Additional to the last post.
It contains links to twitter feeds that line up with the raids, and a few more links with more information.
The wired article has more details also.
This was all from operation payback in December 2010.
There is always a trail to follow, they may not follow it fast but they get you one day.
The list of people picked up is staggering. The majority of the ages are less then 30, with a few that are way out of the norms. This is still in reaction to the DDoS against PayPal way back when, the amount of information that they have to go through to do this must be huge.
So the Web Ninja’s, Th3J35t3r and a Indiana Jones have posting information on the “real” Sabu.
The guy that is named as Sabu replied to the thread saying he was not Sabu, and Sabu tweeted that it was right. So whats going on?
I don’t know but from my perspective more beer will solve it.
The gentleman who has been outed that says hes not said that he sold a domain in auction that Sabu purchased that the whole bread trail relies on. The Web Ninja’s asked for a receipt.
Then Gwaker had to get in on the whole thing.
It also appears that Sabu is still active inside anonymous, if you have been following the latest antisec releases.
I have been prepping for an up coming exam and I have not been able to do as much as I like with it, I am hoping that I will have some time soon. If not I will be picking up this topic again in a couple more months when I am done with the test, and before I start my next paper.
I keep hearing about these more and more, after a bit of research there seems to be more of it in the UK. At least what I could find they were the most vocal. I got one of these myself at home, but someone else answered the phone and kindly informed them they don’t have Windows PC’s.
I found this one also, is a good laugh.
I really liked this forum post, http://whocallsme.com/Phone-Number.aspx/01865600898.
One of the scammers chimes in saying that he is legit, in his broken poor English.
This seems to be pretty effective at getting access to funds and machines, but wow that’s not efficient.
Looks like if you logged in with a you got a connect back trying to establish a shell.
The read about this bot is great.
I especially like the affiliate program that pays you to help infect machines for them. This is not the first time I have see something like this, but this one just seems to stick out.
The communication the system uses is highly resistant to C&C take downs, it’s just encrypted files on a public p2p network.
I won’t spoil any more of it.
It’s getting to be time that electronic weapons such as computer viruses had some sort of international agreement on their use such as the biological weapons convention.
I like the articles of the BWC and ideally for everyone I think we need a NBWC for non-biological wepons that would cover weaponized software like Stuxnet. If this was written correctly we may even be able to enable international law enforcement to have something to charge these authors with.
I can think of a few countries off the top of my head that would probably never sign something like this, but you can always hope.
This may have been a group acting on it’s own, but I think it would be more likely that this was state sponsored.
Much like the incident that replaced the bomb making recipe with muffins.
Then again if this was state, I think it may have been more valuable to get in and monitor the communication channel. But you never know you can always do both.
It sounds like at least one member has packed it up.
Another member was also outed, and some more information has been located. It was posted in the comments section. It appears to list the name of the web designer someone stumbled across it and I would assume through the authors vanity. You just had to go to the write domain and it appeared it the URL.
I can’t see it taking more then a week or two until we start seeing arrests.