Anonymous hacks Panda Security in response to LulzSec arrests

[DKT27]

Anonymous has retaliated against the arrests of five LulzSec members. The hacktivist group has defaced multiple Panda Security domains as well as stolen the e-mail credentials of 114 employees.

The hacktivist group Anonymous has attacked security firm Panda Security shortly after authorities today arrested five men part of Lulz Security (LulzSec), another hacktivist group loosely associated with the former. 28-year-old Hector Xavier Monsegur (Sabu), the leader of LulzSec, allegedly informed U.S. law enforcement of his fellow comrades’ names: Ryan Ackroyd (Kayla), Jake Davis (Topiary), Darren Martyn (pwnsauce), Donncha O’Cearrbhail (palladium), and Jeremy Hammond (Anarchaos).

Now, Anonymous has stolen the account credentials (e-mail address and passwords) of 114 employees working at Panda Security, and posted them online for everyone to see. Internal server details were also revealed. Lastly, they defaced more than two dozen subdomains within “pandasecurity.com” and other several domains owned by the security firm by modifying them to show a video recounting some of LulzSec’s hacking highlights from last year. The video is embedded above.

Here is what Anonymous posted in response to today’s events (AntiSec refers to both Anonymous and LulzSec working together):

#ANTISEC IS BACK ONCE AGAIN KNOCKING SNITCHES DOORS CAUSE TRAISON IS SOMETHING WE DONT FORGIVE

YEAH YEAH

WE KNOW…

SABU SNITCHED ON US

AS USUALLY HAPPENS FBI MENACED HIM TO TAKE HIS SONS AWAY

WE UNDERSTAND, BUT WE WERE YOUR FAMILY TOO (REMEMBER WHAT YOU LIKED TO SAY?)

IT’S SAD AND WE CANT IMAGINE HOW IT FEELS HAVING TO LOOK AT THE MIRROR EACH MORNING

AND SEE THERE THE GUY WHO SHOPPED THEIR FRIENDS TO POLICE.

ANYWAY…

LOVE TO LULZSEC / ANTISEC FALLEN FRIENDS

THOSE WHO TRULY BELIEVED WE COULD MAKE A DIFFERENCE

LOVE TO THOSE BUSTED ANONS, FRIENDS WHO ARE FIGHTING FOR THEIR OWN FREEDOM NOW

LOVE TO THOSE WHO FIGHTED FOR THEIR FREEDOM IN TUNISIA, EGYPT, LIBYA

SYRIA, BAHRAIN, YEMEN, IRAN, ETC AND ETC AND ETC

LOVE TO THOSE WHO FIGHTED FOR FREEDOM OF SPEECH, FOR A REAL DEMOCRACY,

FOR A GOVT FREE OF CORRUPTION,

FOR A FREE WORLD WHERE WE ARE ABLE TO SHARE OUR KNOWLEDGE FREELY

LOVE TO THOSE WHO FIGHT FOR SOMETHING THEY BELIEVE IN

WE ARE ANTISEC

WE LL FIGHT TILL THE END

TO FBI AND OTHER SHITS

COME AT US BROS

WE ARE WAITING FOR YOU

Visit the Sexy AntiSec Embassy: [Tor] http://ibhg35kgdvnb7jvw.onion/

Follow the Antisec Crew: https://twitter.com/AnonymousIRC

Chat: irc.anonops.li #antisec

Here is what AnonymousIRC posted on Twitter in regards to the attack:

http://pandalabs.pandasecurity.com OWNED HARD by #AntiSec - Reason:Snitching on Anons for Money #Anonymous #OWS #AntiVirusBackdoored #ROOTED

http://cybercrime.pandasecurity.com OWNED HARD by #AntiSec - Reason:Snitching on Anons for Money #Anonymous #OWS #AntiVirusBackdoored #ROOTED

http://cloudprotection.pandasecurity.com OWNED HARD by #AntiSec - Reason:Snitching on Anons for Money #Anonymous #OWS #AntiVirusBackdoored #ROOTED

Ohai Pandalabs and FBI. Whose head was cut off? We forgot. http://pandalabs.pandasecurity.com/ #AntiSec #Anonymous Expect us.

ALL YOUR BASE ARE BELONG TO US #Anonymous #AntiSec #LulzSec

For the history books: https://pastebin.com/LM9vdNWy | FBI, you think now you don’t need to expect us anymore? You’ve angered some retired pirates.

http://pandalabs.pandasecurity.com oh shit. they’re still locked out from their own servers… #Anonymous #LulzSec #OWS #IfUAskForLulzLulzWillFindU

#LulzSec advices Panda AntiVirus users to get rid of it. Reason:injected shellcode #Anonymous #AntiSec #OWS #FrontalCockCrash

PandaSecurity:’Where is the lulz now?’ #LulzSec:’here http://cybercrime.pandasecurity.com/ ‘ #Anonymous #BrutalButtRaeping #OWS #AntiSec

