ie8 fix
madison

Zero Day

Ryan Naraine, Emil Protalinski and Dancho Danchev
Home / News & Blogs / Zero Day

LulzSec: "Snitches get stitches"

By | June 21, 2011, 6:46pm PDT

LulzSec posted the identities of two people it said had snitched and landed a teenage hacker in jail on Tuesday.

That teenager, Ryan Cleary, was identified by the BBC, which appeared to use PasteBin to get the name. Cleary was arrested earlier Tuesday in what appeared to be a score for Scotland Yard and the FBI. It initially appeared that Cleary was a ringleader for LulzSec, which is structured to be a leaderless organization.

However, LulzSec said it was alive and well. According to @anonymouSabu, believed to be a leader of LulzSec, Cleary was ratted out, but he only hosted chats.

On PasteBin, LulzSec outed snitches with addresses, IM and IP addresses. LulzSec even provided phone numbers. The main target was m_nerva, who was outed as Marshall Webb, a Hamilton, Ohio resident.

The hacker group said:

Hi FBI & other law enforcement clowns,

LulzSec here with some juicy gossip.

This is Marshal Webb, also known as “[redacted]” in the “#pure-elite” IRC logs you no doubt have enjoyed. He was involved in the hacking of the game “Dues Ex” and was/is involved in countless other cybercrimes.

Also, he tried to snitch on us. Therefore we just did your job for you with great ease.

This moron is trying to flee the country in order to avoid serious punishment. Hunt him down:…

These goons begged us for mercy after they apologized to us all night for leaking some of our affiliates’ logs. There is no mercy on The Lulz Boat.

Snitches get stitches.

It has been a curious day for the LulzSec posse to say the least.

The day in LulzSec:

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Zero Day”

Topics

Stitch, FBI, Hacker, LulzSec, Federal Government, Hacking, Internet Relay Chat (IRC), Security, Government, Internet, Larry Dignan
39
Comments
Add Your Opinion

Join the conversation!

Just In

RE: LulzSec:
BerthaCounsellor 16th Dec
I agree with razorsyntax & Str0b0, there is simply no excuse for Hackers!
couple counsellor
View in thread
0 Votes
+ -
RE: LulzSec:
x0prahWinfr3yx 21st Jun
These guys are doing wonders for my career in network security.
0 Votes
+ -
RE: LulzSec:
Imrhien Updated - 21st Jun
These guys are intense! Kinda cool, kinda scary at the same time.
0 Votes
+ -
RE: LulzSec:
josh92 21st Jun
@Imrhien

Very very well put.
0 Votes
+ -
Don't worry...
cosuna 22nd Jun
@Imrhien : Mitnick was more resourceful and still got caught in no time.

You can never be so cocky against the multinationals. When they want to get you, they will and the press' not gonna defend you this time. Just ask Assange and crew.
0 Votes
+ -
RE: LulzSec:
windozefreak 22nd Jun
@cosuna
My thoughts exactly! Guess what, they are already turning on each other. This is the first step to downfall!
0 Votes
+ -
RE: LulzSec:
randomma 4th Nov
@Imrhien

Organic food is better ? Is it really healthy than conventional food? Find out the answer at random-matters.com
Learn methods to avoid diarrhea . We will tell you what you must do when you have diarrhea, such as prevent dehydration and foods to avoid.
How to Fix Blue Screen of Death , list of BSOD error codes and why Blue Screen of Death can happen.
Biceps tenodesis meaning . A Biceps tenodesis is a procedure that cuts the attachment of the biceps tendon on the and reattaches it to the humerus.

0 Votes
+ -
RE: LulzSec:
randomma 4th Nov
@Imrhien

How do you know if you have herpes ? The very first way you realize when you have genital herpes is from the features which will appear.
Build a Laptop from scratch ? Learn what is needed to build and create your own laptop computer from scratch.
Find out what should you with the customer???s credit card do if credit card scanner tells you to confiscate the card definition
This article provide example of decision tree , advantages of decision tree and step by step how to make a decision tree.
What is shingles means? what is shingles and how it happen? Find out at random-matters.com
0 Votes
+ -
RE: LulzSec:
randomma 4th Nov
@Imrhien

