Less than a month after the hacker group LulzSec announced it was disbanding, it has apparently made a comeback with a massive attack on the websites of embattled media mogul Rupert Murdoch and his News Corp. empire.
LulzSec — or at least a group using that name — first redirected visitors of the Sun newspaper, a News Corp. publication, to the New Times website, which the hackers had taken over.
The visitors saw a mock Sun Page One story announcing Murdoch’s death.
LulzSec later redirected the Sun‘s online visitors to the hacker group’s own Twitter feed.
Meanwhile, Sabu, a prominent figure within LulzSec, has tweeted that LulzSec is “sitting” on a cache of emails belonging to the Sun and News of the World, the paper that News Corp. dissolved last week in the wake of its ongoing phone-hacking scandal. LulzSec has promised a press release will follow.
As this unfolds, AntiSec, a new hacker community set up jointly by LulzSec and Anonymous, another well-known hacker group, has been tweeting about the hacks on Murdoch’s empire.
AntiSec also released the email passwords of certain executives at News International, News Corp.’s UK newspaper publishing arm.
Is LulzSec back in action? Or, considering that the identities of LulzSec’s members are not widely known, could it be that another hacker group posing as LulzSec, perhaps with its permission, is behind this latest activity in order to stir up the waters and cock a snook at the authorities?
Has law enforcement slacked off on efforts to hunt down the hackers? Did that embolden LulzSec and the other hacker groups to strike at the Murdoch empire?
Knuckling News Corp.’s Noggin
LulzSec first tweeted that it “owned” Sun and News of the World, and that this was simply Phase 1 of its plan. The hacker group then stated that the Sun‘s homepage redirected to the faked story of Murdoch’s death on the New Times website that it had taken over.
The New Times website apparently crashed because of the large volume of redirects, LulzSec then said.
Attempts by this reporter to access the New Times website Tuesday morning elicited a message that the servers were temporarily unavailable.
LulzSec later tweeted that it was battling with sysadmins at the Sun and followed that up by stating that the Sun‘s website was redirecting visitors to the hacker community’s Twitter feed.
The situation was further complicated by announcements from Sabu as well as from AntiSec, a hacker call-to-arms launched by LulzSec and fellow hacker community Anonymous to target government websites worldwide.
Back From the Dead?
On June 25, LulzSec announced it was shutting down its operations, a move widely seen as a reaction to pressure from law enforcement agencies and governments that want the group tracked down.
So why is LulzSec reappearing now? Is it because perhaps law enforcement is not focusing so doggedly on hacker communities?
That’s hardly likely. In fact, the FBI arrested more than a dozen suspected members of Anonymous nationwide in the United States, Fox News reported Tuesday.
Or could it be that LulzSec is mocking the authorities?
“Taunting the authorities is well in their profile,” remarked David Harley, senior research fellow at ESET.
LulzSec has apparently made a habit out of attacking whatever company or group is currently under the media microscope.
“When Sony was in the news, they went after Sony; when News Corp. and Rupert Murdoch are in the news, they go after them,” Mike Murray, managing partner at MAD Security, told TechNewsWorld. “Being front and center as part of the story seems to be a source of a lot of lulz, so to speak.”
Alternatively, LulzSec could be testing the waters.
“If they don’t attract too much heat, maybe they’ll resume their activities with less unpopular targets, but that’s just a guess,” ESET’s Harley told TechNewsWorld.
Or it could be just a random attack.
“LulzSec and other hacktivists have their own agenda,” Don DeBolt, director of threat research at Total Defense, told TechNewsWorld.
“Their recent attack against Murdoch and News Corp. is likely the result of looking for security vulnerabilities within the News Corp. infrastructure after the original story [of the scandal over voice mail hacking] broke,” DeBolt elaborated.
What’s in a Name?
However, it’s unclear whether the hack was really perpetrated by LulzSec — the same individuals responsible for the rash of attacks that ended a month ago — or whether another group sprung up and took over the LulzSec name and identity.
If it’s the latter, law enforcement may have to launch a whole new effort to track down these new suspects.
“LulzSec, like Anonymous, is destined to be an amorphous group with little continuity of membership,” MAD’s Murray stated. “When pressure steps up on a member, or members, others will step in to take their place.”