Friday, February 13, 2015

Notorious Hacking Groups.

Knowing your "enemies" is always a good exercise before developing every protection. Different attackers have different techniques and belong to different groups. Each group owns strict beliefs and attacks in a well known way. In this post I want to examine some of the most notorious hacking groups in the history until now (February 2015) in order to show how attackers "attack" and how they live in community.

The following list wont be a complete and / or an exhaustive list of cyber attackers groups, it is mainly based on my memories and public available informations.

I'd like to start with 414s hacking group (1980). For what I know it's not an active hacking group anymore. It broke into dozens of high-profile computer systems, including Los Alamos National Laboratory, Sloan-Kettering Cancer Center, and Security Pacific Bank. It has been one of the first group to be organized over IRC and to act together in order to reach the common goal.

Another hacking group born in 80s was the PHIRM. In 1985 a Phrack magazine article brought the group into the public eye, and they began to take on new members. In 1987 two of the founders, Archangel and Stingray, co-authored a report on Cleveland's Freenet. In 1989 the group published a definitive guide to breaking security on Bank of America home banking systems. 

The Cult Of Dead Cow (cDc) is probably the biggest hacking group of late 80s. Its famous logo still appear in some of the underground tools out there. The group is the maker of the term "Hacktivism" and became famous to fight with the Hong Kong Blondes (a Chineese Hacking Group).
cDc Logo                                 
In the late 1990s, the cDc worked with a group of Chinese dissidents called "The Hong Kong Blondes." The goal of the Hong Kong Blondes was to disrupt computer networks within the People's Republic of China in order to allow PRC citizens to access censored content online. The Hong Kong Blondes were, arguably, one of the first hacktivist groups. The cDc advised the group on strong encryption techniques, among other things.[17][18][19][20] The cDc formally severed ties with the Hong Kong Blondes in December 1998.
Chaos Computer Club (CCC) is a Germany based hacking group. The CCC describes itself as "a galactic community of life forms, independent of age, sex, race or societal orientation, which strives across borders for freedom of information...." In general, the CCC advocates more transparency in government, freedom of information, and the human right to communication.
  
Level Seven was a hacking group during the mid to late 90's. Eventually dispersing in early 2000 when nominal head 'vent' was raided by the FBI on February 25, 2000. They became famous after the attack to NASA and Sharaton Hotels.

Milw0rm is a group of "hacktivists" best known for penetrating the computers of the Bhabha Atomic Research Centre (BARC) in Mumbai. The group conducted hacks for political reasons,[3] including the largest mass hack up to that time, inserting an anti-nuclear weapons agenda and peace message on its hacked websites.

NCPH Network Crack Program Hacker Group is one of the first Chinese hacker group based out of Zigong in Sichuan Province. While the group first gained notoriety after hacking 40% of the hacker association websites in China,[2] their attacks grew in sophistication and notoriety through 2006 and received international media attention in early 2007. iDefense linked the GinWui rootkit, developed by their leader Tan Dailin (Wicked Rose) with attacks on the US Department of Defense in May and June 2006. iDefense linked the group with many of the 35 zero-day attack and proof-of-concept codes used in attacks with over a period of 90 days during the summer of 2006. They are also known for the remote-network-control programs they offer for download.

Lizard Squad is the hacking group known for targeting the PlayStation Network and Xbox Live services. It mainly acts as a black hat group and it has been pubblically revealed on August 2014. It is a very discussed hacking group since many parties say they claim fake attacks.

LulzSec is another group of hackers originating in 2011 and quite famous in the underground community. Organized by Sabu, LulzSec have been accused to compromised user accounts of Sony Pictures in 2011. The group also claimed responsibility for taking the CIA website offline several times.
Lulz Sec Logo
TeslaTeam is a group of black-hat computer hackers from Serbia established 2011. The group was mainly famous for their defacements techniques (tools). They mainly targeted political groups, Albanian websites and including news organizations and human rights groups. TeslaTeam is currently the only virtual army in Serbia to openly launch cyber attacks.

SEA (Sirian Electronic Army) is a group of computer hackers who support the government of Syrian President Bashar al-Assad. Using spamming, defacement, malware (including the Blackworm tool), phishing, and denial of service attacks, it mainly targets political opposition groups and western websites including news organizations and human rights groups. The Syrian Electronic Army is the first public, virtual army in the Arab world.

Anonymous, is maybe the most discussed and famous (right now) a group of hacktivist originating in 2003. A website nominally associated with the group describes it as "an internet gathering" with "a very loose and decentralized command structure that operates on ideas rather than directives". The group became known for a series of well-publicized publicity stunts and distributed denial-of-service (DDoS) attacks on government, religious, and corporate websites.

Anonymous Logo
 Beginning in June 2011, hackers from Anonymous and LulzSec collaborated on a series of cyber attacks known as "Operation AntiSec". On June 23, in retaliation for the passage of the immigration enforcement bill Arizona SB 1070, LulzSec released a cache of documents from the Arizona Department of Public Safety, including the personal information and home addresses of many law enforcement officers.