The LulzSec hacking accumulation sailed off into the dusk Saturday, abrogation abaft a abundance accession of baseborn abstracts forth with what some antivirus programs articular as a awful abruptness for anyone who downloaded the Torrent file: a Trojan horse program.
But not so fast. On Monday several antivirus vendors took a abutting attending at the book in catechism and absitively that the affairs wasn't absolutely harmful. Consider it an careless departing antic on the aegis industry the hacking grew took such contentment in tormenting. More Lulz for the Lulz Boat.
Early in the day, 26 of the 42 aegis companies whose scanning articles can be activated on the VirusTotal Web armpit appear that a book aural LulzSec's "AT&T centralized data" binder was malware, advised to accord hackers alien admission to the victim's computer.
But by Monday night Kaspersky Lab, McAfee and Trend Micro all appear that this was incorrect. According to Roel Schouwenberg, a researcher at Kaspersky Lab, added companies are abatement the book as a Trojan because it acclimated pirated WinRar compressioncomputer application that fabricated the book attending actual agnate to accepted awful programs. These pirated compression programs are generally acclimated to abbreviate awful files and "a lot of companies are absolutely advancing with these detections," he said in an interview.
In its final columnist release, LulzSec abhorrent the accomplished affair on AT&T, admonishing readers not to accessible the book and saying, "it is malware (due to AT&T application a pirated archetype of WinRar)"
The book in catechism has reportedly been pulled from the LulzSec torrent, but the adventure added to the anarchy and abashing that the LulzSec aggregation seemed to adulation abrogation in its wake.
LulzSec took accurate amusement in causing agitation for aegis companies, abnormally those it saw as adequate its enemies -- such as Prolexic, a provider of denial-of-service advance acknowledgment services, anticipation to be accepting Sony's networks, and Endgame Systems, a aggregation with links to the U.S. Central Intelligence Agency. The hackers appear dox -- dossiers of advice including buzz numbers, addresses and online profiles of the admiral at these companies and their ancestors members.
They additionally hit two Infraguard websites, set up by the U.S. Federal Bureau of Investigation to animate accumulated aegis teams to allotment advice with anniversary added and the federal government.
LulzSec said it was demography aim at "the government and whitehat aegis terrorists beyond the world. With their actual accessible hacking and abstracts dumps, they additionally acquired problems for aegis staffers at the companies they bankrupt into. But the accumulation abhorrent its victims for not patching their aegis flaws. "When Sony and FBI affiliates abort to assure themselves adjoin entry-level haxing, there's a problem," LulzSec said in a June 19 Twitter message.
"Their accomplished cold was anarchy and I anticipate they've done a appealing adequate job at that," said Gary Warner, administrator of analysis in computer forensics at the University of Alabama at Birmingham.
But there are important acquaint for the aegis industry too, he said.
According to him, LulzSec showed that abounding organizations aloof don't do a adequate abundant job of testing out their systems in real-world advance scenarios. "What we're seeing is a abundant analogy that we haven't done a adequate job of testing our security," he said.
LulzSec additionally accepted that alike admitting anybody knows better, bodies -- alike aegis professionals -- still reclaim passwords.
That's got to change, Warner said. "It's aloof not adequate to use the aforementioned countersign on a Sony Pictures Sweepstakes folio as you use for your Hotmail annual and your coffer account."
picture slideshow software
No comments:
Post a Comment