RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2
2023/02/23 23:15:55

Anonymous

25 suspected of involvement in the hacktivist group Anonymous have been arrested. This is the international police response to Wikileaks' recent publication of intelligence company Stratfor's email cache.

Content

Representation

The international hacker group Anonymous refers to hacktivists (formed by the merger of the English-speaking hak and activism).

According to generalized information, the appearance of Anonymous was recorded on hacker forums 4chan. The origins of this movement are built up to the first hacktivist groups - Cult of the Dead Cow and Electronic Disturbance Theater.

Anonymous at Scientologists in Los Angeles. Source: wikipedia.org

The Anonymous group has no leaders and no party. The movement relies on a collective force organized by individual actors acting in such a way that the result of joint efforts benefits all.

One of the fundamental principles formulated by this movement is expressed in the following lines:

"We are against corporations and governments that are interfering on the internet. We believe that the Internet should be open and free to all. We do not forget, we do not forgive, we are a legion! "


The Imperva (Application Defense Center), called the Hacker Intelligence Initiative (HII), explores the essence of cyber processes, analyzes modern technologies and hacker methods, as well as interesting attacks over the past month. HII focuses on the latest attack trends, web application protection, and a cyber crime-based business model. The purpose of its activities is to help strengthen security and risk management.

In a study of the 25-day attack in 2011 by Anonymous, Imperva examined the sequence of hacker activities aimed at hacking data and dropping sites, and developed basic recommendations for organizations to prevent intrusions and mitigate attacks.

History

2023

Anonymous Sudan launch attack on Sweden's critical infrastructure

On February 14, 2023, the cybercriminal group Anonymous Sudan announced the beginning of a wave of attacks on the websites of companies, government agencies and other organizations in Sweden.

In their messages in Telegram, the attackers write that the reason for the massive cyber campaign is a protest against the action to burn the Koran in Stockholm. Anonymous Sudan hackers report organizing attacks on a variety of structures in Sweden - airports, railway carriers, universities, telecom operators, television companies, medical institutions, etc.

The reason for the attack was the action in Stockholm, in which the Koran was burned
File:Aquote1.png
We declare the cyber war of Sweden after the burning of the Koran. We will continue massive and brutal attacks if the Swedish government does not formally apologize, the attackers say.
File:Aquote2.png

Scandinavian Airlines (SAS) announced the inaccessibility of its website and mobile application. Shellefteau Airport, a number of hospitals and the media were affected. The fact that their web services collapsed due to DDoS attacks was announced by several small railway companies. There are reports of the inaccessibility of a number of government services. The Swedish Office for the Protection of Civilians (MSB) confirms the sharply increased intensity of cyber attacks. The country's law enforcement agencies are trying to solve the problems.

It is also noted that other cybercriminal teams are also involved in organizing attacks: for example, the UserSec group announced the provision of assistance to hackers Anonymous Sudan. Apparently, DDoS attacks on Sweden's infrastructure will continue, although this requires significant resources from cybercriminals. The damage caused will be enormous. At the same time, Anne-Marie Eklund Löwinder, one of the leading Swedish IT security experts, claims that it is impossible to know what the group's real intentions are, even if they claim that we are talking about burning the Koran.[1]

Anonymous Russia announced the hacking of IT systems of airports in Europe

On February 16, 2023, the cybercriminal group Anonymous Russia announced a series of powerful DDoS attacks on a number of airports in Europe. As a result, the IT systems of air harbors were disrupted, and thousands of passengers were in a difficult situation.

Anonymous Russia said in a statement that Erfurt Bindersleben, Hanover, Dortmund, Nuremberg, Karlsruhe/Baden-Baden and Dusseldorf airports were attacked. Passengers could not access their sites, and the security services of the hacked companies had to urgently take protective measures. At the same time, as noted, the sites of the largest airports in Germany in Frankfurt, Munich and Berlin were not affected.

Anonymous Russia claimed responsibility for attacks on German airports
File:Aquote1.png
"And again in Germany, non-flying weather... How so?, "- wrote the Anonymous Russia group in Telegram.
File:Aquote2.png

At the same time, on February 15, 2023, it became known that shortly after a massive failure in the registration and landing system Lufthansa , this airline was subjected to a DDoS attack. Responsibility for it, according to Gazeta.Ru, was assumed by the Russian group KillNet.

File:Aquote1.png
We killed the corporate network of Lufthansa employees with 3 million requests for fat data packets per second. It was a rat experience that was successful. Now we know how to stop the work of any airport in the world, "said the leader of the KillNet group, a KillMilk hacker quoted by Gazeta.Ru.
File:Aquote2.png

In mid-February 2023, other airports were subjected to cyber attacks. Thus, the Anonymous Sudan group claimed responsibility for hacking Scandinavian Airlines (SAS) IT systems, as a result of which its website was disabled, and some customer data was disclosed. And hackers from a group called Al-Toufan claimed responsibility for the attack on the website of Bahrain International Airport.[2][3]

2022

Anonymous posted data from Killnet hackers

Anonymous claim to have posted data hackers Killnet. This became known on May 26, 2022.

Published email addresses and passwords of members of the hacker group.

Data Base was posted on the JustPaste website, and anyone can watch it[4].

Anonymous declared war on Killnet

The Anonymous group plans to end Killnet, which to cyber attacks recently attacked institutions the European state. This became known on May 23, 2022.

The list of victims includes the sites of the Italian military, parliament and the National Institute of Health. One of the attacks also hit the Automobile Club of Italy and several other Italian institutions.

