Stratfor’s hacking embarrassment continues as its Website stays offline and Anonymous turns the screw
US security firm Stratfor’s Website was compromised over Christmas by the Anonymous group of hackers as part of a “Robin Hood” rampage. Named LulzXmas, the campaign is aimed at robbing the rich “one percent” and giving to the poor “99 percent”.
The Stratfor site went offline on 24 December and the company’s clients whose names, addresses and payment card details were published online by Anonymous were notified of their exposure.
Anonymous has claimed to have stolen $1m (£649,000) from the compromised accounts and to have deposited the money with charities. A faction of Anonymous has posted screenshots of money being transferred to the Red Cross, Save the Children, and Care.
Many of Stratfor’s customers are major companies and government agencies, including the US Department of Defense. The Bank of America, and Lockheed Martin – which was itself the victim of hackers earlier this year.
Other companies affected by the intrusion are said to include Google, Microsoft, Sony, Coca-Cola, Boeing and American Express, according to Anonymous’ postings. Although Stratfor’s Website remains offline, it has used its Facebook page to update its clients and denies that the companies mentioned by Anonymous are actual clients.
“Also publicly released was a list of our members which the unauthorised party claimed to be Stratfor’s ‘private clients’. Contrary to this assertion, the disclosure was merely a list of some of the members that have purchased our publications and does not comprise a list of individuals or entities that have a relationship with Stratfor beyond their purchase of our subscription-based publications,” the company wrote
Free ID protection offered
Stratfor has responded by providing compromised clients with a free year of identity protection services provided by CSID. The Global ID Protector service monitors criminal Web pages, chat rooms, bulletin boards and other online forums for compromised personal information. When illegal activity is detected, such as the trading or selling of personal information online, the service notifies the affected subscriber and provides instructions on how to prevent further exposure and fraudulent actions.
In a letter to subscribers, Stratfor CEO George Friedman said, “We deeply regret that this event has occurred, and we are working to prevent it from happening again. Our highest concern is the impact that this has had on you, our loyal members and friends … Please take advantage of this service.”
Friedman added that the site will remain closed for the foreseeable future; “As part of our ongoing investigation, we have also decided to delay the launching of our Website until a thorough review and adjustment by outside experts can be completed.”
The embarrassment is not over for Stratfor if Anonymous makes good its threat to reveal emails stolen during the attack. These will expose more of Stratfor’s customers and show that Stratfor “is not the ‘harmless company’ it tries to paint itself as. You’ll see in those emails,” Anonymous warned.
According to a Pastebin statement posted yesterday: “It’s time to dump the full 75,000 names, addresses, CCs [credit cards] and md5 hashed passwords to every customer that has ever paid Stratfor. But that’s not all: we’re also dumping ~860,000 usernames, email addresses, and md5 hashed passwords for everyone who’s ever registered on Stratfor’s site.”
The hacker group is planning more exploits for New Year’s Eve: “On this date, we will be launching our contributions to project mayhem by attacking multiple law enforcement targets from coast to coast.”