Anonymous Hackers Take Down PandaLabs Website

 
 
By Jeffrey Burt  |  Posted 2012-03-07
 
 
 

A day after the arrests of several alleged members of the hacker group LulzSec, others claiming to be members of the hacker collective Anonymous took over the home page of Panda Security's PandaLabs Website in retaliation.

They also took aim at Hector Xavier Monsegur, a New York City resident and alleged leader of the LulzSec group, whose cooperation with authorities helped lead to the arrests March 6. Monsegur reportedly had used the online name "Sabu" in his work with LulzSec.

"Yeah yeah, we know, Sabu snitched on us," a message on the Hacked PandaLabs page reportedly said. "As usually happens, FBI menaced him to take his sons away. We understand, but we were your family, too."

The hackers also promised to continue their activities, and challenged the FBI and other authorities to try to find them. "To FBI and others ... come at us bros we are waiting for you," the message read.

As of the morning of March 7, attempts to call up the PandaLabs Website are met with a message saying that Google was unable to reach the site.

Anonymous is seen as a loosely formed collective of hackers that has defaced and shut down a variety of Websites, including those associated with various government agencies, the music industry and companies that cut ties with the controversial whistle-blower WikiLeaks operation. Among its most high-profile attacks came in December 2011, when it hacked into the Website of Stratfor Global Intelligence, a U.S.-based security company whose email system was accessed and several million emails stolen.

Some of those emails have begun showing up on the WikiLeaks site. Soon after the attack by Anonymous was discovered, Stratfor CEO George Friedman tried to calm customers by saying there was nothing damaging or significant in the stolen emails. However, the company said in a statement in February, after the first of the emails was posted on WikiLeaks, that the release of the emails was "deplorable" and that officials would have no further comment.

"Having had our property stolen, we will not be victimized twice by submitting to questioning about them," Stratfor said in the statement.

Anonymous also had a loose association with LulzSec, which during its 50-day spree last year targeted some U.S. and British government sites, as well as companies, such as Sony. The group ended its attacks last year, though reports have some members of LulzSec joining with Anonymous.

Authorities on both sides of the Atlantic have been working to track down the hackers, leading to the arrests of several members from both Anonymous and LulzSec. The U.S. Department of Homeland Security also has warned about potential attacks coming this year.

The sweeping arrests of five highly placed members of LulzSec March 6€”two of the suspects were from England, two more from Ireland and the fifth from Chicago€”were among the most high profile. According to reports, the break came last year, when Monsegur€”or Sabu€”a 28-year-old unemployed father of two who lives in New York City, was identified and arrested on a slew of charges. He pleaded guilty in August 2011 and began cooperating with authorities in hopes of getting a reduced prison sentence.

After the arrests, Luis Corrons, technical director at PandaLabs, praised the arrests in a blog titled "Where is the Lulz Now."

The Anonymous hackers accused Panda Security of helping investigators track down members of Anonymous and LulzSec, saying Panda's efforts helped lead to the arrest of 25 Anonymous members.

In a statement to journalists, Panda Security said the Anonymous hackers got into a Web server that was hosted outside of Panda's internal network, and that the server was primarily used for marketing campaigns and hosting blogs.

"Neither the main Website, www.pandasecurity.com, nor www.cloudantivirus.com were affected in the attack," the company said in the statement. "The attack did not breach Panda Security's internal network, and neither source code, update servers nor customer data was accessed."

The only information the hackers were able to access related to marketing campaigns, "such as landing pages and some obsolete credentials, including supposed credentials for employees that have not been working at Panda for over five years," the company said.

 
Rocket Fuel