Just weeks after declaring war on Russia, Anonymous decided to take on the Killnet group. The statement appeared on May 21, 2022 on Anonymous's official Twitter account.

Shortly after the declaration of war, Anonymous published a message stating the destruction of the official Killnet website. By attacking the Russian group again and again, Anonymous expects to break the chain of attacks by Russian hackers.

In late April, Killnet also attacked the Romanian government. The websites of the government and the ministry suffered from DoS attacks emanating from Russia. Romanian experts said Killnet specializes in DoS and DDoS attacks and previously attacked sites related to the governments of the United States, Estonia, Poland, the Czech Republic and other NATO members.

Romania's defense minister called the attack "symbolic." According to him, such attacks were carried out before the special operation in Ukraine and Romanian cybersecurity departments are ready for them. [5].

Nestle confirms 10GB data archive leak with passwords, correspondence and customer information

On March 24, 2022, the hacker group Anonymous announced a hack into the Nestle database. The company confirmed the data breach but said it was the fault of employees. Read more here.

Attacks on Rosneft Deutschland

In mid-March 2022, the German division of Rosneft was subjected. to cyber attack This was stated by the federal agency for (information security Germany BSI). Rosneft Deutschland reportedly shut down some IT systems, but its oil pipelines and refineries continued to operate as normal, with the hacker group claiming responsibility for the attack. Anonymous According to BSI, Rosneft Deutschland itself reported a cyber attack. More. here

Russian hackers "put" Anonymous website

On March 1, 2022, the Russian hacker group Killnet blocked the work of the Anonymous decentralized cyber group website and urged Russians not to believe fakes on the Internet and remain calm.

File:Aquote1.png
The internet is full of fake information about Russian bank hacks, attacks on Russian media servers and much more. All this has no danger to people. This "information bomb" carries only text. And no more harm. Do not succumb to fake information on the Internet. Don't doubt your country... Very soon this conflict will end, we will find peace. Don't be afraid, Russia, no one and nothing can threaten you. Anonymous hackers, take care of restoring your site, it looks very sorry against the background of your threats to our country, says Killnet.
File:Aquote2.png

Killnet was blamed for what is happening in Ukraine on President Volodymyr Zelensky, as well as American leader Joe Biden. The leaders of the EU countries, as they say in the appeal of hackers, are following the lead of the United States.

On February 25, 2022, the Anonymous hacker group announced a cyber war against Russia. They also claimed responsibility for the attack on the website of the Russian TV channel RT. The group noted that it participates "in operations against the Russian Federation."

On February 28, 2022, the sites of Izvestia, TASS, Kommersant, Forbes, RBC and other major Russian publications were hacked.

Russian hackers "put" Anonymous website

On the same day, the websites of the government and authorities of Crimea were subjected to massive DDoS attacks. Hackers used a botnet, the IP addresses of which are mainly located in Server and South America, Taiwan and a number of other countries.

In addition to the Anonymous website, Killnet hackers "laid down" the resource of the Right Sector extremist organization banned in Russia[6]

2012

The International Criminal Police Organization (Interpol) reported the arrests of suspected hackers in the territories of several countries. The suspects range in age from 17 to 40 years. It is also reported that the arrests were carried out in Argentina, Chile, Colombia and Spain by law enforcement agencies of the countries concerned. Among the detainees are those suspected of a series of cyberattacks against the websites of the ministries and the president of Colombia, the National Chilean Library, the energy company Endesa and others.

Interpol itself does not make arrests, it helps national law enforcement agencies use international experience in combating cybercrime by accessing databases and information about crimes committed. The recent arrests are the result of an Interpol operation called "Operation Unmask."

According to official reports, in the process of investigative actions that began in mid-February, more than 250 units of computer equipment and mobile phones were found and seized. Along with the equipment, a certain amount of cash and credit cards were found and seized.

According to intelligence spokesman Bernd Rossbach, this operation proves that crime in the virtual world is punishable, and the Internet cannot be considered a refuge for criminal activity, regardless of its origin and purpose.

The AP news agency confirmed some of the figures published by Interpol. Among the 25 people detained, four people have been arrested and are suspected of being involved in cyber attacks on political websites in Spain. Five Chileans and a Colombian were arrested in Chile (two of them are 17 years old). Nevertheless, according to Colombian police officials, there were no arrests in Colombia itself related to the Interpol operation. And finally, Argentina did not officially report anything, but Argentine media give information about the detention of 10 suspects in involvement in the assistance of the Anonymous group.

Soon after these statements, the Interpol website fell and is still unavailable. It was probably a response to the triumphant press release. Although the incident is not associated with the DDoS attack, the message "FIRE! FIRE! FIRE!, "and the accounts @ AnonymousIRC and @ AnonBRNews wrote that the Interpol website was" dancing. "

The recent arrests of members of the Anonymous group are probably the most numerous. Last September, the FBI arrested two people suspected of being part of that group. At the same time, Scotland Yard grabbed two hackers. Last year, arrests of 15 suspected hackers were reported in Italy.

The arrests of Anonymous members followed Wikileaks' release of The Global Intelligence Files, a cache of several million email messages stolen by Antisec members from Stratfor last December. The letters, which Stratfor disowned, contained details about the activities of the industrial espionage network.

The media note that government organizations, along with the commercial sector, do not have any love for hacktivist groups. A little earlier in February 2012, the US government received information about a possible close attack by the Anonymous group of key government infrastructure, such as the US energy supply network. The conclusions drawn by the NSA (National Security Agency) are based on a large number of DDoS attacks on the websites of government agencies in the United States.

Links

cite_note-4 Article Anonymous on Wikipedia

Notes