Weapon of choice: 10 of the world’s most notorious hacker groups

1

Lizard Squad

Lizard Squad is a black-hat (a hacker or cracker who breaks into a computer system or network with malicious intent) hacking group responsible for several high-profile DDoS (Distributed Denial of Service) attacks, including those on the Sony PlayStation Network and Microsoft Xbox Live services in December 2014.

The group also claimed responsibility for the cyber attacks on Malaysia Airlines in January 2015, which resulted in website visitors being redirected to a page which read “404 – plane not found”, as well as a DDoS attack on Facebook, which downed the popular social media network.

Facebook still denies it was hacked and Malaysia Airlines claimed its domain had only been temporarily redirected elsewhere.

But if there’s one company the Lizard Squad seems to have a serious vendetta against, it is Sony. In August 2014, for example, it tweeted a threat against an airliner on which Sony’s president of online entertainment was travelling. The plane ended up making an emergency landing.

That same month, the group posted the ISIS flag on Sony’s servers and has made other allusions to the “cyber caliphate”.

02

Anonymous

 Anonymous is perhaps the most notorious of all hacker groups. It sprung from 4Chan, a controversial image-based bulletin board. It’s a decentralised online community of tens of thousands of anonymous ‘hacktivists’, who use their combined computer skills to attack and bring down websites as a form of protest.

The group became known for a series of attacks on government, religious, and corporate websites. It has attacked the Pentagon, threatened to take down Facebook, threatened Los Zetas (a Mexican drug cartel) and declared war on the Church of Scientology.

In 2010, Anonymous launched Operation Payback, after several companies, including Visa, MasterCard and PayPal, refused to process payments to WikiLeaks. It also publicly supported the Occupy Wall Street movement in 2011, attacking the website of the New York Stock Exchange.

Since 2009, dozens of people have been arrested for involvement in Anonymous cyber attacks, in countries including the US, UK, Australia, the Netherlands, Spain, and Turkey. Anonymous generally protests these prosecutions and describes these individuals as martyrs to the movement.

In 2012, Time named Anonymous one of the “100 most influential people” in the world. Critics have even called these digital Robin Hoods as a “cyber lynch mob”.

The group’s motto is “We are Anonymous. We are Legion. We do not forgive. We do not forget. Expect us.”

03

Syrian Electronic Army

One part hacktivist and one part cyber-terrorist, the group known as the Syrian Electronic Army (SEA) is considered by some as the first hacking collective in the Middle East to be openly supported by a government.

While it is unclear exactly what relationship the group has with the government of President Bashar al-Assad, it is known for employing methods including spamming, phishing, malware, DDoS and more to target political opposition, the media and even neutral NGOs.

It calls itself “a group of enthusiastic Syrian youths who could not stay passive towards the massive distortion of facts about the recent uprising in Syria”.

Back in 2012, Anonymous and the SEA also exchanged attacks and threats, which lead to Anonymous ‘declaring cyber war’ on the SEA.

Considering its support for Assad, the SEA often attacks Western media outlets that publish anti-Syrian messages. Prominent targets include the New York Times, CNN and The Washington Post. The group has also targeted the Facebook and Twitter accounts of President Barack Obama and former French President Nicolas Sarkozy.

To delve even deeper into the rabbit hole, the SEA has also been linked with posing as female supporters of Syrian rebels in order to steal war plans to use in the country’s ongoing conflict, leading to the death of a large number of rebels.

04

The Impact Team

The group known as the Impact Team recently made headlines when it hacked AshleyMadison.com, a controversial dating website that helps people engage in extramarital affairs.

New to the game, the group stole and exposed personal information of users of the two websites owned by Canadian company Avid Life Media (ALM), namely Ashley Madison and Established Men.

Its reasoning was that the company charges a $19 fee for completely removing a user’s personal information from its websites. It alleged the company was scamming users, be

05

The Hacking Team

 Governments, individuals, companies – you name it, this group has hacked it. The group has existed for 13 years, all within the protection of the law, and has thus netted some 40 million euros in revenue.

The Italian company that has reportedly sold spyware to 21 countries and has targeted journalists and human rights activists is perhaps most notorious because of how secretive it tries to be, even within its own company.

Despite these conflicts, the company continues to operate and export its software.

According to hacked emails posted by WikiLeaks, the Saudi Arabian government came close to buying controlling share of this ‘legit’ company, but the deal collapsed in early 2014 after Prince Bandar bin Sultan was removed as head of the Saudi intelligence service.

An analyst noted that despite increasing publicity over the last few years about The Hacking Team’s nefarious customers, the company suffered little blowback from exploit sellers. “In fact, by raising their profile, these reports served to actually bring Hacking Team direct business.”

Weirdly enough, in July, the firm that is famous for helping governments spy on their citizens was itself hacked by a single attacker. A massive leak (400 GB) of sensitive internal data was posted online.

The recent information leak from the company confirmed certain inner workings and business practices hinted at by earlier disputes with the Italian government, hacker collective Anonymous, lawsuits against its own employees, and even a United Nations panel monitoring the implementation of sanctions on Sudan.

