Scotland Yard Arrests LulzSec, Anonymous Suspects - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Government // Cybersecurity

Scotland Yard Arrests LulzSec, Anonymous Suspects

"Kayla," thought to be key LulzSec figure, part of sting. Reacting to the arrests, Anonymous hackers are crafting less traceable attack tools.

Scotland Yard on Thursday announced that as part of a trans-Atlantic investigation with the FBI into the hacktivist groups LulzSec and Anonymous, it had separately arrested two men, age 24 and 20, on charges of misusing computers. They're due to appear in court on Wednesday.

"The arrests relate to our enquiries into a series of serious computer intrusions and online denial-of-service attacks recently suffered by a number of multi-national companies, public institutions, and government and law enforcement agencies in Great Britain and the United States," said detective inspector Mark Raymond from the Metropolitan Police's central e-crime unit, reported the Associated Press.

At least one of the arrests appears to relate to an investigation into the LulzSec operator known as "Kayla," Scotland Yard told the Guardian. Interestingly, Kayla's Twitter feed hasn't been updated since 1:34 p.m. U.K. time on Thursday.

"Kayla, alongside the likes of Sabu, Topiary, and Tflow, is considered to be one of the key figures in the LulzSec hacking gang," said Graham Cluley, senior technology consultant at Sophos, in a blog post. "However, Kayla--who has claimed involvement in the hack against security firm HBGary--has presented herself online to be a giggly 16-year-old girl. Although Kayla has given interviews to the press in the past, 'she' has always declined to use Skype to confirm an adolescent female voice."

Also on Thursday, Scotland Yard, as part of a separate investigation into Anonymous attacks, arrested two men, age 26 and 20 on charges of "conspiracy to do an unauthorized act in relation to a computer." The two men were released on bail, but are due to appear in court on Wednesday along with a man, age 22, and boy, age 17, previously arrested on similar charges. Meanwhile, a 16-year-old boy arrested on similar charges has been referred to a youth justice board.

The arrests of so many people involved in Anonymous operations has led its members to try and build a replacement for the distributed denial-of-service tool, dubbed Low Orbit Ion Cannon or LOIC, that the group had favored for attempting to knock targeted websites offline. As many Anonymous participants have now learned, each packet sent by LOIC wasn't necessarily anonymous. In fact, unless users actively changed their packet source address, it was often contained in every packet launched by LOIC. Authorities have apparently been tracing those source addresses back to participants, in part by using lists of attack addresses supplied by organizations that were hit with LOIC, such as PayPal.

According to the AnonOps Communications blog, which has served as a reliable source of Anonymous-related news, the new tool, dubbed RefRef, was built with JavaScript, and is designed "to use the target site's own processing power against itself," according to the blog. "In the end, the server succumbs to resource exhaustion due to #RefRef's usage," apparently by using a known SQL injection vulnerability.

The tool was reportedly tested earlier this week in an attack against the website of WikiLeaks, which Anonymous famously supported (although it was originally formed to attack the Church of Scientology).

One or more hacktivists claiming responsibility for the takedown said they had "a personal vendetta against WikiLeaks," and later posts suggested the disagreement involved money. But according to the Twitter post: "We are sorry we took you down. We are even."

RefRef has also apparently been tested recently against Pastebin and online community 4Chan, from whence Anonymous sprung. RefRef is due to be officially released on September 17, 2011. But whether it keeps Anonymous members who use it anonymous remains to be seen.

The vendors, contractors, and other outside parties with which you do business can create a serious security risk. Here's how to keep this threat in check. Also in the new, all-digital issue of Dark Reading: Why focusing solely on your own company's security ignores the bigger picture. Download it now. (Free registration required.)

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Think Like a Chief Innovation Officer and Get Work Done
Joao-Pierre S. Ruth, Senior Writer,  10/13/2020
10 Trends Accelerating Edge Computing
Cynthia Harvey, Freelance Journalist, InformationWeek,  10/8/2020
Northwestern Mutual CIO: Riding Out the Pandemic
Jessica Davis, Senior Editor, Enterprise Apps,  10/7/2020
White Papers
Register for InformationWeek Newsletters
Current Issue
[Special Report] Edge Computing: An IT Platform for the New Enterprise
Edge computing is poised to make a major splash within the next generation of corporate IT architectures. Here's what you need to know!
Flash Poll