Browse archive

Latest news

The CSO perspective on healthcare security and compliance

Form-grabbing rootkit sold on underground forums

Large cyber espionage emanating from India

U.S. DOD decides iPhones and iPads can connect to its networks

Barracuda updates web application firewall

Targeted data stealing attacks using fake attachments

New Mac spyware signed with legitimate Apple Developer ID

Ransomware adds password stealing to its arsenal

"Get free followers" scam targets Instagram users

Thoughts on the need for anonymity

IT security jobs: What's in demand and how to meet it

Hacking charge stations for electric cars

HBGary's systems and website hacked by Anonymous

Posted on 07 February 2011.

Following HBGary Federal's COO Aaron Barr's claim that he discovered the identities of Anonymous' leaders through the use of social networks, the internet group reacted by hacking into the security company's networks and website.

For a while, the website contained a message from Anonymous, in which the group claims that Barr is so far off when it comes to their real identities, that it would share the information with the FBI for free. This jibe is a reaction to an e-mail sent by Barr to the federal agency in which he talks about selling the gathered information.

“We’ve seen your internal documents, all of them, and do you know what we did? We laughed. Most of the information you’ve ‘extracted’ is publicly available via our IRC networks,” they said. "Your glorious fallacious work can be a wonder for all to scour, as will all of your private emails (more than 66,000 beauties for the public to enjoy)."

According to Brian Krebs, Greg Hoglund - a well known-security researcher and one of the founders of HBGary - says that the attackers who breached the company's system have shown skills that surpass those used in typical website-oriented Anonymous hacks.

“They broke into one of HBGary’s servers that was used for tech support, and they got emails through compromising an insecure Web server at HBGary Federal,” he says. “They used that to get the credentials for Aaron, who happened to be an administrator on our email system, which is how they got into everything else."

They also managed to gain access to the e-mail account used by him and used it to ask the admin of rootkit.com (a security research site maintained by Hoglund) to open the firewall and reset Hoglund’s password.

In addition to all that, Anonymous members have hijacked Barr's Twitter account - along with accounts of other HBGary employees - and published his Social Security number and address, along with a series of offensive messages.

The Tech Herald reports that Anonymous had gained access to the company e-mails, malware data, financial data, PBX systems and more and has already made public many of its internal documents in the form of a torrent file.

The company's President Penny Leavy, Greg Hoglund and Aaron Barr have attempted to do some damage control by talking to the Anonymous members on an IRC channel used by them and asking them to put a brake on their actions - especially when it comes to the disclosure of e-mails that have not yet been published.

Barr denied that he was talking about the selling of the data to the FBI. "The email you are referring to about selling data was about a model built on this type of research. It was not to sell specifically this data," he claimed, and delivered a parting blow: “…guys you hacked our servers, took our data, and posted it to the public...it’s criminal now... it’s out of my hands...”