Laughs Just Keep on Coming — LulzSec’s Final Release Contained Malware
Saturday night as was I reporting on the “retirement” of the criminal hacker gang LulzSec, I took a chance: I downloaded the file containing the group’s “final drop,” which it had released to the BitTorrent site The Pirate Bay.
The file was 600-plus megabytes and contained several things, including evidence that the group, or someone helping it out, had defaced a Navy civilian jobs board and a list of corporate networks belonging to numerous companies, including the Walt Disney Company. But the biggest thing inside that folder was a trove of documents apparently taken from wireless giant AT&T concerning the planned construction and rollout of its LTE network. (Incidentally, AT&T isn’t commenting on the documents, and so won’t say whether they’re authentic.)
Also nestled within that folder was yet another folder labeled BootableUSB. I didn’t think anything of it on a Saturday night. It didn’t occur to me that it would be odd for a folder with such a name to be included among a folder of documents looted from a company. I promptly forgot about it.
I found out today that directory, which in hindsight should have set off alarm bells, contained malware — trojans and worms and all sorts of nasty things that no one in their right mind would want. Anonymous, which has in the last 24 hours taken all of LulzSec’s members under its organizational wing (more on that in a moment), confirmed that the original torrent was infected.
At least one of the folders, labeled WinRAR, contained malware that was masquerading as the legitimate version of WinRAR, a Windows compression utility. The StopMalvertising blog goes into significant detail here.
For the record, I took a screen shot of the directory’s contents, which to my eye looks a lot like a ticket to a headache-filled day for any Windows user. Thankfully I use a Mac. Anonymous says that a cleaned-up version of the torrent has been released. But if it’s all the same to you, I’ll avoid downloading this one. You can see the list of malware files in the pictures below. Click them to make them bigger. If you know what any of them are, leave a comment.
Word of the infected torrent — which I consider more supporting evidence that the LulzSec crew was really a bunch of neophytes and nowhere near the unstoppable super-hackers they’ve been made out to be — came on the same day that Anonymous announced it had absorbed LulzSec’s members under its own banner.
“AntiSec” refers to the “Anti Security movement” that LulzSec, in a rare moment of thoughtfulness, came up with to describe the closest thing it has to a philosophy. It’s the sort of thing that Anonymous, the amorphous batch of hackers sympathetic to Wikileaks, would seem to find attractive. Plus, for the LulzSec gang, there is — at least in theory — some added safety in larger numbers, though there’s been a lot of speculation that the two groups already share several overlapping members.
- Despite All the Attention, LulzSec Hackers Failed
- At The Height Of Their Infamy, LulzSec Hackers Call It Quits
- Arizona Confirms LulzSec Docs Are Authentic, Worries About Officer Safety
- LulzSec Goes All Wikileaks On Arizona State Cops
- LulzSec Shrugs After Scotland Yard Nabs Hacking Suspect (Updated)
- LulzSec And Anonymous Team Up to Hack Governments and Banks
- Viral Video: LulzSec Gets Taiwanesed
- CIA Web Site Goes Down; LulzSec Takes Credit
- LulzSec Blasts Space Game Eve Online, Other Gaming Sites
- LulzSec Strikes Again, Hits Bethesda Softworks And U.S. Senate
- Turkey Arrests 32 Alleged Members of Anonymous, Days After Arrests in Spain
- Web Security Start-Up Cloudflare Gets Buzz, Courtesy of LulzSec Hackers
- No Hacks to Report at Xbox, But Microsoft Isn’t Letting Its Guard Down
- No LulzSec Hackers Have Been Arrested–At Least Not Yet
- LulzSec Posts More Sony Data, Amid Claim One of Them Is Arrested
LulzSec Strikes Again, Claims Attack On Nintendo Server
Sony Hacked for What Seems To Be the Umpteenth Time
- Sony’s Playstation Network Is Back. Sony’s Reputation Will Take a Little Longer.
- Exclusive: Sony Considers Offering Reward to Help Catch Hackers
- Anonymous Claims It Took No Credit Card Numbers From Sony
- Sony Implicates Anonymous in Attack; Group Denies Involvement
- Sony Apologizes For the Playstation Network Breach
- Sony Blames PlayStation Outage on “External Intrusion”