BreachExchange mailing list archives
Leaked Info Allegedly Shows The Absurd Lengths BofA Goes To Spy On Hackers
From: Erica Absetz <eabsetz () opensecurityfoundation org>
Date: Wed, 27 Feb 2013 09:30:01 -0500
http://www.businessinsider.com/anonymous-hack-of-bank-of-america-google-2013-2 Anonymous hackers have released 14 gigabytes of information allegedly related toBank of America and a web intelligence firm it hired to spy on hackers and social activists last year. Emails detail how employees of TEKSystems actively watched hacker forums and social media sites for anyremotely relevant pieces of "intelligence." The leak includes a list of more than 10,000 words, phrases, and references — everything from "jihad" to "keg stand" to "I Wish That I Had Duck Feet" — that was used to match for entries on forums like anonopsand sites including Twitter(includingTweetdeck), pastebin,Facebook, and various blogs. A press release fromPar:AnoIA (aka Anonymous Intelligence Agency) states that the data "clearly shows that the research was sloppy, random and valueless." But the emails include "Daily Cyber Threat Highlights" that list events and stories from all over the world. And the data dump adds a new element to what is known about public and private entitiessurveilling protestors of Occupy Wall Street. We knew that web intelligence firm Ntrepid mapped online relationships between anarchists and the leaders of Occupy. These documents reveal that TEKSystems assembled "intelligence" reports on both Occupy and hackers for (at least) the first 11 months of 2012. Anonymous insists it was not a hack: "[T]he data was not acquired by a hack but because it was stored on a misconfigured server and basically open for grabs. Even more alarming, the data was retrieved from an Israeli server in Tel Aviv." "As a bonus," the hackers released 4.8 gigabytes of data containing the salary information top executives around the world, including Google CEO Eric Schmidt. _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security equips organizations with security intelligence, risk management services and on-demand security solutions to establish customized risk-based programs to address information security and compliance challenges.
Current thread:
- Leaked Info Allegedly Shows The Absurd Lengths BofA Goes To Spy On Hackers Erica Absetz (Feb 27)