In a series of escalating threats and schemes leading up to Guy Fawkes Day, Anonymous decided that they’d like to tangle with Los Zetas, the second most powerful drug cartel in Mexico. It all started with a video threatening the cartel. Los Zetas had abducted an Anonymous affiliate during Operation Paperstorm, and the video threatened that unless said affiliate was released, Anonymous would release some data they had regarding certain Los Zetas affiliates, including some dirty cops. That was the plan, at least. Now it seems like they’re backing down. Key word: Seems.

On Sunday night, two self-identified (as they always are) Anonymous affiliates Skill3r and Glyniss Paroubek, essentially called off the attack, acknowledging that, however things played out, Operation Cartel was going to get some people killed.

“We didn’t want irresponsible administrators to condemn participants [in the Operation] to death. We’ve discussed it extensively and and we all decided to remove it.”

Due to the excessive costs of various lawsuits and the problems of a blockcade by nearly all large credit cards, WikiLeaks has stopped leaking and is diverting all power to shields aggressive fundraising in order to get enough money to fight the credit card companies in court. Bank of America, VISA, MasterCard, PayPal and Western Union all refused to accept donations for WikiLeaks on December 7th of 2010 and the situation has reached a particularly dire point.

While it seems that the companies engaged in the blockade have gotten what they’ve wanted, WikiLeaks doesn’t look like it’ll be going down easy. The site is not shutting down and is, instead, fundraising like crazy. On every page a “donate” window pops up and upon clicking the donate button, users are provided with several walkthroughs explaining exactly how they can donate so that the money actually gets to WikiLeaks.

In a move that we can all get behind, hacker group Anonymous has announced that they have taken down a huge cache of child pornography and released 1,589 usernames of the website’s patrons. The action came as part of Operation Darknet, which targets illicit websites that are part of an unindexed and therefore unsearchable corner of the Internet.

The server in question is owned by Freedom Hosting, and apparently services over 40 child pornography websites. The largest of these, disturbingly called Lolita City, was said to contain over 100gb of child pornography.

Interestingly, the Anonymous hack is extremely well documented.

Word on the street is that Anonymous has been testing out a new weapon that they intend on using tomorrow as a cyber component to a physical protest on Wall Street. The new weapon, called #RefRef, is intended to replace their current weapon, the Low Orbit Ion Cannon (LOIC). Though designed to take down websites, #RefRef  is not merely an iteration on the LOIC but functions in an entirely new way.

Anonymous’ distributed denial of service (DDoS) attacks generally employ botnets to flood the target servers with requests. While the past iterations on the LOIC have increased the number of requests in the flood, #RefRef executes a DDoS from the inside out. Instead of orchestrating an army of zombies to request the target server, #RefRef initiates a flood of processes on the target server itself. #Refref has reportedly been tested on a number of sites including Pastebin (see picture) and Wikileaks. According to Anonymous, #RefRef is to be released tomorrow in concert with physical protesters during #OccupyWallSt.

The prolific hacker group Anonymous is taking a brief breather from DDoS attacks to bring you something a little different, a Twitter app. The app, called URGE for Universal Rapid Gamma Emitter, is designed to help users “hijack” trending topics on Twitter for the purpose of helping other, Anonymous-related hashtags reach higher levels of popularity and start trending on their own.

According to Anonymous, the app was developed in order to combat the increasing inanity of trending Twitter topics and help bring more attention to the kind of things Anonymous tends to be interested in, like politics, revolutions and human rights violations. All that being said, the app is fairly simple. Like other Twitter platforms, it allows vanilla tweeting with a few added options that basically amount to automatic hashtagging.

After San Francisco’s Bay Area Rapid Transit (BART) fessed up to disrupting cell phone service in hopes of preventing a protest, they attracted some attention from your friendly, faceless, neighborhood hacking organization Anonymous. Naturally, the accusations of censorship flew and Anonymous threatened cyber-justice through hacking. Sometime between noon and 6 p.m. yesterday, they followed through.

