Hackers affiliated with the Anonymous cluster printed many thousands of email addresses belonging to subscribers of personal intelligence analysis firm Strategic Forecasting Inc together with thousands of customer mastercard numbers.
The lists, that were printed on the net late on Thursday, included info on individuals together with former U.S. Vice President Dan Quayle, former Secretary of State Henry Kissinger and former CIA Director Jim Woolsey. They may not be reached for comment.
The lists included info on massive numbers of individuals working for large firms, the U.S. military and major defense contractors – that attackers might doubtless use to target them with virus-tainted emails in an approach referred to as “spear phishing.” The Antisec faction of Anonymous disclosed last weekend that it had hacked into the firm, that is widely referred to as Stratfor and is dubbed a “shadow CIA” as a result of it gathers non-classified intelligence on international crises.
The hackers had promised that the discharge of the stolen information would cause “mayhem.” A spokesperson for the cluster said via Twitter that yet-to-be-published emails from the firm would show “Stratfor isn’t the ‘harmless company’ it tries to color itself as.” Antisec has not disclosed when it’ll unleash those emails, but security analysts said they may contain info that could be embarrassing for the U.S. government.
Those emails are planning to be dynamite and will offer lots of helpful info to adversaries of the U.S. government,” said Jeffrey Carr, chief government of Taia world Inc and author of the book “Inside Cyber Warfare: Mapping the Cyber Underworld.”
Stratfor issued an announcement on Friday confirming that the published email addresses had been stolen from the company’s database, saying it had been serving to law enforcement probe the matter and conducting its own investigation. “At Stratfor, we tend to try and foster a culture of scrutiny and analysis, and that we wish to assure our customers and friends that we will apply identical rigorous standards in completing our internal review,” the statement said.
There are thousands of email addresses here that would be used for terribly targeted spear phishing attacks that would compromise national security,” said John Bumgarner, chief technology officer of the U.S. Cyber Consequences Unit, a non-profit cluster that studies cyber threats.
NO THREAT up to now – PENTAGON The Pentagon said it saw no threat up to now.
We don’t seem to be alert to any compromise to the DOD info grid,” said Lieutenant Colonel Jim Gregory, a spokesman for the Department of Defense.
In a posting on the data-sharing web site pastebin.com, the hackers said the list included info from concerning seventy five,000 customers of Stratfor and concerning 860,000 those who had registered to use its web site. It said that included some fifty,000 email addresses belonging to the U.S. government’s .gov and .mil domains.
The list conjointly included addresses at contractors together with BAE Systems Plc, Boeing Co, Lockheed Martin Corp and several U.S. government-funded labs that conduct classified analysis in Oak Ridge, Tennessee; Idaho Falls, Idaho; and Sandia and Los Alamos, New Mexico. Corporations on the list included Bank of America, Exxon Mobil Corp, Goldman Sachs and Co and Thomson Reuters.
The entries included scrambled versions of passwords. Some of them may be unscrambled using databases referred to as rainbow tables that are obtainable for download over the net, according to Bumgarner. He said he randomly picked six individuals on the list affiliated with U.S. military and intelligence agencies to envision if he might crack their passwords. He said he was ready to break four of them, every in a few second, using one rainbow table.
Source
