I had the opportunity to chat with #AntiSec hacker D3V29 in an IRC session regarding his recent data dump of MySpace and Paypal account data. D3V29 indicated that he was able to grab this data at an undisclosed retail location that had free wifi. Using custom tools, D3V29 was able to lift the login details for users PayPal accounts along with data from user MySpace accounts. A list of the Paypal accounts identified can be seen here. A list of Myspace user logs/passwords can be found here.
The #AntiSec movement picks up steam where LulzSec left off after 50 days of hacking various high profile websites. The movement seems to continue to grow as more hackers join in on the movement. While there are some high profile targets that the movement will undertake, D3V29 was not forthcoming with who or what was in his crosshairs. When I asked D3V29 about his next target he just hit me with a :) and a "who knows".
Some people might call them criminals, but I believe that the hackers are for the first time exposing the dirty underbelly of Internet security by providing the public and the United States a good look at what has actually been going on since the beginning of the Internet. Our data is not safe, and we still have not taken Internet security seriously. In fact, we have been lulled into a false sense or security by thinking that using Firefox alone and some antivirus software is going to protect us. The truth is our information is out there to grab when we use unsecured wireless networks. Whether you like it or not, the United States is in the early stages of a cyberwar where the belligerents are mix of nation states, organized crime syndicates, terrorist organizations, hacker groups, hactivist and individual script kiddies acting alone. This war has actually been going on for years but has now finally bubbled to the surface.
No comments:
Post a Comment