| By John Cook and Adrian Chen Inside Anonymous' Secret War Room
The chat logs, which cover several days in February immediately after the group hacked into internet security firm HBGary's e-mail accounts, offer a fascinating look inside the hivemind's organization and culture. They demonstrate that, contrary to the repeated claims of Anonymous members, the group does have ad hoc leaders, with certain members doling out tasks, selecting targets, and even dressing down members who get out of line. They prove that, contrary to their claims, at least one of the hackers responsible for releasing the publishing the e-mail addresses of thousands of Gawker users last December is in fact a key member of Anonymous. They show a collective of ecstatic and arrogant activists driven to a frenzy by a sense of their own power—they congratulated one another when Hosni Mubarak resigned, as though Anonymous was responsible—and contain bald admissions of criminal behavior that could serve as powerful evidence in criminal proceedings if the internet handles are ever linked to actual people.
They were supplied by two individuals who go by the names Metric and A5h3r4 and describe themselves as former Anonymous supporters who became increasingly disenchanted with the movement's tactics, particularly the extent to which the group's more sophisticated members tolerate children and teens participating in risky operations (British authorities arrested a 15-year-old and a 16-year-old in January, and Dutch police arrested a 16-year-old in December). They recently launched a firm they call Backtrace Security. "The bastards are becoming arrogant sociopaths," said A5h3r4 via chat. "Acting first, not thinking of the consequences. They're recruiting children. I am a pretty far left person—I believe in privacy and free expression, but Anonymous is a vigilante group now. A mob without conscience. And I worry they will radicalize even more. In short, I believe they're on their way to becoming a genuine threat."
Here is Sabu directing the other channel members to come up with a target list for their next hack, including potential media outlets and so-called "whitehat" internet security firms, and ordering Kayla to get working:
Members of the HQ chat were, understandably, obsessed with security. But they seemed to believe that they were safe in that chat room, candidly discussing their own efforts to distance themselves from any illegal activity. Here is Topiary, who has given a number of media interviews, discussing plans to stop speaking for Anonymous in the first person in order to "avoid being raped by Feds":
And here, in the same vein, they discuss how to interact with the press without being seen as an actual member of the group, including references to Sabu, Kayla, and Tflow's efforts to maintain plausible deniability about their roles in the HBGary hack.
Sabu didn't feel the need to be as discreet in the HQ chat. Here he is taking responsibility for the HBGary hack, which involved tricking a Nokia network security specialist named Jussi into handing over passwords:
The logs also seem to prove that members of Anonymous were involved in hacking into Gawker's servers last December. Gnosis, the group that claimed credit for the hack, claimed in interviews to have no affiliation with Anonymous. But Kayla, a member of the HQ chat who was intimately involved with the HBGary attack, implicitly takes credit at one point for the Gawker attacks after someone mentions a Gawker article:
Kayla claims to be a 16-year-old girl, and has publicly admitted involvement with the HBGary infiltration (some, including Metric and A5h3r4, doubt Kayla's claims and suspect her to be in reality Corey Barnhill, a New Jersey hacker in his late 20s who also goes by the name Xyrix). Whoever Kayla is, she was definitely involved in the attack on Gawker. The HQ chats show that Anonymous made use of a the domain internetfeds.mil.nf in preparing HBGary e-mails for release. According to Matt Keys, a journalist who infiltrated the group, the Internet Feds (and not Gnosis), were the real Gawker attackers. And Kayla was one of them. "Kayla was one of two hackers who broke into the Gawker database," Keys told Gawker. "It was her idea. She coordinated the attack. She carried it out with another hacker. A third was involved in the distribution of the torrent, but the brainchild of the Gawker hack attack was Kayla." Keys provided Gawker with screengrabs from the Internet Feds IRC chat as evidence. Ever since Anonymous began taking down the websites of PayPal, Mastercard, and other firms that refused to do business with Julian Assange, Wikileaks has insisted that it has no connection with Anonymous. But the logs seem to show that Laurelai, one of the HQ chat members, is a Wikileaks volunteer. When Sabu asks fellow chat members who she is, they respond that she's affiliated with the group:
Laurelai is also involved in Crowdleaks, a site devoted to translating and disseminating Wikleaks' material. According to Metric and A5h3r4, Laurelei has claimed in chats to be affiliated with the group. They caution that it could be puffery, though, as not everything she's claimed has been reliable. Speaking of puffery, the HQ chat's reaction to Mubarak stepping down in Egypt serves as a handy indicator of just how seriously Anonymous takes itself, and it's power:
The logs show an obsession with media coverage, and HQ members take delight in interacting with reporters, whether it's a genuine attempt to get the word out or a chance to fuck with gullible reporters. Here they are doing the latter to a Guardian reporter:
The obsession with secrecy and security in HQ led naturally to paranoia, as seen in this account from Entropy, who became convinced when his boss called him into the office unexpectedly—earlier in the logs he referred to talking the "CCIE security written test," suggesting he's an internet security specialist—that it was some sort of sting.
Turns out it was nothing! Metric and A5h3r4 also provided us with what they say are the actual identities of Sabu, Kayla, Laurelai, Avunit, Topiary, and other members of the chat. We couldn't connect the handles to the names provided with any certainty, so we're not publishing them. But they say they provided the same information to the FBI. When we called the special agent they gave it to, he replied, "as an agent on that case, I'm not going to discuss ongoing investigative matters" and referred us to a spokesman, who had no immediate comment. Metric and A5h3r4 also say they've handed the material to the Department of Defense, but declined to identify to whom. Barrett Brown, who is generally regarded by Anonymous members as a spokesman for the group, said he has known about the "security breach" for some time: "We're aware of the security breach as other logs from 'HQ' have been posted before (and I should note that HQ is not really HQ anyway — you will note that the actual coordination of performed hacks will not appear in those logs). I can tell you that those who were responsible for pulling off HBGary ... no longer use that room due not only to this security breach, but other factors as well." When we repeated Metric and A5h3r4's claims that Anonymous had become megalomaniacal and vindictive, Brown replied: "I can also confirm that we have become vindicative megalomaniacs." 
| March 18th, 2011 Top Stories |
Dissident members of the internet hacktivist group Anonymous, tired of what they call the mob's "unpatriotic" ways, have provided law enforcement with chat logs of the group's leadership planning crimes, as well as what they say are key members' identities. They also gave them to us.
The logs are from an invite-only IRC chat channel called 
While Anonymous describes itself as a leaderless collective, the 
And here he is excoriating Laurelai, an HQ member who had created a set of instructions for how to carry out an Anonymous attack. Sabu derided it as a stupid move that would help federal investigators make a conspiracy case if leaked and generally make Anonymous look as devious as HBGary. In the same breath that he insists Anonymous is disorganized and leaderless, Sabu plays the role of a leader, enforcing unit discipline while the other members stand by. Laurelei fights back by criticizing Sabu for quickly going public with the HBGary hack, rather than secretly listening in on their e-mails for weeks, and Sabu responds by openly admitting to his involvement: "I'm the one that did the op, I rooted their boxes, cracked their hashes, owned their emails and social engineered their admins in hours."
No comments:
Post a Comment