HBGary Federal hacked and exposed by Anonymous

HBGary Federal hacked and exposed by Anonymous.

This is interesting since the principal of HPGary,

In addition, you will see his work on the website rootkit.com.

-- Tom

 

How one man tracked down Anonymous—and paid a heavy price (3 web pages).

-- Tom

 

Disgraced security firm asked Bank of America to fund anti-Wikileaks/anti-Glen Greenwald campaign (3 web pages).

-- Tom

 

Great article. Very detailed.

 

lotuseclat79 thank you for posting this.
I don't even know what to say, and reading the irc log .. wow

 

From HBGary Emails A Sweet Valentine For Social Engineers:

 

As pointed out by Heise Online in their article today on HBGary et al,
the whole shebang can easily be read on httpxxxhbgary.anonleaks.ru/greg_hbgary_com

Heise Online article; httpxxxwww.h-online.com/security/news/item/Anonymous-exposes-US-security-company-1189973.html

The perfect ~ Snipped as per TOS ~ storm?

 

From Anonymous exposes US security company:

 

Crowdleaks: HBGary wanted to suppress Stuxnet research

 

Found some VERY interesting reading in these

We know nothing about Stuxnet, Oh really

And this

So it's confirmed, the .GOV etc are involved in creating malware and planting it etc

-http://crowdleaks.org/hbgary-wanted-to-suppress-stuxnet-research

 

Woooooaaah, interesting read MAN!

Holy crap insane story

 

More background on the US security firm break-in

 

Extracts from the PSYOPS Response.doc My BOLDING

More good reasonS to stay clear of social media

Also on the same page is this !

Stuxnet
ZIP/stuxnet.zi_

No password for it though So it's safe

 

Black ops: how HBGary wrote backdoors for the government

 

Thanks!

----
What tangled web! Big banks, 3 letter agencies, and professional hackers or rather security white? grey? black? -hats.

Conspiracy theories for Real?

 

Hi,

"Once upon a time in the security industry", or "the good, the bad and the ugly"? Funny...my opinion is summarized on this french article:
http://translate.google.fr/translat...-acslaw-et-hbgary-2/&sl=fr&tl=en&hl=&ie=UTF-8

Regarding the Magenta rootkit:
http://www.scribd.com/doc/48981331/Magenta-HBGray-rootkit

It is here pure buzz and pretentious advertising.
Yes it is possible to make live memory examination more difficult (already summarized by Johanna R. 3 years ago), but in a minnor way only (and on which processor if we consider virtualization memory protection).
Also: "Any physical memory based tools that would allow you to see the current location of Magenta body would only be of limited use..", well in this cas i suggest to HBGary to stop advertising ansd selling their own tools:
http://www.evidencemagazine.com/index.php?option=com_content&task=view&id=116&Itemid=49

All version of Windows? in this case a simple "write prtection" available on XP/Vista/7 will be enough to prevent this rootkit.
I'd rather personnaly the ethical way of Dave Aitel (http://en.wikipedia.org/wiki/Dave_Aitel ) who has founded his campany after working years at the NSA.
Anyway...we live in a wonderfull world...

Rgds

 

Some nice things coming out

ayb

 

MrBrian/trismegistos/lotuseclat79

Thanks for the links

In one of them it mentions 12 monkeys rootkit which i hadn't heard of before

Greg Hoglund i sort of have some sympathy for, as from what i've read/seen over the years, he was/is a talented coder. Starting up and running and contributing to rootkit.com for many years, he cleverly absorbed ideas etc posted on there, amongst other places, and fused them into "better" things along with his own ideas/code. In latter times he hardly ever posted anymore, that's because by now he had moved on = gone "straight" = corporate/government etc !

He saw opportunities = $ and was one of the first to do so. Nothing wrong with that though as such. I have a feeling that as he wasn't a typical "suit" guy he felt he needed someone who was, and that could probably interface/BS more directly with suit/.Gov etc types The person chosen to front HBGary Federal was Aaron Barr. As he and others in HBGary have now found out to their COST and shame, it was a Very bad move, and one i'm sure he and the others now regret BIG time.

Of course Greg Hoglund and others in HBGary aren't completely innocent in All the shananagins we are now learning about, but it was Mr. Ego = Aaron Barr who stabbed himself, and all the others in the foot with his foolish behaviour. But if it hadn't been for him we would be none the wiser

 

LOL, so true.
He went to the limits to demonstrate his capabilities (Stalking customers to show his skills etc.), over confidence leads to problems

 

Hi Kareldjag, what is this write protection that you speak of? How can I enable it?

 

@CloneRanger and trismegistos:
You're welcome .

Here's another: Spy Games: Inside the Convoluted Plot to Bring Down WikiLeaks (already posted by 'hidden' in an unrelated thread).

 

This is like General Hospital or Days of Our Lives, but for Hackers/Crackers.

Does that mean Greg Hogland = Susan Lucci?

 

@CloneRanger:
I resonate with your insights.

You might be interested to read HBGary's report on China Cyber espionage...
-http://cryptome.org/0003/hbg/HGB-CN-Spy.zip

-http://cryptome.org/0003/hbg/HBG-PMF-CI.zip

 

Thanks for the PDF links Had a quick scan through the Chinese one

Yes SCADA, As in Stuxnet ! But Greg Hoglund states that the Slammer worm also got in Didn't know that before !

 

Security firm proposes next-generation fake identities for public relations