The hack, in addition to defacing the site with signature Guy Fawkes masks, also turned up some internal documents including a User Info Database that contained addresses and phone numbers of thousands myBART users. Following the leak, Anonymous apologized to the non-BART employees, assuring them that “the only information that will be abused from this database is that of BART employees.”

For BART, It’s not over yet: Anonymous is making the push for another real, in-person protest at the Civic Center station today (8/15) at 5 p.m.

Like previous operations against PayPal and Sony, Anonymous has announced Operation Facebook, an attempt to disable Facebook on Guy Fawkes Day, of all days. Except, have they? This particular situation really lays bare the process by which a decentralized organization operates. The origin of Operation Facebook traces back to a YouTube announcement in typical Anonymous style, uploaded by the user FacebookOp on July 16th. It is his only video. The video also makes mention of a Twitter account devoted to the project.

The catch? Well, the Twitter account only has one tweet, dating back to July 16th, the day the video was uploaded. To boot, Anonymous, a notoriously talkative bunch, haven’t mentioned anything relating to that particular project despite all the things that have happened in the meantime. And the statement referenced was released on “pirate pad” instead of the iconic, and usual Pastebin. While the story is starting to be picked up by CNN, Business Insider and the Village Voice, I’m having trouble finding any references to the project before it was picked up by large media outlets. The video dates to mid-July, but nearly all coverage of the story is in August. So, is this a real threat or is the coverage of it making it real?

Last week, cyber security firm McAffee exposed a massive cyber attack operation as an object lesson for individuals, companies, and world governments to show that everyone is at risk. In a post written by Dmitri Alperovitch, McAffee’s VP of Threat Research, the logs of a Remote Access Tool (RAT) revealed that over 70 organizations had been infiltrated in the last five years through a single, coordinated effort. It has been named Operation Shady RAT.

According to the McAffee report, Shady RAT appears to be a case of national espionage. The list of breached systems runs the gambit from national governments (including the United States, Canada, India, Vietnam, and Taiwan), defense contractors, communications organizations, international sports organizations, and even real estate companies.

While 70-odd intrusions may not seem like much — after all, we’ve discussed botnets with millions of infected computers in the past. However, these are not the brute-force denial of service attacks or mere LulzCannon-ings, but sophisticated and long-term intrusions. For instance, McAffee says that the shortest intrusion lasted one month, while the longest-running operation went on for some 28 months within the International Olympic Committee.

In retaliation for Anonymous’ hack of the Syrian defense ministry webpage, a Syrian hacking force alleged to be called the “Syrian Electronic Army” struck back at Anonymous. How, you ask? They defaced Anonymous’ pet project, the social network AnonPlus, by replacing the homepage with the message above, including gruesome pictures of burned and mutilated bodies. Anonymous’ original hack was said to be in support of protesters in Syria and left a message encouraging the Syrian military to revolt against President Bashar al-Assad instead of supporting his suppression of the protests. The counter-hack attributed the current Syrian violence, depicted in the gruesome photos, to Syrian demonstrators instead.

The origin of the hackers was not mentioned on the defaced website. The attribution of this hack to the Syrian Electronic Army comes from a tweet by Citizen Lab, and the SEA are a recognized, public hacking organization, strikingly similar to Anonymous in their press and methods. They even have a bit of that Anonymous flavor to their message, stating that.

In response to your hacking to the website of the Syrian Ministry of Defence, the Syrian people have decided to purify the internet of [y]our pathetic website

Read on...

The ever-present, always busy Anonymous has been up to their hacking ways again, this time taking down the website for the Syrian Ministry of Defense. The hacked webpage included a message to the Syrian people, assuring them the world is on their side and against the regime of Bashar Al-Assad, and a message to the Syrian army, encouraging them to “defend [their] country” by rising up and unseating Al-Assad by force.

Images at the top of the hacked page linked to videos depicting ongoing violence in Syria and the bottom of the page contained links to various protest groups. Source code from the page suggests the hack was performed by someone who uses the handle Poppy. While Anonymous is no stranger to hacks motivated by global politics, this is the first time in a while that they have hacked anything unrelated to the arrest of Anonymous affiliates or the support of WikiLeaks. Only time will tell if this is a one-off attack, or the start of an entire campaign.