Author Archives: Ulrik

I'm from the land where the Panthers grew
You know the city and the avenue
If you the boss we be smabbin through
And we'll be grabbin' you
To say "What's up with the revenue?"

Most everybody already knows that we don't like police very much. Shit, just about everybody hates them, everybody except for the rich and powerful who depend on their protection. But which state got the most blood on their hands? Well we already owned pigs in Texas and Arizona, and many many others; guess its time to ride on the California police.

From the murder of Oscar Grant, the repression of the occupation movement, the assassination of George Jackson in San Quinten prison, the prosecution of our anonymous comrades in San Jose, and the dehumanizing conditions in California jails and prisons today, California police have a notorious history of brutality and therefore have been on our hitlist for a good minute now.

So we went ahead and owned the California State Law Enforcement Association (CSLEA.COM), defacing and destroying their website. We dumped a few of their mail spools and forum databases, and we did get a few laughs out of reading years of their private email correspondence (such as CSLEA's Legislative and Police Liason Coby Pizzotti's convos with his girlfriend who calls him "doodle"). But what we were really after was their membership rosters, which included the cleartext password to 2500 of their members, guaranteeing the ownage of many more California pigs to come.

"But wait! Cops are people too! Part of the 99%!" orly? When these soulless traitors voluntarily chose to cross the picket line and side with the bosses and bureaucrats, they burned all bridges with working class. As the bootboys for capitalism they do not protect us, instead choosing to serve the interests and assets of the rich ruling class, the 1%. Many Occupiers are learning what many of us already know about the role of police in society when they violently attacked protesters occupying public parks. Now it's time to turn the table and start firing shots off in the right direction. Problem, officer?

Interestingly, CSLEA members have discussed some of our previous hacks against police targets, raising concern for the security of their own systems. However Ken deliberately made some rather amusing lies as to their security. He repeatedly denied having been hacked up until web hosts at stli.com showed him some of the backdoors and other evidence of having dumped their databases. We were reading their entire email exchange including when they realized that credit card and password information was stored in cleartext. This is about the time Ken changed his email password, but not before receiving a copy of the 'shopper' table which contained all the CCs. Too late, Ken.

In all fairness, they did make an effort to secure their systems after discovery of the breach. They changed a few admin passwords and deleted a few backdoors. Shut mail down for a few days. They also finally decided to set a root mysql password, but we got the new one: "vanguard". We noticed that you got rid of the credit card table, and most of the users in your database. Still haven't figured out how to safely hash passwords though: we really loved your change from 'redd555' to 'blu444'. Clever.

But we still had shell on their servers, and were stealthily checking out the many other websites on the server, while also helping ourselves to thousands of police usernames and passwords (it's how Special Agent Fred Baclagan at the California DOJ Cybercrimes Unit got humiliated last month). For two months, we passed around their private password list amongst our black hat comrades like it was a fat blunt of the dank shit, and now it's time to dump that shit for the world to use and abuse. Did you see that there were hundreds of @doj.ca.gov passwords? Happy new years!!

/*******************************************************************************
LIST OF SITES HOSTED BY CSLEA, NOW WIPED OFF THE NET !!!
*******************************************************************************/

******************************************************************
**** DEPARTMENT OF DEFENSE INTEREST COMPUTER SYSTEM (DODICS) ****
******************************************************************
* DDD * USE OF THIS OR ANY OTHER DEPARTMENT OF DEFENSE * DDD *
* D D * INTEREST COMPUTER SYSTEM (DODICS) CONSTITUTES * D D *
* D D * YOUR CONSENT TO MONITORING BY DOD AUTHORIZED * D D *
* DDD * PERSONNEL FOR COMPUTER SECURITY AND SYSTEM * DDD *
* * MANAGEMENT PURPOSES. * *
* OO * * OO *
* O O * THIS DODICS AND ALL RELATED EQUIPMENT ARE TO * O O *
* O O * BE USED FOR THE COMMUNICATIONS, TRANSMISSION, * O O *
* OO * PROCESSING, MANIPULATION, AND STORAGE OF * OO *
* * OFFICIAL U.S. GOVERNMENT OR OTHER AUTHORIZED * *
* DDD * INFORMATION ONLY. * DDD *
* D D * * D D *
* D D * UNAUTHORIZED USE OF THIS COMPUTER MAY SUBJECT * D D *
* DDD * YOU TO CRIMINAL PROSECUTION AND PENALTIE. * DDD *
******************************************************************
**** DEPARTMENT OF DEFENSE INTEREST COMPUTER SYSTEM (DODICS) *****
******************************************************************

OVER THE YEARS WE HAVE EXPOZED MANY A PRIVATE GOVERNMENT DOCUMENTS STOLED FROM TEH MAIL SPOOLZ AND INTRANETS OF THE PIGS ... BUT NOW WE HAVE DISCOVERD THAT THEY ARE ONTO US AND IZ ONLY A MATTER OF TIME BEFORE WE ARE ALL BIZZUSTD!!!

// THEY R HIP 2 OUR MASTER PLAN...

• (U) "Project Mayhem," (PM) was announced by Anonymous in August 2011, and according to their public website projectmayhem2012[dot]org, is set to culminate on 21 December 2012. The PM website ahs several links to YT videos, which appear to have been randomly selected and have no direct tie to PM or past / current / future Anonymous malicious activity. Furthermore, there is no dialogue or hints as to specific tactics, techniques and procedures (TTP) that Anonymous plans on employing on or prior to 21 December 2012. There are also several seemingly related internet wiki-style portals and web forums, operating under the PM name, devoted to random malicious acts - some involving physical disruption and some involving targeting information systems - but no direct discussion of attack scenarios.

