The hackers known as LulzSec came out of retirement in the wake of Rupert Murdoch’s News of the World mobile phone hacking scandal to infiltrate the security barriers of two of the media mogul’s publications.
After finding a weakness in a retired server for The Sun, the group posted a fake story proclaiming Murdoch’s death from an overdose of palladium on the front page of the Website. Though very much alive, Murdoch is facing a tough week, including a grilling from British lawmakers July 19.
Both newspapers’ Websites were pulled offline after the attack occurred but have since been restored. “Thank you for the love tonight. I know we quit, but we couldn’t sit by with our wine watching this walnut-faced Murdoch clowning around,” the group posted on Twitter. However, the threat to the papers’ parent company, News Corp., may not end there. The group has been releasing the email addresses and phone numbers of several former employees taken from News International servers.
Among the names was Rebekah Brooks, News International’s former chief executive, who resigned from her post July 15 prior to being arrested. “Sun/News of the World OWNED. We’re sitting on their emails. Press release tomorrow,” Sabu, part of the Anonymous hacker group, said in a Twitter post.
The Guardian reported that a News International spokeswoman confirmed the company was “aware” of what was happening, but made no further comment to the paper. The Sun has the 10th largest circulation of any newspaper in the world and the largest circulation of any daily newspaper in the United Kingdom; the News, once the world’s most widely-read newspaper, was closed permanently in the wake of the mobile phone hacking scandal that threatens to do enormous damage to Murdoch’s media empire.
Murdoch issued a personal apology for the company and the paper July 18, pledging the company would take “further concrete steps” to resolve these issues and “make amends” for the damage they have caused. “The News of the World was in the business of holding others to account. It failed when it came to itself,” read the statement, signed by Murdoch. “We are sorry for the serious wrongdoing that occurred. We are deeply sorry for the hurt suffered by the individuals affected.”
The LulzSec group announced June 25 via a letter to its followers that it would cease its campaign of Web attacks. The group employed SQL injection and DDoS (distributed denial-of-service) attacks to hit various targets during its 50-day spree. Some of the attacks highlighted the poor security practices prevalent among senior executives of prominent companies, such as a vice president of Fox Broadcasting reusing a very simple password across multiple services.
Interspersed with trash talking about the victimized sites and announcements of new targets, the Twitter account contained helpful “lesson of the moment” tips, such as using prepaid credit cards to make online purchases. The targeted organizations varied from giant conglomerates such as Sony to law enforcement and other government organizations to ATMs and TV networks. LulzSec’s stated goal was to have fun, to entertain others as well as themselves, and to share “lulz,” the group said repeatedly.