Feeds

FBI sends memo to US.gov sysadmins: You've been hacked... for the past YEAR

Claims Anonymous hacktivists have been pilfering info through leaky backdoors

High performance access to file storage

Hacktivists allegedly affiliated with Anonymous have been covertly breaking into US government systems and pilfering sensitive information for nearly a year, the FBI warned last week.

The attacks (which began last December and are thought to be ongoing) exploit flaws in Adobe's ColdFusion web app development software to plant backdoors on compromised systems, according to an FBI memo seen by Reuters. The memo said the US army, Department of Energy, Department of Health and Human Services, and others had all been targeted.

Officials told the news agency that the warning was linked to attacks allegedly carried out by Lauri Love, 28, of Stradishall, England and others. Love alone was indicted in New Jersey last month over a string of attacks that matches that latest warnings.

A DoJ statement on the indictment lists 10 attacks against US government systems, eight of which are blamed on ColdFusion exploits1. The remaining two attacks were blamed on SQL injection-style assaults.

Some of the breaches have been publicised by Anonymous under the a campaign dubbed Operation Last Resort (‪#OpLastResort‬), which aims to protest against the overzealous prosecution of computer crime suspects including Aaron Swartz, a programmer who committed suicide under the shadow of a prosecution for computer crimes after he systematically downloaded academic journal articles from the JSTOR digital library.

The FBI is urging government sysadmins and website administrators to take urgent remedial action to contain the problem, which it warns is more serious than recent press reports of hack against US government systems might suggest.

"The majority of the intrusions have not yet been made publicly known," the Feds warned, Reuters reports. "It is unknown exactly how many systems have been compromised, but it is a widespread problem that should be addressed."

News of the warning broke late last week shortly after Anonymous affiliated hacker Jeremy Hammond was jailed for 10 years for hacking into the systems of private intelligence firm Stratfor and stealing credit card details and emails.

Hammond claimed in court that LulzSec suspect turned super-snitch Hector "Sabu" Monseigneur had encouraged him to hack into the websites of various governments under the AntiSec banner. An earlier (more concise) statement from Hammond along the same lines can be found on the FreeJeremy support website here.

The harsh sentence against Hammond prompted elements of Anonymous to re-launch ‪OpLastResort‬, with a video about the ongoing Edward Snowden revelations that refers to "Global Cyberwar II". Apparently Global Cyberwar I happened two years ago. ®

Bugnote

1 Separately security firm Hold Security has linked attacks against ColdFusion version 8 to the recent high-profile theft of Adobe source code as well as attacks against LexisNexis and others.

High performance access to file storage

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
NSA denies it knew about and USED Heartbleed encryption flaw for TWO YEARS
Agency forgets it exists to protect communications, not just spy on them
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
HP ArcSight ESM solution helps Finansbank
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.