• (U) The name "Project Mayhem" is derived from the popular 1999 film Fight Club. The project refers to a secret operation carried out by the Fight Club to topple the corporate American system. In the movie, the Club carries out numerous malicious acts such as defacement of buildings with graffiti, sabotage, and arson. In the finale, the main character is ultimately responsible for destroying buildings belonging to major financial institutions with explosives.

• (U//FOUO) DHS/NCCIC'S PM ASSESSMENT: While Anonymous' PM will not likely be as spectacular as the activities it was named after in the movie Fight Club, little is known about their plans for this event. We anticipate several more YT videos and public statements via Twitter leading up to the culmination date of 21 December 2012. Based on previous incidents involvin Anonymous, we can expect DDOS, web defacement, SQL injection, and potentially in-person protests targeting worldwide government institutions and private corporations. Though the characters in the movie Fight Club who carried out their version of PM utilized deadly force and terrorist tactics, Anonymous is not likely to use violent force in their operations.

// THEY ANALYZED OUR METHODOLOGY...

• (U) Anonymous utilizes a crude target nomination procedure, outlined below, that is coordinated on one of several communication mediums - IRC, websites (#chan, etc), insurgency wiki, or anonymous themed website:

1. An individual on the communications medium posts an appeal to Anonymous
leadership requesting members to target a victim;
2. Those individuals who agree, follow suit with vague details given as to
intentions and/or tactics.
3. "Lulz ensue," or they don't;
4. If "lulz ensue,", go back to step 2 and see if more people join the action,
or;
5. Lose interest.

// THEY HAVE OUR 0DAY...

• (U) According to Anonymous, they are working on a new attack tool called #RefRef that is able to use a server's resources and/or processing power to conduct a DOS against itself. It is unclear at this time what the true capabilities of #RefRef are; Anonymous has stated publicly that the tool will be ready for wider use by the group in September 2011. There have been several publicly disclosed tools claiming to be versions of #RefRef however there has been nothing to validate these claims.

// AND HAVE INFILTRAT0RED OUR ORGANIZATION!!!

• (U//FOUO) Following law enforcement action against Anonymous and LulzSec, individuals claiming to be members of the groups contacted FBI field offices in an attempt to provide information and become informants. While some individuals may have had honest intentions when contacting the FBI, others may have engaged in social engineering to solicit information about law enforcement personnel or active investigations of Anonymous and LulzSec. In addition, individuals may have also contacted the FBI to provide misinformation about the identities of Anonymous and LulzSec members and their activities as a means of interfering with law enforcement investigations.
• (U//FOUO) In June 2011, suspected members of LulzSec discussed a scheme to provide misinformation to the FBI in a private Internet Relay Chat (IRC) channel. Members discussed having an FBI informant with access to the IRC channel contact his handling agent to provide misinformation in exchange for payment. Once this occurred, the group then planned to publicize the incident and to give the impression that the FBI was funding LulzSec activities.
• (U//FOUO) In October 2011, an FBI source with unknown reliability reported that an individual contacted FBI field offices via e-mail claiming to have information regarding Anonymous. Source reporting suggests that this individual had previously discussed in chat logs attempts to social engineer an FBI agent to download malware.

// BUT THEY R SCARD...

• (U//FOUO) The FBI judges that the retaliatory reactions of Anonymous and LulzSec, combined with law enforcement activity aimed at dismantling the group, points toward the continued targeting and intimidation of law enforcement personnel. The FBI judges that law enforcement personnel may be subjected to increased contact by individuals regarding information about Anonymous and LulzSec members and activities, as additional law enforcement action against suspected members of Anonymous and splinter groups are conducted. This contact could lead to the increase of social engineering tactics against officers to obtain sensitive information that could be used to compromise active cases. In addition, suspected members of Anonymous and LulzSec may continue to provide misinformation in an effort to thwart law enforcement investigations, which may impact future prosecution of these subjects.

// AND ARE SCRAMBLING 2 PROTECT THEMSELVES

• (U//FOUO) The FBI judges that the following precautions are likely to enhance law enforcement ability to preserve information and ensure officer safety during interviews and search warrants:
• (U//FOUO) Being Aware of Social Engineering Tactics. Subjects may gather personal and employment information about law enforcement officers by manipulating them into divulging sensitive information. This information would enhance “doxing” by enabling subjects to gather further identifiers.
• (U//FOUO) Limiting Access to Video Equipment. Access to mobile phones, video recording devices, digital cameras, and Web cams would allow subjects to photograph law enforcement personnel. These pictures and videos may then be uploaded to the Internet and included in “doxes” of law enforcement.
• (U//FOUO) Limiting Access to Mobile Devices. Subjects may attempt to contact other Anonymous members to alert members of law enforcement presence, through making phone calls, sending text messages, and accessing social networking sites using mobile devices. Members have been known to access Internet Relay Chat (IRC) channels through mobile phones, therefore subjects may be able to communicate with other members without appearing to be on the Internet.
• (U//FOUO) Being Aware of Encryption Methods. Further efforts that may impede intelligence collection include encryption techniques such as full disk encryption. In these instances, information may be lost if suspects are notified before the search warrant is executed and the computer is turned off prior to law enforcement arrival.
• (U//FOUO) Obtaining Proper Consent for Minors. Some of the subjects of Anonymous are minors, which may hinder intelligence collection. Differences in state authorities designating the age at which someone is considered a minor may make it difficult to interview these subjects. Proper approval and parental consent may be required prior to contacting a minor and collecting information.

// BUT IN THE END THEY KNOW THEY ARE FUXX0R3D!