Slideshow

LulzSec hack timeline: Doing it for the lulz

Fresh from their latest hack, Computerworld Australia brings you a timeline of LulzSec's major scalps

  • May 30: After being less than impressed with a Frontline documentary on WikiLeaks entitled "WikiSecrets", the hacker group attacked U.S. TV broadcast network, Public Broadcasting Service (PBS). LulzSec broke into PBS servers and defaced the PBS NewsHour blog with an 'exclusive' that murdered rappers Tupac Shakur and Biggie Smalls were still alive and living in New Zealand. The group also posted online PBS staff passwords and login IDs.

  • June 2: LulzSec [[artnid:388885|first gained worldwide infamy for its security breach of several Sony Pictures websites|new]] last month. The group claimed to have accessed unencrypted personal information on more than one million people and compromised all administrator passwords, including 75,000 "music codes" and 3.5 million "music coupons".

  • June 6: Following the Sony Pictures hack, [[artnid:389055|LulzSec infiltrated a U.S. Nintendo server|new]]. However, a Nintendo representative said no consumer information was held on the server and that the hacker group did not get away with any sensitive material. This latest security breach prompted Sophos' Asia Pacific head of technology, Paul Ducklin, to [[artnid:389295|advise the group's members to "grow up"|new]].

  • June 8: U.S. cybersecurity company, Black & Berg Cybersecurity Consulting, posed a challenge on its website for hackers to change an image on its homepage. The first person to succeed would be rewarded $US10,000 and a position with the company's senior cybersecurity advisor, Joseph Black. [[artnid:389647|LulzSec answered to the hacking competition|new]], changing Black & Berg's homepage image to their Twitter logo, and announced on its social networking site, "Done, that was easy. Keep your money we do it for the lulz". Black responded to the hack on Twitter by posting, "Wait, we do have a comment. Please unf**k our website. Thank you. ~ Joe".

  • June 16: Using a DoS attack, [[artnid:390382|the hacker group took down the CIA website|new]] for several hours. Oh yes, they went there. They tweeted, "Tango down - cia.gov - for the lulz," after bringing down the U.S. intelligence agency's site, and published the documents online. Whistleblower organisation, WikiLeaks, even [[artnid:390404|commended LulzSec for teaching the CIA "a lesson"|new]] following the attack.

  • June 17: Fresh from taking down the CIA's website, [[artnid:390480|LulzSec harvested 62,000 emails and passwords|new]], with the majority of email addresses coming from Gmail, Hotmail and Yahoo. Some of the [[artnid:390546|leaked information was also taken from Australian organisations|new]], including AusAid, Victorian Government departments, local councils in Victoria and New South Wales, the Australian National University, the University of New South Wales and the University of Queensland.

  • June 22: LulzSec's Brazilian branch [[artnid:391161|attacked the Brazilian Government portal and the President of Brazil's homepage|new]] after promising to carry out the attacks if they reached 1000 Twitter followers. They had more than 1200 followers at the time. The group also targetted the country's tax collection agency and the website of Latin America's largest energy producer, [[xref:www.petrobras.com.br|Petrobras|Petrobras website]].

  • July 19: The latest victim to be targetted by LulzSec is media mogul, Rupert Murdoch. The group [[artnid:394054|attacked Murdoch-owned The Sun newspaper today|new]], replacing the online version with a fake story pronouncing his death and visitors to the site were redirected to [[xref:https://twitter.com/#!/LulzSec|LulzSec's Twitter|Twitter :: LulzSec]] feed, which celebrated the high-profile attack. LulzSec also claimed to have hacked the homepage of The Sun's parent company, phone-hack scandal hit News International, and the webpage of sister paper The Times was also inaccessible. Just hours after, the hacker group tweeted that [[artnid:394072|News International’s DNS are down denying access to some 1024 web addresses|new]]. However, LulzSec hasn't claimed responsibility for the attack.

Show Comments