06

LulzSec

After the HBGary Federal hack of 2011, LulzSec – or Lulz Security – formed as an Anonymous spinoff. Its slogan was “Laughing at your security since 2011”.

The group announced itself with a hack against Fox.com, and then Sony Pictures in 2011. The group even took the CIA website offline.

LulzSec is well known for ridiculing its victims after an attack, which made the analysts compare its hacks to internet pranks. In June 2011, a ’50 days of Lulz’ statement announced that the group had fallen out.

However, on 18 July, the News Corporation was hacked by the group, which then proceeded to post false news about the death of Rupert Murdoch.

In 2012, a few LulzSec members were arrested by the FBI after the group’s leader, Sabu, turned them in. Prosecutor Sandip Patel said the group thought of themselves as “latter-day pirates”.

07

Chaos Computer Club

As far as European hacker groups go, they don’t come any older than the CCC, which currently has well over 3,000 members. Since it’s inception in Berlin during the early 1980s, the group has been pushing its personal brand of liberal ethics wherever it can.

It gained worldwide notoriety in 1981 by hacking into a German computer network and debiting 134,000 Deutsche Marks from a Hamburg bank. It returned the money the next day, having proven that the system’s security was flawed.

The group’s primary mission is to expose security flaws. The CCC also weighs in on wider political debates over data privacy.

Members recently called for the encryption of all online communications to protect against government surveillance, a stance that puts its at odds with increasingly terror-leery European Union (EU) officials.

In an interview, CCC member Falk Garbsch spoke about mass surveillance: “There have to be consequences. The work of intelligence services has to be reviewed – as does their right to exist. If necessary, their aims and methods will have to be redefined. We have to think about how these [shared] data are processed and where they can be allowed to resurface. And this is not just the challenge for 2015, but for the next 10 years.”

The group has protested French nuclear tests, stolen money on live TV via Microsoft’s ActiveX, and examined the German government’s own malware.

08

Bureau 121

 In North Korea, countless resources have been poured into developing a sophisticated cyber warfare unit called Bureau 121.

Founded in the 1980s, Bureau 121 has grown exponentially to become one of the world’s largest cyber organisations.

It’s based in Pyongyang, but also reportedly works out of the basement of a North Korean hotel and a restaurant in Shenyang, China. The unit is estimated to have recruited nearly 6,000 programmers.

A 2014 investigative report by Hewlett Packard identified Bureau 121 as being able to deliver multi-staged, coordinated attacks that could spread malware and disable or evade anti-virus protections.

In 2013, North Korea was reportedly behind a widespread attack on three South Korean broadcasters and a major bank. The attack froze thousands of news broadcasters’ computers and ATMs across the country were unable to disperse cash.

In March 2015, South Korean authorities blamed North Korea for a massive data breach on Korea Hydro and Nuclear Power – the company that operates South Korea’s 23 nuclear reactors.

A 2014 data breach report found that nearly half of all US companies had been hacked. Even so, there is limited evidence of any North Korean involvement – except for the Sony Pictures case where all the executives’ dirty laundry was hung out in public.

09

Hidden Lynx

Symantec, which named the group Hidden Lynx, says the unit has been in operation as “hackers for hire” since at least 2009, and has “the capability to attack many organisations with concurrently running campaigns”.

Hidden Lynx, according to Symantec, “are the pioneers of the ‘watering hole’ technique” used to ambush targets. It has early access to zero-day vulnerabilities (a hole in software that is unknown to the vendor), and has the tenacity and the patience of an intelligent hunter to compromise the supply chain to get at the true target.

Among other stunts, during one 2012 campaign, it hacked the authentication keys used by application whitelisting company Bit9, allowing it, as Ars Technica notes, to “infect more valuable targets inside military contracting firms who used the service”.

All indications seem to point to China as Hidden Lynx’s main base of operations, but it isn’t certain whether it is some sort of a state-sponsored entity or a powerful mercenary group.

The members’ advanced skills and techniques – as well as the fact that their infrastructure and command and control servers all originate in China – make it highly unlikely that the group is unsupported.

10

Deep Panda

 One hacking group that appears to be sponsored by the Chinese government has been tied to several successful attacks in the last year.

Lacking a name for the unit, the security firm CrowdStrike gave it one: Deep Panda.

Active since 2007, the group allegedly works out of People’s Liberation Army-owned buildings.

The hackers’ latest handiwork may have been the massive Anthem data breach, which exposed the personal information of more than 80 million insurance policyholders.

That cyber attack put Anthem customers at risk for identity theft throughout their lives.

Deep Panda has been tied to cyber attacks on US foreign policy think-tanks and individuals who are experts on the Middle East and Australian media outlets.

A 2014 investigation by CrowdStrike also blamed the group for sending malware to organisations across the US defense, healthcare and technology sectors.

“This group uses a wide variety of tools, including generic hacking utilities, in order to gain access, establish persistent network access, and move laterally though the victim network,” an FBI official stated in a memo.

Read more: http://www.catchnews.com/science-technology/weapon-of-choice-10-of-the-world-s-most-notorious-hacker-groups-1443414219.html

Camilla Wood

UK based Legal Aid Lawyer

Leave a Reply

Your email address will not be published. Required fields are marked *