Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
Quick Links
LulzSec Resorting To Extortion
Eerazer
Member Posts: 140
thej35t3r just tweeted about this: 'th3j35t3r Tickety Tock Tock
bit.ly/kWby9X - extortion too? Keep it coming.
------------------------------------------------------------------------------------
FOR IMMEDIATE RELEASE
JUNE 3, 2011
Official Statement from Karim Hijazi, CEO of Unveillance
Over the last two weeks, my company, Unveillance, has been the target of a sophisticated group of hackers now identified as “LulzSec.” During this two week period, I was personally contacted by several members of this group who made threats against me and my company to try to obtain money as well as to force me into revealing sensitive data about my botnet intelligence that would have put many other businesses, government agencies and individuals at risk of massive Distributed Denial of Service (DDoS) attacks.
In spite of these threats, I refused to pay off LulzSec or to supply them with access to this sensitive botnet information. Had we agreed to provide this data to them, LulzSec would have been able to grow the size and scope of their DDoS attack and fraud capabilities.
Plain and simple, I refused to comply with their demands. Because of this, they followed through in their threats – and attacked me, my business and my personal reputation.
I believe this incident shows the true nature of LulzSec. For those who might think otherwise, consider the following exchanges, taken directly from several of our IRC chats:
(KARIM) So did we wrong you in some way, let’s get to the point?
(LULZ) <@Ninetales>; If you wronged us, all of your affiliates would be crushed. Don’t worry, you’re in the good books. The point is a very crude word: extortion.
(LULZ) <@Ninetales>; And what we’re both willing to agree upon that you sacrifice in return for our silence.
(LULZ) <@Ninetales>; While I do get great enjoyment from obliterating whitehats from cyberspace, I can save this pleasure for other targets. Let’s just simplify: you have lots of money, we want more money.
(LULZ) <@Ninetales>; Prepaid Visas, MoneyPaks, BitCoins, Liberty Reserve, WebMoney, the flavor of your choice. Naturally we’ll avoid PayPal.
(LULZ)[15:04] hamster_nipples: what made you decide to get into this business?
(LULZ)[15:04] hamster_nipples: you realize the security business is severely dangerous?
(LULZ)[15:04] hamster_nipples: do you realize there are blackhats x1000 worse than us that would have harrassed your
(LULZ)[15:04] hamster_nipples: personal life?
(KARIM)[15:04] me: Saw a need… usually a good reason.
(LULZ)[15:04] hamster_nipples: you should consider yourself lucky.
(LULZ)[15:04] pwnage: heard of the guy who runs ZeuStracker?
(KARIM)[15:05] me: yes
(LULZ)[15:05] pwnage: they planned to have him whacked
(LULZ)[15:05] pwnage: faked his suicide
(LULZ)[15:05] pwnage: fucked with his life big style
(KARIM)[15:23] me: I need to think and be able to think clearly without the threat of extortion.
(LULZ)[15:23] hamster_nipples: haha
(LULZ)[15:24] hamster_nipples: unfortunately you have little choice at this point
(LULZ)[15:24] hamster_nipples: don’t think of it as extortion
(KARIM)[15:24] me: Without that luxury, my company will fail…
(LULZ)[15:24] hamster_nipples: consider it a partership
(LULZ)[15:24] hamster_nipples: at this point I don’t want your business to fail
I think that says it all.
A few points I wish to clarify:
1. I have been able to protect the sensitive data which LulzSec was ultimately after. All they have stolen and publicly dumped are my personal and work emails.
2. I am now, and have been, in full cooperation with the FBI. In fact, I contacted the FBI and US-CERT immediately after I began receiving threats from LulzSec to request their assistance – and to explain the nature of the threat. I offered my full cooperation to the FBI in an effort to rectify the situation.
3. Unveillance is not a security company. We are a private botnet monitoring service – and a good one, which is why we were targeted. I do not provide security services to other companies. What I do provide clients with is the first zero false-positive analysis tool for identifying confirmed botnet infections in their computer networks.
4. I am not surprised by this attack; or the information dump on me; or their slanderous statements against me and my company. This is precisely what they threatened me with – in addition to other things, including allusions to physical harm to me and my family – if I did not cooperate with their demands.
5. I do not regret refusing to cooperate with LulzSec. My data is of national security importance. I could not and cannot, in good conscience, agree to release my botnet intelligence to an organization of hackers.
I stand firm behind my decision not to comply with the demands of LulzSec. I hope this incident will enlighten others as to the true character and intent of this organization.
- Karim Hijazi
CEO, Unveillance
Comments
Yeah, it doesn't surprise me at all. They tried to extort info and an in-game item out of Bethesda as well. They are just racking up the felony charges for when they eventually get caught. For such talented Crackers(The proper term for what they do) they sure are stupid when it comes to just about everything else. Their bragging and direct contact with these companies is going to be their undoing.
Bren
while(horse==dead)
{
beat();
}
That's pretty hilarious. They're trying to attack the government ....AND get in-game items? What happened, their mom came into the room and turned off their computer? LOL.
They weren't trying to get the item themselves. They wanted Bethesda to code a LulzSec black top hat into Skyrim for anyone that wanted one. They wanted their own item introduced into the game itself.
Bren
while(horse==dead)
{
beat();
}
What garbage, I guess not everyone wants to work for what they have.
Pretty soon the government will be able to take pay-per-view orders for when they're arrested. There's your noteriety, eh? Those watching at the time will get the last lulz.
Just not worth my time anymore.
Is anyone really going to hire that guy after being hacked by lulzsec?
http://th3j35t3r.wordpress.com/2011/06/16/quick-n-dirty-just-for-clarification/?utm_source=Jesters+Court+Blog&utm_medium=twitter
At the very bottom it just got updated again. Busted??
well well that is interesting. well done joker!
i just sent the information to the CIA.
edit: though knowing them they might just hire the douchebag. lol ... nah probably not.
look at Th3J35t3rs recent tweets, linked in the op. Sucks to be Casey Gardiner.
Another great example of Moore's Law. Give people access to that much space (developers and users alike) and they'll find uses for it that you can never imagine. "640K ought to be enough for anybody" - Bill Gates 1981
They outed several more. http://lulzsecexposed.blogspot.com/
I wouldn't go as far as saying what they were doing is terrorism. A bit over the top?
A good hacker/cracker uses anonymity and doesn't "advertise" their existence. I worked for a comapny that get attacked by one like that and it took months for anyone to even realize there was an attack.
Hackers eventually let their egos get the better of them though and start doing stupid bullshit llike these guys. Direct contacts, Twitter, IRC chats... they're going down sooner rather than later.
http://lulzsecurity.com/releases/1000th_tweet_press_release.txt
They think they are tough and don't care that they will eventually be brought to justice. Well then since they aren't afraid when they are caught we should send them to North Korea or syria and see if they still are tough. Hopefully they get there fingers chopped off after they get there nails pulled.
"You have some serious mental issues you may need to seek some help for. There are others who post things, but do not post them in the way you do. Out of every person who posts crazy shit in this forum, you have some of the craziest and scariest" -FarReach
affiliates right now, inside PBS, inside Sony... watching... abusing..."
...And one by one they start to fall.
Bren
while(horse==dead)
{
beat();
}
Saw the Th3J35t3r mention that this morning on twitter.
Another link
Named as Ryan Cleary from a pastebin linked in the article.
Edit: I forgot to add it's unconfirmed atm.