Thursday, February 7, 2013

Activist hacked US Sentencing Commission website

Hacktivist group Anonymous took control of the U.S. Sentencing Commission website Friday, January 25 in a new campaign called "Operation Last Resort."
The first attack on the website was early Friday morning. The second - successful - attack came around 9pm PST that evening.
By 3am PST was down (it had been dropped from the DNS), yet as of this writing the IP address ( still returned the defaced site's contents.
Update January 26, 8pm PST: is restored.
It appears that via the U.S. government website, Anonymous had distributed encrypted government files and left a statement on the website that de-encryption keys would be publicly released (thus releasing the as-yet unkonwn information held on the stolen files) if the U.S. government did not comply with Anonymous' ultimatum demands for legal reform.
Anonymous explained that they used this webiste for symbolic reasons.
The U.S. Sentencing Commission sets guidelines for sentencing in United States Federal courts, and on the defaced website Anonymous cited the recent suicide of hacktivist Aaron Swartz as a "line that has been crossed."
The statement suggested retaliation for Swartz's tragic suicide, which many - including the family - believe was a result of overzealous prosecution by the Department of Justice and what the family deemed a "bullying" use of outdated computer crime laws.
Anonymous has not specified exactly what files they have obtained. The various files were named after Supreme Court Justices.
According to the statement:
Warhead – U S – D O J – L E A – 2013 . A E E 256 is primed and armed. It has been quietly distributed to numerous mirrors over the last few days and is available for download from this website now. We encourage all Anonymous to syndicate this file as widely as possible.
This appears to be Anonymous sending a threatening message to whoever knows what might be on the encrypted files.
Anonymous has encouraged anyone and everyone to distribute the files, so it is unknown who has the files or how many have been distributed. The files are useless without the encryption keys.
The contents are various and we won’t ruin the speculation by revealing them. Suffice it to say, everyone has secrets, and some things are not meant to be public.
At a regular interval commencing today, we will choose one media outlet and supply them with heavily redacted partial contents of the file. Any media outlets wishing to be eligible for this program must include within their reporting a means of secure communications.
Currently two of the mirrors are slow, and one has gone offline completely.
It is possible, as suggested by the file names, that Anonymous may have taken files pertaining to each of the Justices (all of whom were named on filenames at the bottom of the defaced page, such as "Scalia.warhead1") and put them in a file (named "Warhead-US-DOJ-LEA-2013.aes256") and then appended a command to the file that would nuke the file.
This suggests that Anonymous may have obtained files and nuked the compromised server.
Anonymous Tweeted that the group left a backdoor and made it editable in a way that encourages other hackers to come and shell the server.

No comments:

Post a Comment