What anonymity techniques did LulzSec hackers use to stay anonymous online?

Discussion in 'privacy technology' started by DesuMaiden, Apr 3, 2013.

Thread Status:
Not open for further replies.
  1. DesuMaiden

    DesuMaiden Registered Member

    Joined:
    Jan 25, 2013
    Posts:
    534
    I know Sabu and several other LulzSec hackers used Tor.

    Some other hackers used VPNs (like Hide Your Ass ) which weren't actually that anonymous since they held ip logs lol.

    Did they use any anonymouzing techniques more advanced than just Tor, VPNs, or Tor + VPN chaining (inside nested virtual machines) such as hacking into other people's computers and using them as proxies (or hiding behind botnets)? Or were LulzSec hackers just using basic anonymity techniques such as Tor, VPNs, Tor + VPN chaining, and etc?

    Was their level of anonymity relatively easy to achieve?
     
  2. aklies14

    aklies14 Registered Member

    Joined:
    Jun 22, 2012
    Posts:
    29
    Location:
    America
    they found putty alternative(i cant remember the name of it right now) on kayla's system,and if i know right then you can use putty to create a ssh tunnel to a compromised system in some other part of the world(and those guys had a bunch of compromised system which they used to host IRC chat servers etc) and then surf using that,visited websites would see the ip address of the compromised system but again you are going to leave your real ip in the compromised system logs. :(
     
  3. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    Most haven't been caught, so we don't know :D For those that have been, they seemed to make some big mistakes, that a lot of us here shook our heads at.

    PD
     
  4. DesuMaiden

    DesuMaiden Registered Member

    Joined:
    Jan 25, 2013
    Posts:
    534
    Revealing too much personal information (Jacob Hammond)
    Forgetting to log into IRC with Tor (Sabu)
    and what else?
     
  5. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,025
    Using HideMyAss ;)
     
  6. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    The key to staying safe for those people is simple.

    Do what you have to do, or want to do, then go away. Shut down your security, and live your online life like you never were a part of anything. Then, when you want to do something else, boot up again. Being like a machine and having no emotional contact with what you are doing is the only way, as a machine is much less likely to make a mistake.
     
  7. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,413
    "One cannot be betrayed if one has no people"

    Keep to yourself, don't talk to anyone on IRC, TorPM, Jabber. And if you do tell anyone make sure they know you will break their fingerts and legs if they snitch. They have to know your for real and don't muck around.

    Alot of it is how you carry yourself. Same goes for IRL. And never travel out of your country with your laptop/PC. Never.



    I have to agree with this statement. Become a machine and you will go far.
     
  8. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    Well, it goes beyond that IMO. Those make it sound like one simple mistake got them. Why no Anon VPN? Why not VPN on the router? Why was any connection without the VPN possible? Why no software firewalls rules in place? Spoofed MAC's? CAT6 Cable? Etc... Like I said, stuff that makes most of go "amateurs".

    PD
     
  9. JohnMatrix

    JohnMatrix Registered Member

    Joined:
    Apr 12, 2012
    Posts:
    48
    Location:
    Behind you
    Hard to know that the people that didn't get caught were using. But a combination of a VPN, TOR, Firefox + Ghostery + Adblock Plus + No flash + No Java should be enough to stay hidden. Although you could improve further it's hard to believe anyone would be compromised if using the above combination without making other mistakes (such as revealing your real name)
     
  10. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    Cookies, Iframes.

    I found you :)
     
  11. JohnMatrix

    JohnMatrix Registered Member

    Joined:
    Apr 12, 2012
    Posts:
    48
    Location:
    Behind you
    How would you know who I am by using an iframe or a cookie? I'm talking about a clean browser install, without any third party cookies, used solely for staying anonymous. Always connected through a VPN and/or TOR. A cookie or an iframe does not help you to identify who I am.
     
  12. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    You can send small data packets through iframes. Your VPN won't stay connected all the time. Simple IP recording program that sends IP back to a host. It can be very small and use command for all its actions.
     
  13. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,025
    That wouldn't work if the target machine never saw the Internet except through its VPN and/or Tor setup. One way to accomplish that is using virtual networks of pfSense VPN-client VMs and Tor-gateway VMs. Using a pfSense VPN-client VM plus the Whonix VMs gives you Tor via VPN. Configuring a VPN connection in the Whonix browser gives you VPN2 via Tor via VPN1. Running an additional VPN-client VM gives you VPN3 via Tor via VPN2 via VPN1.
     