Here are all the URLs that were hacked:

cybercrime.pandasecurity.com

antivirus-offers.pandasecurity.com

blog.cloudantivirus.com

cloudofficeprotection.pandasecurity.com

cloud.pandasecurity.com

cloudpartnercenter.pandasecurity.com

cloudprotectionbeta.pandasecurity.com.tar.gz

cloudprotection.pandasecurity.com

facebookfriends.pandasecurity.com

forgetsecurity.co.uk

forgetsecurity.co.za

forgetsecurity.es

go.pandasecurity.com

info.pandasecurity.com

information.pandasecurity.com

lavuelta.pandasecurity.com

maintenance.pandasecurity.com

momentos.pandasecurity.com

ondersteuning.pandasecurity.com

pandacompetition.pandasecurity.com

pandalabs.pandasecurity.com

prensa.pandasecurity.com

press.pandasecurity.com

promo.pandasecurity.com

protectyourfamily.pandasecurity.com

research.pandasecurity.com

securitytothecloud.pandasecurity.com

serviciospro.pandasecurity.com

servicos.pandasecurity.com

suporte.pandasecurity.com

techcenter.pandasecurity.com

uninstall.cloudantivirus.com

wiki.cloudantivirus.com

www.cnccs.es

www.forgetsecurity.de

www.forgetsecurity.se

Luis Corrons, PandaLabs Technical Director, was singled out by the hackers for praising the arrests in a blog post earlier today. It was titled “Where is the lulz now?” Anonymous included links to his personal blog, his Facebook profile, his Twitter profile, and his Google+ profile.

Here is what Anonymous wrote:

hello friends!

pandasecurity.com, better known for its shitty ANTIVIRUS WE HAVE BACKDOORED, has earning money working with Law Enforcement to lurk and snitch on anonymous activists. they helped to jail 25 anonymous in different countries and they were actively participating in our IRC channels trying to dox many others. Aside how clueless they are and how disgusting they look sucking police tiny dicks and even how much fun we got when they are trying to sell IT security services xD that only helps to endanger people even more; they contribute to bring activist to jail. activists, not even hackers. common people who are trying desperately to denounce the injustices happening on their countries right now.

we should just say:

yep we know about you.

how does it feels being the spied one?

eat cock now.

Where is the lulz now?

Really good news. I have just read that LulzSec members have been arrested and that their main head Sabu has been working as an informant for the FBI. It turns out he was arrested last year, and since then he has been working with Law Enforcement.

As I said, really good news :)

Will this mean the end of Anonymous? No. It will mean the end of LulzSec, but Anonymous existed before LulzSec and will continue existing. However we probably won’t see any more hacks as the ones LulzSec had been perpetrating, and Anonymous will only use their known childish tactic of DDoS using their LOIC tool.

Posted on 03/6/12 by Luis Corrons

LOL HE ASKED FOR THE LULZ!!!!

HERE IT IS THE LULZ

“Another problem is that sometimes if you want to infiltrate and you have to be one of the criminals, you have to do things that you shouldn’t. In that case, you need to be with law enforcement. We have to find ways to cooperate even better with law enforcement.”

says Luis Corrons, research director of PandaLabs.

In short, Anonymous is accusing Panda Security of aiding law enforcement. Corrons denies the claims. Here is what he said on Twitter:

This is going to be a funny night #lulztojail :)

We have our team taking a look into the defacement right now. And investigations to catch criminals are always fun ;)

this has just happend a few minutes ago, so we are still investigating, it will take some time.

all the allegations they make are fake, no surprise at all on that :)

Even though we have not helped LE to bring to jail any lulzsec member, I would have loved to be involved in that.

Panda Security has followed up with an official statement on Facebook:

On March 6th the hacking group LulzSec, part of Anonymous, obtained access to a Panda Security webserver hosted outside of the Panda Security internal network. This server was used only for marketing campaigns and to host some of the company’s blogs. Neither the main website www.pandasecurity.com nor www.cloudantivirus.com were affected in the attack. The attack did not breach Panda Security’s internal network and neither source code, update servers nor customer data was accessed. The only information accessed was related to marketing campaigns such as landing pages and some obsolete credentials, including supposed credentials for employees that have not been working at Panda for over five years.

We continue investigating the cause of the intrusion and will provide more details as soon as they become available. Meanwhile we assure all our customers and partners that none of their information has been compromised and that our products and services continue functioning as normal.

You can read everything Anonymous wrote for yourself over on Pastebin.

View: Original Article

[Lite]

I find it funny when security companies have anything hacked.

Protect your own backyard before trying to protect others!

[SnakeMasteR]

Right, Lite. (its a rhyme!? :lol:) :)

[marke68]

And this will achieve the square route of f**k all.

[avmad]

So Sabu grassed then, tut tut. Panda does suck so no wonder their websites got done over. ;)

[Adrean]

Wow. That last part of the video just blew me away!

It's amazing that it still applies even today.

I'm gonna keep a record of that last speech. It's just too powerful.

Kudos to anon

[espns]

Who the hell uses PANDA AV's :wtf:

[grouchysmurf]

I do.

I find things kind of funny......

I do not appreciate nor support my government wasting time

and money on stupid sh*t like shutting down torrent sites........

...oooooohhhhhhh, how horrible the crime, forget that people

all over the world are dying, lets focus tons of money on this dumb cr*p.

Having said that, I also do not appreciate a wanna be group of "cyber" vigilantes

who seem to have "entitlement" issues with the internet, wrecking business and invading privacy

of people they say are....wrecking business and invading privacy. Yet another fine example of time,

money, and other resources wasted over stupid cr*p.

I think that both sides of this equation should get the hell off the net, and let everyone else get back to ENJOYING the

services they pay for.