Feeds

Feds arrest 16 in Anonymous hack probe

PayPal avenged for 'Operation Avenge Assange'

SANS - Survey on application security programs

Federal officials arrested 16 people accused of carrying out computer crimes that damaged or breached protected systems, including a December attack organized by the Anonymous hacker collective on PayPal that caused numerous service disruptions.

Fourteen suspects from 10 states were accused of participating in “Operation Avenge Assange,” which sought to punish the eBay-owned payment service for suspending an account belonging to whistle-blower website WikiLeaks. Using a tool known as the Low Orbit Ion Cannon and distributed by Anonymous members, they allegedly helped to coordinate an attack that bombarded PayPal servers with more traffic than they were designed to handle.

Members of Anonymous gathered in internet relay channels to plan and carry out the attack against PayPal, which banned WikiLeaks a few weeks after publishing hundreds of thousands of classified US State Department memos. The indictment, which was filed last week in federal court in San José, California, was unsealed Tuesday, just hours after it was widely reported that FBI agents had raided the homes of suspected Anonymous members.

They were charged with counts of conspiracy and intentional damage to a protected computer, and were scheduled to appear Tuesday in various federal courthouses near where they were arrested.

Thirteen of the suspects were identified as: Christopher Wayne Cooper, 23, aka "Anthrophobic"; Joshua John Covelli, 26, aka "Absolem" and "Toxic"; Keith Wilson Downey, 26; Mercedes Renee Haefer, 20, aka "No" and "MMMM"; Donald Husband, 29, aka "Ananon"; Vincent Charles Kershaw, 27, aka "Trivette", "Triv", and "Reaper"; Ethan Miles, 33; James C. Murphy, 36; Drew Alan Phillips, 26, aka "Drew010"; Jeffrey Puglisi, 28, aka "Jeffer", "Jefferp", and "Ji"; Daniel Sullivan, 22; Tracy Ann Valenzuela, 42; and Christopher Quang Vo, 22.

The name of one suspect was withheld.

Federal prosecutors announced the arrests of two other people who were charged with computer offenses that may have been related to hacks credited to LulzSec, which many believe to be a splinter group of Anonymous.

Scott Matthew Arciszewski, a 21-year-old student at the University of Central Florida, illegally accessed a website operated by the FBI-affiliated Infragard, a criminal complaint filed last week in Tampa alleged. He then uploaded three files he named “aspydrv.asp;jpg” – and, yes, the indictment includes that semicolon in the filename – which “caused damage to the server by impairing the integrity of the server,” according to FBI Special Agent Adam R. Malone, who prepared the document.

Arciszewski allegedly referred to the intrusion on his Twitter account and included a link to instructions for others to compromise the site.

Arciszewski's alleged June 21 hack came two weeks after LulzSec took credit for breaching the security of Infragard systems, defacing its website, and leaking its email database in the process.

A 16th suspect was accused in a separate complaint filed in federal court in New Jersey of stealing confidential business information stored on AT&T servers and posting it to the internet. Lance Moore, 21, of Las Cruces, New Mexico, allegedly used his position as a customer support contractor for the telecom giant to obtain the data, and then, in April, to post it to Fileape.com, which promises never to store the IP addresses of its users.

In late June, LulzSec announced it had acquired the data and recirculated it as part of a massive bittorrent upload.

In all, FBI agents executed 35 search warrants on Tuesday throughout the US as part of an ongoing investigation into coordinated “cyber attacks” against major companies and organizations. In a press release, prosecutors said Tuesday's arrests coincided with the arrests of one person in the UK's Metropolitan Police Service and four individuals by the Dutch National Police Agency. Those detentions were related to unspecified “cyber crimes.”

To date, more than 75 searches have taken place in the US as part of the investigation. ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.