  14. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    Guy above gave me parameters. I was creating a way he could be found using them. He did not specify a virtual machine, and 99% of people using a VPN can't run it 100% of the time, due to using a computer for PayPal, online banking. Tor is not full-proof either. Using similar small packet drops you can find anyone using Tor that is not using a VPN on the other end, even more sophisticated it would not even matter. Only way to protect against is to run virtual all your activities.
     
  15. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    "Never from home" defeats all this stuff. "Never from the same place twice" is even stronger. It's 2013...connectivity is everywhere. Nobody said it'd be easy, but jail isn't easy either :D

    PD
     
  16. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    Who would be going to jail? I am not doing anything illegal with my internet connection. I am just a bored guy that is a little obsessive compulsive with a drive to learn everything about security and privacy.

    I guess my goal is privacy in an ever more open world. I don't really care about big brother, because big brother does not care about me. I care more about little sister spying, then big brother caring about me.
     
  17. DesuMaiden

    DesuMaiden Registered Member

    Joined:
    Jan 25, 2013
    Posts:
    534
    Not using your home connection makes little difference. Let's say I do something highly illegal from various hotspots around my city. The FBI finds my real ip address or my real identity (if I accidentally reveal too much damning personal info). You are HOSED. Using various hotspots around a city only delays the inevitable--your capture. They have public cameras everywhere so you cannot hack anywhere anonymously.

    Yes, I couldn't agree with you anymore. Last thing anyone wants is Big Brother interested in them.

    I say a good set up for staying untraceable would be Tor + VPN (both inside a VM). All of the connections on the VM are forced through the VPN so if the VPN disconnects your real IP address is never exposed (since you are not connected to your real ip in the VM). Only your host OS is connected to your real ip.

    I don't see how your real ip could be traced through this set up.

    Also never reveal personal info. Only make up personal information i.e. I am a 30-40 year old unemployed computer engineer. Does anyone believe that? IIRC Kayla pretended to be a 16 year old girl lol even though he was a 20 something year old male.
     
  18. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    That was more of a perversion then a way to be anonymous, I assume he was getting off on vicariously pretending to be a girl as some guys in that field like all the extra attention being a girl would get you.
     
  19. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,025
    Well, "16 year old girl" and "20 year old guy" aren't that different ;)
     
  20. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    Who do you think would get more attention playing xbox. The attention was his reason.
     
  21. JohnMatrix

    JohnMatrix Registered Member

    Joined:
    Apr 12, 2012
    Posts:
    48
    Location:
    Behind you
    That won't work because my internet connection gets blocked as soon as the VPN disconnects. So iframes or cookies won't help you to identify me. I've never seen anyone provide any valid counter for this setup:

    - Clean browser install
    - Browser only started once VPN is running
    - When VPN disconnects all internet traffic is blocked
    - Browser extensions: adblock plus, ghostery. No flash or java installed
    - Use Google public DNS servers (thanks to dogbite)

    I'm interested if anyone can think of a valid case where this setup would reveal my real IP address to the outside world.

    edit: added tip from dogbite
     
    Last edited: Apr 15, 2013
  22. dogbite

    dogbite Registered Member

    Joined:
    Dec 13, 2012
    Posts:
    1,166
    Location:
    EU
    What about a DNS leak that you are not aware of?
     
  23. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    There are many, I won't even bother to elaborate, your last post is hinched on the fact your set-up never fails, as we know no system is 100% all the time.
     
  24. JohnMatrix

    JohnMatrix Registered Member

    Joined:
    Apr 12, 2012
    Posts:
    48
    Location:
    Behind you
    You fail to give any concrete evidence for a weakness in the proposed setup. With this setup my real IP address stays hidden all the time combined with the fact that my browser fingerprint is unique and tracking cookies are blocked.

    This system would be 100% secure for hiding my real IP address (except to the vpn provider) and location unless you can provide me with an example of when this setup fails.
     
  25. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    The topic is about LULZSEC...they would probably go to jail. I am not talking about anyone here. If it's good enough to keep them out, it is definitely good enough for the law abiding Joe from being found in a dragnet vacuum type of data dump.

    P
     
Loading...
Thread Status:
Not open for further replies.