Anonymous: A Hot Autumn is Coming


The summer is ending and we must be prepared to a new season of attacks of Anonymous collective, last weeks we have registered several attacks of the group of hackers that suggest a warm autumn.
Last week with a series of attacks Anonymous targets Electronics Manufacturer AVX, the hackers have hit the website for electronics manufacturer AVX as part of an operation named #OperationGreenRights.
The group accessed to company database using a SQL injection attack publishing the stolen data in privatepaste.com.
The web site of AVX company after the attack was not available displaying the message to inform user that the company was "performing essential maintenance".
Why Anonymous has attacked the company?
AVX, according the Pastebin post, has interest in extracting the ore coltan (short for columbite–tantalite) from the Congo, the group declared:
"A civil war has grew up in Kivu, east Congo, in 2012 and it's due to the warlord Mr. Ntaganda formerly involved in 1998 war for coltan,"
"We underline that Kivu in very rich in coltan mines. So we know that AVX was directly involved in Congo's war in 1998 but no one force them to pay for their crimes and in 2012 no one can guarantee that AVX is not taking coltan from Congo's war areas."
The African area is rich of minerals, the control of related market is one of the primary reason for internal conflicts.
AVX wasn't the only company attacked during the #OpGreenRights, in the last days of August also Philips website had been hacked and related data posted on line, over 200,000 client and subscriber emails and personal details have been leaked from its servers.
Also another two electronics giants have been hacked by the group of hacktivist, Siemens Switzerland and Fujitsu General Brazil. Also in these attacks the database were violated and data being leaked via paste sites.
The operation #OpGreenRights was also accompanied by other actions of the group the most famous of them was #OpFreeAssange to support the Assange's cause and to protest against UK government.
Anonymous has launched a series of DDoS attacks against the targets including the Ministry of Justice and the Prime Minister's websites to protest against Britain position on Julian Assange's granting of political asylum by Ecuador.
In a couple of weeks several British institutions and companies have been attacked by @WikiboatBR, following a short list of the targets.
The hacking group ‘Team GhostShell' has recently wrested 1 million database records from a 100 different websites during the #opHellfire.Victims of the attack were banks, consulting firms and government agencies, the hackers used the tool SQLmap.
Why did they do it?  They claim it was payback for law enforcement arresting hackers,
www.history.knowsley.gov.uk
www.nag.co.uk
www.dlink.co.uk
www.mcc.ac.uk
www.tex.ac.uk
www.sanger.ac.uk
www.gsfc.nasa.gov
www.navy.mil
www.washington.edu
and also
http://groups.physics.ox.ac.uk/default/ #Leaks:http://pastebin.com/fHn0JcJ8
http://www.londoncityinstitute.com #Leaks:http://pastebin.com/s46YM5mn
http://cribcleaners.co.uk/
http://www.beerstreet.co.uk
http://www.bluebearsystems.co.uk/
http://www.bbsr.co.uk/
http://livingishealthy.com/
http://archerybeds.com/
http://inglepingle.co.uk/
http://londoncitystreets.co.uk/
http://vocarillon.co.uk/
http://fmht.co.uk/
http://avaperslife4me.co.uk/
http://dust514-fan.co.uk/
http://cheap-electronic-cigarette.co.uk/
http://www.halo-electronic-cigarettes.co.uk
http://www.emmanuellechazarin.co.uk
http://www.edinburghskeptics.co.uk
http://bankhead-house.co.uk
http://www.solutions4land.co.uk/
http://www.staffslc.gov.uk/
We can continue to the bitter end, the lesson we must learn is that Anonymous has now become a part of our day life, an element with which every security expert will have to face sooner or later. Continue to ignore the phenomenon of hacktivism is very dangerous, groups like Anonymous can cause serious damage to private companies and government organizations.
Another aspect to note is that despite we discuss a lot of security of infrastructures and security best practices, in many cases, attacks are carried out with known techniques and easy to prevent... it's a sin have devastating effects today as yesterday.
Are we ready for a warm autumn?

Pierluigi Paganini 

Comments

Popular posts from this blog

AntiCloud Trojan Reverse Engineering Analysis

SQL Injection: The Equal Opportunity Vulnerability

Secure Sockets Layer (SSL)