LulzSec

Anonymous, LulzSec and other hacktivists aren't as anonymous as they might think. They're being watched. On this week's Patch Monday podcast, a watcher tells us what he sees. 

Israeli information security researcher Tal Be'ery is the web security research team leader at Imperva's Application Defense Center (ADC), where he leads efforts to capture and analyse hacking data.

Accused LulzSec hacker Cody Kretsinger pleaded guilty today in a federal court in Los Angeles, California, to felony charges associated with the breach of Sony Pictures Entertainment that occurred in mid-2011. Kretsinger went by the moniker "Recursion" and testified that he took part in a SQL injection attack on the Sony Pictures site, and stole personal information from thousands of people registered with the site. He also testified that he gave that personal information to other members of LulzSec to post publically.

In a recent interivew with Softpedia News, members of LulzSec Reborn claimed that they were not connected to Anonymous, but it seems that there’s more to it than that. An Anonymous representative reveals that not only they’re not connected, but also, they’re totally against the newly formed collective.

LulzSec's Ryan Cleary, the 19-year-old arrested last June for aiding in the operations of notorious hacking collective LulzSec, has landed back in jail.

Cleary, who was never an official LulzSec member but ran an Internet Relay Chat that the group used to communicate, had apparently been trading e-mails with Hector Xavier Monsegur, a.k.a. Sabu, the recently outed LulzSec mastermind turned FBI informant. That was a direct violation of his bail agreement, which dictated that Cleary was to have no access to the Internet whatsoever.  

An unidentified admin for Tennessee-based E Singles Inc. denied that its website, MilitarySingles.com, was breached, despite claims to the contrary.

"LulzSec Reborn" surfaced this week with a new collection of hacks. F-Secure's Chief Research Office Mikko Hypponen strongly doubts this is the same group, as does the company's Security Advisor, Sean Sullivan.

Hackers have broken into the database for a military dating website and stolen passwords, e-mail addresses, and other information from nearly 171,000 accounts, according to a posting on Pastebin this weekend.

The leaked data includes in email addresses from us.army.mil, navy.mil and microsoft.com domains, but what is interesting to note is that the group is using the name "LulzSec" and "LulzSec Reborn". Representatives from ESingles, the operator of the site, did not respond to emails seeking comment. 

So apparently LulzSec are making a return - on April fools' day. Yeah, exactly. A Youtube video has been released claiming the return of LulzSec in what they're calling Operation LulzDay and a supposed Project Mayhem scheduled for December 21st. 

When the FBI arrested LulzSec leader Hector "Sabu" Monsegur, they did so in a hurry—hours before the arrest, Sabu was doxed, his identity posted to the Internet. With his name public, federal agents feared that he would start destroying evidence to protect himself, so they ended their covert surveillance and moved in, according to Fox News.

Efforts to name and shame the LulzSec crew during its 50-day rampage were common. Many of these doxings were inaccurate, a result of faulty inferences or deliberate attempts to mislead on the part of the LulzSec hackers.

Alleged LulzSec hacker Ryan Ackroyd who appeared before Westminster Magistrates' Court last Friday has been released on bail under the condition that he would not access the internet or possess any device that could do so.