AnonOps Network Pwned - Warned of Insider Threat

Monday, May 09, 2011

Headlines

69dafe8b58066478aea48f3d0f384820

As of the publication of this article, it looks as if AnonOps has been pwned.

Reports had surfaced that the hactktivist network AnonOps, which provides communication services such as Internet Relay Chat channels used by the rogue movement Anonymous to organize and conduct operations, is apparently battling threats to the integrity of their systems from a disgruntled insider.

Clicking the link for anonops.net leads to a page with the URL https://sites.google.com/site/lolanonopsdead/ which displays the title "LOL ANONOPS DEAD" followed by some derogatory language.

Also displayed on the page is what looks to be an AnonOps server data dump under the heading "DDOS/PARTYVAN LIST" which appears to list dozens of nicknames and IP addresses of Anonymous followers who have participated in distributed denial of service (DDoS) attacks.

Bill Brenner at CSO had noted a message from the AnonOps Network admins which states:

Dear Users of the AnonOps Network,

We regret to inform you today that our network has been compromised by a former IRC-operator and fellow helper named "Ryan". He decided that he didn't like the leaderless command structure that AnonOps Network Admins use. So he organised a coup d'etat, with his "friends" at skidsr.us . Using the networks service bot "Zalgo" he scavenged the IP's and passwords of all the network servers (including the hub) and then systematically aimed denial of service attacks at them (which is why the network has been unstable for the past week). Unfortunately he has control of the domain names AnonOps.ru (and possibly AnonOps.net, we don't know at this stage) so we are unable to continue using them. We however still have control over AnonOps.in, and will continue to publish news there.

We would STRONGLY ADVISE all users to STAY AWAY from AnonOps.net and AnonOps.ru, and they should be considered COMPROMISED. Using or connecting to any service on those addresses may put your computer, and by extension your person, at risk.

We will continue to update you on this story, as well as on how we proceed with the future of Anonops.

We are profoundly sorry for this drama, and we can't give you a an estimate on when service will resume normally.

Alas, the IRC-network will probably remain down until we can sort this out.

We will try to keep you up to date you via our official channel (anonops.in).

Signed,

The "Old" AnonOps netstaff.
"frakstorm", "Nerdo","owen","blergh", and "Power2All"

P.S: Further notices on AnonOps.net/ru will probably be posted to dispell this one, and any unavailablity of AnonOps.in will only prove this message is true. THIS IS NOT A JOKE, THIS ISN'T A LIE, THIS IS THE TRUTH AND WE ARE SORRY FOR THAT.

P.P.S: The person behind this attack is also involved in the "new" Encyclopedia Dramatica (encyclopediadramatica.ch) . If you have previously signed up as a user with a legitimate email-address/password, you should take caution and consider that your account and password *might* be compromised.

This is not the first instance of Anonymous operations assets being compromised by disillusioned members.

Earlier this year, a splinter group known as Backtrace Security made efforts to expose Anonymous members who participated in the well publicized attack against security contractor HBGary Federal that resulted in the disclosure of tens of thousands of company emails.

The Financial Times is also reporting that two "veteran" Anonymous members are implicating the members of the group in the recent hack against Sony Corporation systems that exposed over 100 million customer records and forced the company to suspend services on the PlayStation and Online Entertainment networks.

“If you say you are Anonymous, and do something as Anonymous, then Anonymous did it. Just because the rest of Anonymous might not agree with it, doesn’t mean Anonymous didn’t do it," said the hacker, who uses the online nickname Kayla.

Last week, in a formal letter addressed to members of the House Commerce Committee, Kazuo Hirai, chairman of Sony Computer Entertainment America, suggested that Anonymous played a role in the massive customer data breach. Sony Corporation is considering the option of offering a reward for information on the perpetrators of a network hack that has dominated industry headlines for weeks.

“They are one of the key targets,” a law enforcement source told the Financial times.

Possibly Related Articles:
19327
Network->General
Insider Threats Headlines Anonymous Hacktivist Sony pwn3d HBGary Federal BackTrace AnonOps
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.