacement itself (archived by Zone-h here) contains a manifesto by the group, threatening the release of sensitive corporate directories supposedly stolen from the site if RIM carries through its promise to help the police.

BlackBerry Messenger service has reportedly become the communication medium of choice for rioters and arsonists who have attacked business across London and beyond in three successive nights since violence flared in the aftermath of peaceful protests in Tottenham on Saturday. TeaMp0isoN has threatened RIM that the addresses and names of RIM employees that TeaMp0isoN supposedly holds will be passed on to rioters if RIM assists the authorities.

Dear RIM,

You Will _NOT_ assist the UK Police because if u do innocent members of the public who were at the wrong place at the wrong time and owned a blackberry will get charged for no reason at all, the Police are looking to arrest as many people as possible to save themselves from embarrassment…. if you do assist the police by giving them chat logs, gps locations, customer information & access to peoples BlackBerryMessengers you will regret it, we have access to your database which includes your employees information; e.g – Addresses, Names, Phone Numbers etc. – now if u assist the police, we _WILL_ make this information public and pass it onto rioters…. do you really want a bunch of angry youths on your employees doorsteps? Think about it…. and don’t think that the police will protect your employees, the police can’t protect themselves let alone protect others….. if you make the wrong choice your database will be made public, save yourself the embarrassment and make the right choice. don’t be a puppet..

p.s – we do not condone in innocent people being attacked in these riots nor do we condone in small businesses being looted, but we are all for the rioters that are engaging in attacks on the police and government…. and before anyone says “the blackberry employees are innocent” no they are not! They are the ones that would be assisting the police.

The defacement itself looks like a standard run-of-the-mill hack and there's nothing to suggest, on the face of it at least, that TeaMp0isoN actually obtained access to corporate directory databases. Even if it did, RIM would doubtless stick to its previous promises to help authorities in any way it could.

TeaMp0isoN was previously best known for defacing the website of the far right English Defence League back in February.

Image credit: @jhfisher