Why LulzSec Hacks: A Timeline of Major Hacks

LulzSec has been pushed into the media spotlight, with more than 144,000 followers on Twitter this hacking group has captured the attention of everyone in the technology and security industry. They say “we have now taken it upon ourselves to spread fun, fun, fun, throughout the entire calender year,” and are doing it for the “lulz,” however many hacks have other motives.

Fox

7 May – 12 May
http://twitter.com/#!/LulzSec/status/66648067281141760

What Happened: LulzSec hacks into X-Factor databases and release the contestant database containing personal details. Fox databases and LinkedIn accounts also stolen and LulzSec takes over several Fox Twitter accounts.

Why:They pointed out to one Twitter user, that they do everything for fun after defending Common. “Fox called him a ‘vile rapper’; we call Fox common scum.” They also later published a security tip advising customers to not trust big companies saying “putting trust in large companies is foolish.”

UK ATMS

15 May

http://twitter.com/#!/LulzSec/status/69216489114316800

What Happened: 3133 individual bank account details with private details such as location of transactions and amounts of transactions.

Why: In a press release a chat between the two administrators was published. Whirlpool, a pseudonym for one of the hackers, said “should we leak pointless ATM information?” In reply, Kraken replies “someone will find a use for it all.”

Sony Japan

23 May

http://twitter.com/#!/LulzSec/status/72823208465805312

What Happened: The “innards” of a Sony database were published. They exploited a SQL vulnerability to gain access, similar to what happened to Sony BMG Greece.

Why: As part of a long running campaign, hacking groups have targeted Sony. LulzSec said “we just want to embarrass Sony some more”

PBS

30 May

http://twitter.com/#!/LulzSec/status/75040995229696001

What Happened: LulzSec gained access to passwords used in various PBS passwords and published a fake article saying that Tupac was found alive.

Why: PBS aired a negative WikiLeaks documentary called WikiSecrets. They tell PBS that it “sucked” on Twitter. Later they published a webpage on PBS, clarifying their intent.

2600

31 May

http://twitter.com/#!/LulzSec/status/78594471318659072

What Happened: LulzSec brings down 2600, a hacking magazine, IRC chat facilities.

Why: The Jester (th3 j35t3r), a hacktivist, attacked WikiLeaks and allegedly uses 2600 chat channels. This view was at odds with LulzSec who support WikiLeaks.

Sownage

http://twitter.com/#!/LulzSec/status/76216034260029440

2 June and 6 June

What Happened: Music codes, coupons, SonyPictures customer details, SonyPictures databases, Sony BMG details and Sony Computer Entertainment Developer Network source code were taken in two separate events called Sownage 1 and 2.

Why: Wanted to continue embarrassing Sony, especially after the PSN data hacks which resulted in free games and the PSN been down for multiple weeks.

Infragard

3 June

http://twitter.com/#!/LulzSec/status/77303014767067136

What Happened: Infragard, a FBI affiliate, targeted with website defaced, email logs and personal details of the owner, Karim Hijazi,

Why: They accused the company of corruption. They told “journalists and other writers to delve through the emails carefully, as we have uncovered an operation orchestrated by Unveillance and others to control and assess Libyan cyberspace through malicious means.”

Black & Berg Hacking Prize

8 June

http://twitter.com/#!/JosephKBlack/status/77826828462592000

What Happened: Black & Berg set up a $10,000 prize for anyone who could change the picture used on their frontpage.

Why: Joseph Black had tweeted links to previous LulzSec hacks and made direct contact (via Twitter) praising the LulzSec group. LulzSec say the task was easy, saying they did it for the “lulz.”

Porn Websites

10 June

http://twitter.com/#!/LulzSec/status/79293937977802752

What Happened: Emails and passwords of 26,000 people from user databases of pornography websites. Facebook later suspends all email accounts mentioned associated with the release.

Why: They say it was for “mild fun.” They asked followers on Twitter to try to embarrass members of the websites using the passwords on Facebook.

Senate.gov

13 June

http://twitter.com/#!/LulzSec/status/80353638769364992

What Happened: Sophos said in a blog post that ‘some basic information on the filesystems, user logins and the Apache web server config files,’ has been stolen.

Why: Continuing their anti-government attacks. They reference that hacking was considered an act of war by the Pentagon (Wall Street Journal)

Gaming Websites

http://twitter.com/#!/LulzSec/status/80723273394040832

13 June (Bethesda Softworks) and 15 June (rest of the mentioned websites)

What Happened: Escapist Magazine, League of Legends, Minecraft, EVE online all faced a distributed denial-of-service attack. CCP Games, the creators of EVE online, take down all their websites to avoid data loss. The group brands it “Titanic Takeover Tuesday.”

Why: Unknown

16,000 Log-in Details

http://twitter.com/#!/LulzSec/status/81480919936016384

16 June 2011

What Happened: LulzSec releases the email addresses and passwords for 16,000 users. LulzSec says “these are random assortments from a collection, so don”t ask which site they’re from or how old they are.”

Why: The log-in details was a reward for using posting messages on 4Chan flooding the board with questions about Triforce.

AntiSec

http://twitter.com/#!/LulzSec/status/82655593592135680

20 June –

What Happened: LulzSec and Anonymous, distributed hacking group, start a project to release information about corrupt governments. They all the public to help them and set up multiple groups including LulzSec Brazil and Italy. This article does not investigate any further AntiSec hacks in this list, some of the targets have included NATO, music companies, Arizona Police? and the Turkish Government.

Why: The LulzSec brand continues in minor groups that may not have the same members of LulzSec. They say they hope the information can help expose corruption and start a revolution.

Member Arrested and Data Leaked

22 June

What Happened: Ryan Clearly arrested in a joint Scotland Yard and FBI investigation into the group. The FBI has also allegedly seized servers looking for LulzSec data after this date.

LulzSec also released the personal details of two member of the group after they tried to “snitch” on the group. LulzSec says these members were involved in illegal hacking activity.

LulzSec “Ends”

25 June

http://twitter.com/#!/LulzSec/status/84758628325801984

What Happened: LulzSec says they are done with hacking after 50 days they said that behind the LulzSec brand they were people, reiterated support of the AntiSec movement and how much they enjoyed hacking saying it was “all to selflessly entertain others – vanity, fame, recognition, all of these things are shadowed by our desire for that which we all love.”

The Sun

19 July

http://twitter.com/#!/LulzSec/status/93122799769628672

What Happened: After a hiatus, LulzSec hacked in News Corporation’s The Sun. The newspaper website then redirected users to a website with a fake news story that Murdoch was dead, after consuming large quantities of chemicals. LulzSec are planning to release News of the World emails saying “we’re currently working with certain media outlets who have been granted exclusive access to some of the News of the World emails we have.”

Why: The Sun (a News Corporation tabloid) attack was clearly aimed at News Corporation which is involved in a phone hacking scandal which lead to the end of the tabloid, News of the World, where journalists was found to be phone hacking for stories.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s