BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Leaked Info Allegedly Shows The Absurd Lengths BofA Goes To Spy On Hackers

From: Erica Absetz <eabsetz () opensecurityfoundation org>
Date: Wed, 27 Feb 2013 09:30:01 -0500
http://www.businessinsider.com/anonymous-hack-of-bank-of-america-google-2013-2

Anonymous hackers have released 14 gigabytes of information allegedly
related toBank of America and a web intelligence firm it hired to spy
on hackers and social activists last year.

Emails detail how employees of TEKSystems actively watched hacker
forums and social media sites for anyremotely relevant pieces of
"intelligence."

The leak includes a list of more than 10,000 words, phrases, and
references — everything from "jihad" to "keg stand" to "I Wish That I
Had Duck Feet" — that was used to match for entries on forums like
anonopsand sites including Twitter(includingTweetdeck),
pastebin,Facebook, and various blogs.

A press release fromPar:AnoIA (aka Anonymous Intelligence Agency)
states that the data "clearly shows that the research was sloppy,
random and valueless."

But the emails include "Daily Cyber Threat Highlights" that list
events and stories from all over the world.

And the data dump adds a new element to what is known about public and
private entitiessurveilling protestors of Occupy Wall Street.

We knew that web intelligence firm Ntrepid mapped online relationships
between anarchists and the leaders of Occupy. These documents reveal
that TEKSystems assembled "intelligence" reports on both Occupy and
hackers for (at least) the first 11 months of 2012.

Anonymous insists it was not a hack:

"[T]he data was not acquired by a hack but because it was stored on a
misconfigured server and basically open for grabs. Even more alarming,
the data was retrieved from an Israeli server in Tel Aviv."

"As a bonus," the hackers released 4.8 gigabytes of data containing
the salary information top executives around the world, including
Google CEO Eric Schmidt.
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges.
Previous By Date Next
Previous By Thread Next

Current thread: