Full Disclosure mailing list archives
Re: Lulzsec as irc warrior 2.0?
From: lulzb0at () hushmail com
Date: Sun, 19 Jun 2011 11:40:40 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ugay its all for lulz On Sun, 19 Jun 2011 10:33:47 +0000 "Fabio Pietrosanti (naif)" <lists () infosecurity ch> wrote:
I just wanted to make a couple of consideration about Lulzsec, without special reason, just because it's crossing to my mind. a) They are NOT carrying on technically complex attack Just web hacking and sql injection over a wide set of vulnerable website. Nothing so complex i would say, no particularly sofisticated attack has been demonstrated or shown. Web hackers with some penetration testing knowledge and new kiddies learning by web hacking.From web hacking they get access to user data and often users usethe same passwords on other systems (email, twitter, facebook, amazon, etc). That's the overall complexity of hacking attempt i've read about. b) They are GOOD at making propaganda They leverage web 2.0 and social media to create attention, anxiety about their next releases increasing expectation and increasing media penetration. That's being good at making propaganda leveraging communication tools in a clever way. They are also in a here where the 'filtering', such as asking with a prosecutor mandate to close a twitter account, is highly unpopular and investigator tend to keep open the target's social networks accounts for intelligence purposes. They got 200k followers! c) They are GOOD at making crowd sourcing and community building They leverage the crowd to recruit new wannabe hackers and even simple smart powerusers to play with released username and passwords. Like anonymous they want people to do stuff under their umbrella. They created #lulzsecschool where wannabe and script kiddie can learn simple web hacking on real targets. Are they just IRC warriors in the web 2.0 social media era, where social media exploitation provide a great set of side-effect? If they're IRC warriors within some time they will just disappear. Just think, the leaders before or later will start finding the games boring, will get a girlfriend, will start going out with friends rather than being twitter/chat addicted. However now i need to make breakfast -naif p.s. i know it's a reduced overview of the phoenomena but that's not a full analysis, but it's just an idea crossing my mind _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
-----BEGIN PGP SIGNATURE----- Charset: UTF8 Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 3.0 wsBcBAEBAgAGBQJN/eA4AAoJEE4sWZ2chp6RnZMH/jiMa7oqnSNWYItjyFylut3IA2+u o+L8LwTkxulyCbydn6Vn7B8K7ra5xqN/NNACsDlCmsHnpZYMJQiHKAt0riyxYMHnsA/f IfBvXdF0CKp5RzJH71oa5R8yY08NvvrU0MykNrv6oDgXR4rDTm1O+wvTlT+B2ZS8Achc VpDeNLJ8lGjJ5OmZVzSo5qw9n01jZExB2ciXYSBnbxXefjgLfxBYfueLIphU4YQE4OCU wQi0xwVPNB+lWbCi5bID1zgFZ5rSciif/K/76q/AVO/v0VATNAEMCsIeiVgyNcr4PgkX CNv+gv122pjrgV2yjtboL8Lu15J+dhWvUFZ4JQ6GRWM= =ZPzX -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Lulzsec as irc warrior 2.0? Fabio Pietrosanti (naif) (Jun 19)
- Re: Lulzsec as irc warrior 2.0? Abdelkader Boudih (Jun 19)
- Re: Lulzsec as irc warrior 2.0? Michel Pereira (Jun 21)
- <Possible follow-ups>
- Re: Lulzsec as irc warrior 2.0? lulzb0at (Jun 19)
- Re: Lulzsec as irc warrior 2.0? Fabio Pietrosanti (naif) (Jun 19)
- Re: Lulzsec as irc warrior 2.0? Michele Orru (Jun 19)
- Re: Lulzsec as irc warrior 2.0? coderman (Jun 19)
- Re: Lulzsec as irc warrior 2.0? Fabio Pietrosanti (naif) (Jun 19)