In a fractious free-for-all, rival hackers engage in tit-for-tat attacks on each other, often for no better reason than to outwit the other guy. http://nyti.ms/lWovGt
This is a NYT repost.
Hackers Select a New Target: Other Hackers
In a war of egos, it's one hacker against another.
The hackers, calling themselves the A-Team, assembled a trove of private information and put it online for all to see: names, aliases, addresses, phone numbers, even details about family members and girlfriends.
But their targets were not corporate executives, government officials or clueless bank customers. They were other hackers.
And in trying to unmask the identities of the members of a group known as Lulz Security, the A-Team was aiming to take them down a peg — and, indirectly, to help law enforcement officials lock them up.
The core members of Lulz Security “lack the skill to do anything more than go after the low-hanging fruit,” the A-Team sneered in its posting last month.
In recent weeks, attacks on companies like Sony and government sites like senate.gov have raised concerns about increasingly organized and brazen hackers. On Monday, a Twitter account for Fox News was hijacked.
But much of the hacking scene is a fractious free-for-all, with rival groups and lone wolves engaged in tit-for-tat attacks on each other, often on political or ideological grounds but sometimes for no better reason than to outwit — or out-hack — the other guy.
The members of Lulz Security, or LulzSec, have been at the center of the sniping lately. The group won global attention through attacks on the C.I.A., Sony, the Arizona state police and other organizations, putting at risk the personal information of tens of thousands of people in the process. Even as they attacked, the LulzSec members craftily concealed their own identities, all the while articulating an ever-changing menu of grievances, from government corruption to consumer rights.
LulzSec’s provocative attacks and flamboyant style made it a tempting target. Other hackers, equally adept at maintaining their anonymity, have been seeking to penetrate the online aliases of the group’s members.
Late last month, LulzSec announced that it was disbanding, and that its members would continue their activities under other banners. But the F.B.I. and other agencies are continuing their pursuit, aided by information unearthed by other hackers. In fact, the Lulz Security members face the real possibility that if they are caught, it will be their fellow hackers who led the authorities to their doorsteps.
“This unfortunately represents one of few ways law enforcement gets good inroads into this community,” said Bill Woodcock, research director at the Packet Clearing House, a nonprofit group in Berkeley, Calif., that tracks Internet traffic.
In hacker parlance, to be unmasked is to be dox’d, as in documented. And by hacker logic, to be dox’d is to be put out of business. An online alias is an essential weapon: it conceals a person’s name and whereabouts, while allowing the creation of an alternate identity.
Indeed, the handbook for new recruits to Anonymous, the global hacker collective from which Lulz Security sprang earlier this year, contains tips on safeguarding one’s identity — from how to steer clear of Web sites that track online activity to masking one’s Internet provider.
One of the tools it suggests is Tor, a network of virtual tunnels originally developed by the United States Naval Research Laboratory to protect online government communications. “In our world,” the handbook concludes, “a good defense is the best offense.”
Despite the detailed profiling by the A-Team and other hacker groups including Team Poison and Web Ninjas, no professed Lulz Security member has admitted to being dox’d, and some have merrily denied it. But the campaign seems to have had some effect.
The A-Team’s supposed outing of seven of Lulz Security’s members coincided with the group’s announcement that it was disbanding. And a spokesman for the group, using the alias Topiary, bid a public farewell in typically impish language: “Sailing off — watch your backs and follow the north wind, brazen sailors of the ’verse.”
The A-Team posting about LulzSec included mundane personal details. The sister of one purported LulzSec member, it said, was a bartender in a bowling alley in a small British town. Another member was described as “very ugly.” A third, the group railed, cannot hack at all: “He doesn’t actually do anything except give interviews.”