Home : Public Sector : News

Anonymous hackers hit FBI collaborator

Anonymous compromises various HBGary Federal websites and accesses around 50,000 emails.

By Tom Brewster, 7 Feb 2011 at 12:51

Anonymous has fought fire with fire after a firm claimed to have discovered the identities of some leading players at the hacktivist group.

Over the weekend, Aaron Barr, chief executive (CEO) of HBGary Federal, told the Financial Times he had discovered the identities of Anonymous leaders.

HBGary has been working with the FBI on identifying Anonymous hackers.

Anonymous said Barr’s information was “woefully inaccurate” and provided “no incriminating evidence against any of the persons named.”

The group said it decided to launch attacks against HBGary after learning the latter planned to sell a document to the FBI containing details on dozens of Anonymous participants.

“Within hours of learning this, Anonymous infiltrated HBGary Federal's network and websites,” an Anonymous release found on AnonNews.org read.

“Anonymous acquired the document with supposed personal details of anons, along with 50,000 company emails … all of which have now been distributed on the internet.”

Barr’s Twitter account was also compromised, with a number of offensive messages posted. Anonymous said other associated websites and social media accounts had been hijacked.

Anonymous did not use its usual form of attack – a distributed denial of service (DDoS) strike – to compromise the various sites.

According to Krebs on Security, social engineering tricks were used and the hackers “showed real skills.”

Greg Hoglund, co-founder of HBGary, told the blog that Anonymous had compromised an insecure web server and then used information from that "non-important system" to gain access to "systems of interest."

“From a legal perspective, Anonymous had better hope they remain anonymous,” said Chester Wisniewski, senior security advisor at Sophos Canada, in a blog.

“The criminal activities outlined by their own bragging could get them some serious prison time in the US, UK and other countries with strict cyber security laws.”

Last month, the FBI issued over 40 search warrants as part of an investigation into Anonymous distributed denial of service attacks, after UK police arrested five males in relation to the group’s activities.