LulzSec Versus TeaMp0isoN: When Hackers Attack Hackers
Not everyone in the hacker community smiles upon the shenanigans of LulzSec, the hacker group du-jour of the moment. Seriously, just check out Google News. Right now, LulzSec is a mainstay, and while this publication is adding to it, we concentrate on the web. LulzSec has gained crossover appeal, with stories of their exploits going mainstream.
Did they get to big for their britches, or did they step on the feet of some “true” hackers, opening the doors for retaliatory strikes from groups who fight the same way? Well, something happened, and as a result, there’s a LulzSec backlash brewing and it’s not just courtesy of the group’s victims. The person and/or group that apparently got rankled by LulzSec belongs to TeaMp0isoN (Team Poison) hacker team. It seems, among other things, that members of TeaMp0isoN didn’t like being associated with LulzSec and began hacking them in return.
Hackers hacking hackers. Although the story gets a little bit more complicated than that, the previous exercise in alliteration sums up things quite effectively. As for the “why” LulzSec is being targeted, well, that’s where the complication comes in.
Based on my limited exposure to various hacker groups around, from what I can tell, TeaMp0isoN is one of the more respected groups, one that doesn’t necessarily like being associated with LulzSec, for a number of reasons. Chief, however, is the fact that LulzSec’s activity aren’t looked upon as true hacker exploits. The targets themselves weren’t the problem. The automated methods used to gain control of the targets on the other hand, were. This was made apparent when — and this is where the details get fuzzy — a suspected LulzSec member was hacked by a TeaMp0isoN member, which was discovered by th3j35t3r, another hacktivist who is at odds with LulzSec.
While the LulzSec member hack has been denied, in combatant fashion, no less, there’s a screenshot of the defacing (click for larger image):
Here’s the transcript, courtesy of I Found The Internet. [sics] remain intact:
No matter how many bots you gather, no matter how much people you lie to, no matter how much pre-made tools you use, you will _NEVER_ represent the real hacking scene, we warned you, we told you we do not make empty threats, we gave u 48hrs to secure your ircs yet u failed to do so, instead u posted hashes from public forums and then claimed you doxed us and laughed at the fact that i was 17years old. stop telling yourself that u are hackers, putting a ip into a irc is NOT hacking nor is using pre-made tools and scripts to grab databases… you do not represent the anti-sec movement, u are not allowed to greet underground groups like zf0, ab, h0n0, el8 like your member “AnonSabu” was doing, you will never be apart of the underground scene, if anyone thinks you are underground and can actually hack they have no idea about what happens in the underground scene. oh and TeaMp0isoN Issue 2 is coming out VERY soon exposing lulzsec members (pictures, addresses, passwords, ips, phone numbers etc). . . . not so anonymous anymore are you? lets hope that you can swim because the lulzboat just got titanic’d…
The taunting message was found at the site of Dutch developer Sven Slootweg, who, as indicated, denied his site got hacked in a defiant manner:
Notice to press: This website was compromised through exploiting a plugin in an outdated WordPress setup, uploading a shell, and replacing the index page. I am not a member of Lulzsec (a statement I have made several times before in various places), noone “hacked the server” (this has been verified by the hosting company, as this website is on shared hosting) and this was definitely not an “elite hack”. I am not available for further comments to press.
It should be noted, in order to get to Slootweg’s site — awesome name, by the way — a index_defaced.html file appears first, so I’m not sure how valid his denial is.
Now for the why. Why is TeaMp0isoN going after LulzSec? Is LulzSec getting publicity other, more deserving hacker groups should get, or is this something a little more personal? According to a link on th3j35t3r’s Twitter, which goes to a blog called “LulzSec Exposed,” some of LulzSec inner circle may have courted this fight themselves. The following screenshot has more details:
Apparently, some LulzSec members called out TeaMp0isoN, and ta-da, we’ve got ourselves a hacker fight; although, with TeaMp0isoN, it goes a little deeper than that. Not only are LulzSec’s (and Anonymous’) methods derided, the ultimate goal is too. Is LulzSec a group of modern-day Robin Hood hackers or are their exploits doing something a little more criminal?
Over the last two weeks, my company, Unveillance, has been the target of a sophisticated group of hackers now identified as “LulzSec.” During this two week period, I was personally contacted by several members of this group who made threats against me and my company to try to obtain money as well as to force me into revealing sensitive data about my botnet intelligence that would have put many other businesses, government agencies and individuals at risk of massive Distributed Denial of Service (DDoS) attacks.
Is extortion part of the LulzSec appeal? So far, there hasn’t been much in the way of response from LulzSec, aside from the misguided denial from Slootweg. While their Twitter account is going strong, there’s nothing in the way of this subject being discussed. Was TeaMp0isoN’s message heard loud and clear, and as a result, is LulzSec steering clear, or is there more to come? Perhaps this LulzSec tweet offers a glimpse…