Ads

New Domain

Blog has been moved to new domain: www.it-googled.com Enjoy!

Friday, 1 July 2011

LulzSec malware hoax

"IDG News Service - The LulzSec hacking group sailed off into the sunset Saturday, leaving behind a treasure trove of stolen data along with what some antivirus programs identified as a nasty surprise for anyone who downloaded the Torrent file: a Trojan horse program.

But not so fast. On Monday several antivirus vendors took a close look at the file in question and decided that the program wasn't actually harmful. Consider it an inadvertent parting prank on the security industry the hacking grew took such delight in tormenting. More Lulz for the Lulz Boat.

Early in the day, 26 of the 42 security companies whose scanning products can be tested on the VirusTotal Web site reported that a file within LulzSec's "AT&T internal data" folder was malware, designed to give hackers remote access to the victim's computer.

But by Monday night Kaspersky Lab, McAfee and Trend Micro all reported that this was incorrect. According to Roel Schouwenberg, a researcher at Kaspersky Lab, other companies are flagging the file as a Trojan because it used pirated WinRar compression software that made the file look very similar to known malicious programs. These pirated compression programs are often used to compress malicious files and "a lot of companies are quite aggressive with these detections," he said in an interview.

In its final press release, LulzSec blamed the whole thing on AT&T, warning readers not to open the file and saying, "it is malware (due to AT&T using a pirated copy of WinRar)"

The file in question has reportedly been pulled from the LulzSec torrent, but the incident added to the chaos and confusion that the LulzSec crew seemed to love leaving in its wake.

LulzSec took particular pleasure in causing trouble for security companies, especially those it saw as aiding its enemies -- such as Prolexic, a provider of denial-of-service attack mitigation services, thought to be securing Sony's networks, and Endgame Systems, a company with links to the U.S. Central Intelligence Agency. The hackers released dox -- dossiers of information including phone numbers, addresses and online profiles of the executives at these companies and their family members." By Robert McMillan
June 28, 2011 04:14 AM ET
Good article written by Robert McMillan


LulzSec did it again, by proving that such companies are not protected against an entry-level hack. For the last few weeks I gathered that using some hacks dated back to 2002 still works due to loads of unpatched web servers/DNS servers etc. Seem like LulzSec in some sense will add importance and increase the level's of security worldwide.It's a Machiavelli's way to do so and many companies,students,entry-level IT staff will suffer. As for us professionals we have to make sure that we patch and monitor our system pro-actively on regular bases.

Final thought

Shouldn't authorities learn from them?!