From
Send to

FBI partner attacked by hackers, passwords taken

June 6, 2011 - 11:24 By 이우영

People walk by Sony Building in Tokyo's Ginza shopping district in Tokyo. Another massive data breach at Sony has left hackers exulting, customers steaming and security experts questioning why basic fixes haven't been made to the company's stricken cybersecurity program. (AP-Yonhap News)

LONDON (AP) _ Nearly 180 passwords belonging to members of an Atlanta-based FBI partner organization have been stolen and leaked to the Internet, the group confirmed Sunday.

The logins belonged to members of the local chapter of InfraGard, a public-private partnership devoted to sharing information about threats to U.S. physical and Internet infrastructure, the chapter's president told The Associated Press.

``Someone did compromise the website,'' InfraGard Atlanta Members Alliance President Paul Farley said in a brief email exchange. ``We do not at this time know how the attack occurred or the method used to reveal the passwords.''

Copies of the passwords _ which appear to include users from the U.S. Army, cybersecurity organizations and major communications companies _ were posted to the Internet by online hacking collective Lulz Security, which has claimed credit for a string of attacks in the past week.

In a statement, Lulz Security also claimed to have used one of the passwords to steal nearly 1,000 work and personal emails from the chief executive of Wilmington, Delaware-based Unveillance LLC.

Lulz Security claimed it was acting in response to a recent report that the Pentagon was considering whether to classify some cyberattacks as acts of war.

The FBI said Sunday that it was aware of the incident and that steps were being taken to mitigate the damage. Farley said InfraGard's website had been taken down and that members had been advised to change their passwords and beware of further attacks.

Farley added that his group _ a volunteer organization _ had had no previous involvement with Lulz Security, which describes itself as a collective of hackers who attack weakly-protected websites for fun. Lulz is a reference to Internetspeak for ``laugh out loud.''

The collective appears to have had a busy week.

Earlier Sunday, Nintendo said it had been targeted in a recent online data attack claimed by Lulz Security. Nintendo said no personal or company information was lost.

On Thursday, Lulz Security boasted of a major breach which saw as many as tens of thousands of Sony users' details posted to the Internet.

The group has also claimed credit for defacing the PBS website after the public television broadcaster aired a documentary seen as critical of WikiLeaks founder Julian Assange.

Emails and other messages seeking comment from the group over the past few days have gone unanswered, although it maintains an active presence on microblogging site Twitter, where it taunts its opponents and promises more hacks.

<한글 기사>

소니 해킹 해커집단 FBI지부 웹사이트도 뚫어

해커그룹 '룰즈섹(LulzSec)'이 미 연방수사국(FBI) 지부까지 해킹했다고 미 경제전문지 포브스 인터넷판이 5일 보도했다.

이에 따르면 룰즈섹은 3일 밤 트위터를 통해 '인프라가드'라고 불리는 FBI 애틀랜타 지부를 해킹해 이 웹사이트 이용자 180명의 로그인 관련 데이터를 훔쳤다고 주장했다.

이들은 또 이 사이트에 '바보 같은 FBI전함을 그대로 흘려보내라'라는 제목의 유튜브 동영상을 올려놓기도 했다.

룰즈섹은 성명을 통해 미 국방부가 미국에 대한 사이버공격을 전쟁으로 간주해 대응키로 했다는 뉴스에 자극을 받았다고 말했다.

그들은 또 '인프라가드' 이용자 대부분이 자신들의 비밀번호를 다른 인터넷사이 트에도 사용했다고 주장했다.

룰즈섹은 최근 폭스닷컴과 소니 일본, 미국 공영방송 PBS 등을 해킹해 눈길을 끌었으며 소니는 현재 FBI와 함께 이들을 추적하고 있다고 밝혔다.

(연합뉴스)