Anonymous had bad month, but no less 'reliable'

It hasn't been the best of months for Anonymous, the loose hacktivist collective that likes to view itself as the most potent threat on the Web to big government, big business and those who do not share its views on pretty much anything -- law enforcement, the environment, internet freedom, copyright laws, politics etc.

Several of its recent claims have been exposed as not just inflated, but outright fabrications.

Earlier this month, AntiSec, an offshoot of Anonymous, posted more than 1 million Apple Unique Device Identifiers (UDID) to Pastebin, and claimed it had stolen more than 12 million of them from an FBI agent's laptop in March.

The group claimed to have personal mailing addresses and phone numbers besides the UDIDs, plus device tokens for the Apple Push Notification Service (APNS) for numerous types of Apple devices such as iPhones, iPads and iPod Touches.

The FBI immediately denied that any of its computers had been compromised. Apple said it had never provided UDIDs to the FBI. And, as Michael Mimoso noted on the Kaspersky Labs blog Threatpost, David Schuetz, a senior consultant with Intrepidus Group, found that the real source of the breach was BlueToad, a Florida based technology provider for digital publishers.

"[Schuetz] found a password dump online for BlueToad dated March 14, the same week AntiSec said it had breached the FBI computer. Any hesitancy Schuetz had regarding BlueToad's connection to the breach was evaporating," Mimoso wrote.

Earlier this week, BlueToad CEO Paul DeHart publicly confirmed via the company's blog that it was the source of the breach, that it had contacted law enforcement and was cooperating in the investigation.

There was also the recent boast by Twitter user @AnonymousOwn3r that he had shut down the website provider and domain name registrar GoDaddy on Sunday with a distributed denial-of-service (DDoS) attack.

Wrong again, said GoDaddy interim CEO Scott Wagner, who explained on the company website that the problem was a "service outage due to a series of internal network events that corrupted router data tables."

[Slide show: Anonymous and LulzSec - 10 greatest hits]

Then there was the claim last month that Anonymous was looking to break into the communication system between NASA and the Mars rover Curiosity.

That didn't even pass the laugh test for most security professionals, who viewed it as a bad joke or a weak attempt at trolling.

Last March, LulzSec, which operated under the Anonymous umbrella, after the FBI arrested and then flipped its leader, Hector Xavier Monsegur, who went by the hacker name of "Sabu."

Does all this mean that the Anonymous brand has been undermined? Do its boasts and threats have any credibility in the security community?

Yes and no, say those who track its exploits. Most agree with Cole Stryker, an author who has researched Anonymous and who The New York Times quoted describing it as "a handful of geniuses surrounded by a legion of idiots."

Those idiots, say experts, are going to make a host of errors and laughable claims. But that does not mean there is no danger from the core group.

"What we have here is a bunch of kids, largely in UK and here and dozens of other places such as Brazil, Turkey, Iran, China, Ukraine, Romania and lesser numbers in other places across the planet -- a bunch of really bored kids who want to be a part of something, but have no clue," said Kevin McAleavey, cofounder of the KNOS Project and a malware and hacking expert.

"How seriously do I take Anonymous's claims? About as seriously as I take 'The Daily Show,'" he said. "Yes there are a handful of really dangerous people who those kids admire and who occasionally feed them a breath mint. One or two of them have already been apprehended. The rest have gone back to collecting exploits and writing malware, and selling them to criminals and government spooks for real cash. They won't touch Anonymous any more because the heat is too high."

Nick Selby, a Texas police officer and information security consultant who runs a police-led intelligence blog, noted at the time of the LulzSec bust that there is essentially no barrier to claim membership in Anonymous. "It doesn't require massive technical skills -- just reasonable knowledge and a willingness to break the law," he said.

But Aaron Cohen, founder of the Hacker Academy, said he thinks it would be foolish to discount the group's skill and power. He said he has a hard time talking about Anonymous, "because we don't know who they are. People are out there doing things under the name of Anonymous, but you don't really know if that's true."

Cohen said the whole idea of an Anonymous brand misses the point. "They're not looking for branding," he said. "They're doing it under a pseudo name. There is no call to arms to get somebody. But if one person says they're going to get a company, then everybody tends to rally around that person."

But Cohen adds that he thinks Anonymous has been "pretty reliable so far," in both its claims and its threats. And he said whether it is Anonymous or some other group, good hackers are proof that "if people want to break into something badly enough, they can."

"So if you're a target, it's best to tighten up," he said.

Read more about malware/cybercrime in CSOonline's Malware/Cybercrime section.

Join the CSO newsletter!

Error: Please check your email address.
Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Taylor Armerding

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place