Chapter 8: Hackers Against LulzSec

by Kyle Schurman

This chapter is a free excerpt from Lulzsec.

Although Lulz Security received plenty of publicity, the hacking community’s response was mixed. Some hackers admired the group’s activities, spawning some copycat attacks for which LulzSec later denied involvement. Other hackers actively worked against LulzSec.

Because many of LulzSec’s attacks looked and felt like pranks, it’s tough to label the type of hacking the group used. With LulzSec often operating in a “gray” area, the group alienated some hackers, who wanted the group to promote a different agenda. Other hackers didn’t appreciate the group publicizing security holes without taking advantage financially.

Complete 10-second survey to read full article!
Although Lulz Security received plenty of publicity, the hacking community’s response was mixed. Some hackers admired the group’s activities, spawning some copycat attacks for which LulzSec later denied involvement. Other hackers actively worked against LulzSec.

Because many of LulzSec’s attacks looked and felt like pranks, it’s tough to label the type of hacking the group used. With LulzSec often operating in a “gray” area, the group alienated some hackers, who wanted the group to promote a different agenda. Other hackers didn’t appreciate the group publicizing security holes without taking advantage financially.

Inside the hacking community, a white hat hacker usually refers to someone who privately alerts a business or entity to security problems, hoping to help them fix the problems before someone can exploit them.

A black hat hacker, meanwhile, looks to exploit all security holes for personal gain, never notifying a business or entity about the problem. Essentially, a black hat hacker is a computer criminal.

Learn more about hacking at: en.wikipedia.org/wiki/Hacker_(computer_security).

Some hackers, however, fall into the area between those labels. You can think of such hackers as gray hat hackers. They typically aren’t looking to cause damage or profit personally from the hacks. Gray hat hackers sometimes exploit the security holes just for the thrill of hacking, sometimes committing crimes in the process.

However, the gray hat hackers also aren’t necessarily going to notify the businesses or entities about the problems quietly. In fact, they’re more likely to announce security holes on hacker Web sites, or even publicly. Such announcements allow others to attempt to exploit the security holes. At the same time, tech security personnel can then try to prevent the hacking, as, often times, they only discover the security holes after the announcements appear on the Web sites.

Because LulzSec did not steal data for financial gain or commit serious criminal acts, the group doesn’t really fit into the black hat hacker designation. On the other hand, during some of its statements, the Lulz Security group mocked white hat hackers. That leaves LulzSec inside the gray hat criteria. In an online chat with BBC News, however, a LulzSec member said the group fits under all three descriptions. (www.bbc.co.uk/news/technology-13912836)

LulzSec also fits into the definition of hacktivism. The term hacktivism is a combination of hacker and activism. Hacktivism is the use of computing networks to emphasize and promote a political agenda, generally used by non-traditional activists.

One group labeled as a rival hacking group to Lulz Security is called TeaMp0isoN. This group decided to work against Lulz Security because it did not respect LulzSec’s hacking choices. In an interview, TeaMp0isoN members said their opposition to LulzSec results from the poor hacking skills of the group.

See more about the “team poison” response here: www.foxnews.com/scitech/2011/06/23/hacker-vs-hacker-group-races-police-to-expose-lulzsec/

To counteract LulzSec, TeaMp0isoN publicly released the actual name and personal information of Joepie91 in June. TeaMp0isoN accused Joepie91 – real name, Sven Slootweg – of being a Lulz Security member, although not a member of the core group of six, and hacked Slootweg’s personal Web site. Slootweg denied the accusation: “I am not a member of LulzSec.” TeaMp0isoN threatened to release the name of every Lulz Security member, although that did not happen.

The Jester, a well-known hacker, released a statement in June, pledging to expose members of Lulz Security. The Jester called LulzSec’s hacks “childish” in a statement. The Jester claimed to have identified the leader of LulzSec – Sabu – as an IT professional in New York City with the actual first name of Xavier, but law enforcement authorities there have not announced any arrest. Another individual hacker, TriCk, also vowed to work to identify the group members.

Read more about The Jester and TriCk at: www.guardian.co.uk/technology/2011/jun/24/lulzsec-members-and-enemies.

As mentioned earlier, one of LulzSec’s own members apparently worked against the group. M_nerva released records from online chats among the members to The Guardian Web site on June 24. Some of the chats revealed key information about the group.

June 24 was not a good day for LulzSec, as its Web and Twitter accounts also may have been hacked that day. A hacker with an online name of On3iroi claimed to have taken down LulzSec’s Web site and Twitter pages for a short time. On3iroi called his attack Operation Supernova, but LulzSec’s digital properties were restored relatively quickly.

Learn more about On3iroi’s attack at: https://on3iroi.wordpress.com/2011/06/23/21/.

Two new hacking group appeared in June to counteract Lulz Security. The seperate groups, called Team Web Ninjas and the A-Team, both claimed to have information on numerous LulzSec members and to have provided the information to law enforcement.

The claims were not verified, though. Team Web Ninjas stated it disagreed with LulzSec’s release of personal information from average Internet users as part of its hacks. Another existing hacker group, Th3j35t3r, also has worked against LulzSec.

Ultimately, the various efforts from rival hackers likely contributed to LulzSec’s decision to disband. As more hackers spoke out against the group and with more threats to release information, Lulz Security members may have decided to halt their activities before they could be caught. However, LulzSec has never stated fear of being caught as a specific reason for its disbandment.
Price: $2.99 Add to Cart
  • Lifetime guarantee
  • 100% refund
  • Free updates