From the Ashes – LulzSec Reborn

By

Jun 13th


The disbanded hacking group Lulz Security has apparently risen from the ashes and like all newborns has a new name, LulzSec Reborn.

The newly formed hacking group has posted just over 8,000 usernames and passwords on Paste-Bin, hacked from Tweet-Gif, a third party Twitter application that allows you to share animated gifs.

The usernames and passwords are dumped in a SQL build file, with the passwords still currently hashed. The file also includes user personal information such as their full name, location, Twitter image, and timestamp of the users last tweet.

The 10,000 usernames would represent about 10% of the Tweet Gif user base, and is likely to have come from a single MYSQL server.

LulzSec posted a video on YouTube announcing their plans for a return on the 3rd June, stating that they had 3TBs of dumped data, stored offline, from a number of websites, including, State.gov, ic.fib.gov, dia.mil, hanscom.af.mil, Syrian Government eMails, and even the whitehat organisations lexis.com. Until these dumps are posted we can’t be sure that they actually exists, but there seems little value in a bluff from Lulz.

You can expect this time around the organisation will be a lot more paranoid, after being shopped by one of their own, working for the FBI previously.

In the meantime, if you have a Tweet Gif account, change your password, on the safe side, change your twitter password too.

Leave a Reply

 
© 2006-2019 Security magazine.