Random Matters - We are providing you useful articles and discussing random things.
Quotes from Dan Gable - Various quotes from Dan Gable "I shoot in, I get 2 points. He shoots in, I get 2 points"
inevitable meaning and definition - unable??to??be??avoided,??evaded,??or??escaped;??certain;necessary:??an??inevitable??conclusion.
Hematoma Treatment and symptom ??? Hematomas on the skin (bruises) and also soft tissue are usually cured with RICE (rest, ice, compression, elevation)
We are offering high efficiency solar panels with industry leading costs with the reliability and performance of traditional crystalline solar modules.
0 Votes
+ -
Hacker Movie?
iTeaBoy 22nd Jun
We could be reading the script for the next big hacker movie

Get the popcorn Ethel !!

happy
0 Votes
+ -
RE: LulzSec:
Cylon Centurion 22nd Jun
Once these 6 get caught, they'll be never seen again. I can't wait for that day.
0 Votes
+ -
RE: LulzSec:
EdwardSamara 22nd Jun
LulzSec have vowed to target high-profile figures in the UK and US by posting their Facebook profile photo as an "OrgasmProfile". Details at: brandedalive.com.
0 Votes
+ -
RE: LulzSec:
razorsyntax 22nd Jun
These are morons acting like children. Seemingly powerful behind the computer but really only cowards in real life. It takes integrity and honesty (real character) to wield such skills and NOT use it for misguided crimes. What sort of individuals attack video game companies and happily reveal a 'snitch' without any empathy toward them? Children. These aren't grown adults (40 year-old's can act like children too). Children turn each other in at a moments notice without any thought to consequence. I don't care what they do . . . they need to be caught, tried, and jailed. These are criminals. They don't even have the stomach to take up REAL moralistic/vigilante justice like those similar to wikileaks.
0 Votes
+ -
RE: LulzSec:
deadly_dodo@... 22nd Jun
@razorsyntax there is a fundamental misunderstanding perpetuated by the media. Lulzsec are not going out of their way to do damage, if they had wanted they could have actually attacked Sony, deleted swathes of data and completely taken down their system. They could also have taken that data for financial gain and not told anybody, all be millionaires and pretty much no-one would be the wiser.

It takes integrity and honesty (real character) to wield such skills and not do that kind of damage, and not use it for selfish gain but rather the opposite, actually put yourself directly in harms way to show the world an issue you think matters. If lulzsec didn't do it, someone else would have, or already did, for completely selfish financial gain. They just didn't tell you about it.
0 Votes
+ -
RE: LulzSec:
razorsyntax 22nd Jun
@deadly_dodo@... Wrong is still wrong. They illegally hacked a video game company and released the emails of thousands of users to the public. Let's turn the tables. If Sony had publicly released the email accounts of those people, Sony could be held accountable for the leak. Who holds these hackers accountable? Whether or not they, or someone else, hacked these companies doesn't matter. Who ever did it should be punished. What business is it of these children to bring a company to its knees? If they don't agree with their policies . . . go elsewhere. People cancel the Facebook accounts when they don't like the privacy issues . . . so too can these kids do the same thing. It's not heroic to put yourself in harms way to attack a video game company and then release the private information of thousands of people.

There's more to greed than just money. Financial gain isn't a motivator to childish hackers who want to bring down a company because they don't agree to terms of agreement. There's greed of absolute power as well. History has shown that there are plenty of non-wealthy political leaders who imposed wide spread misery.

And to assume they did this without financial gain is folly. No one knows the extent of their damage. If they're willing to expose innocent people's information to the world . . . what makes you think they wouldn't steal for financial gain?

As they say: Absence of evidence is not evidence of absence.
0 Votes
+ -
RE: LulzSec:
Str0b0 22nd Jun
@deadly_dodo You give them too much credit. Hacking to showcase an issue only cheapens the issue because no one focuses on the issue only on the interruption or breach of a service they use. The days of the Robinhood hackers are over. No more are they the heroic outlaws of the net. That era ended when the internet became a staple utility like electricity. Now more people than ever are affected by the childish cyber tantrums thrown by groups like this. I sincerely hope that any of the US members of this group that get caught get the full brunt of our new "cyber crimes are acts of war" policy. A little time in Gitmo as an enemy combatant might just convince them of the error of their ways. at the very least they would learn that there are very few lulz to be had in their current life.
0 Votes
+ -
RE: LulzSec:
deadly_dodo@... 22nd Jun
TBH Lulzsec are not a problem, if anything corporations and government should team up with Lulzsec, they have proven themselves far more capable of exposing real threats.

Threats like the guys that just hacked an Australian ISP and took down 4800 domains AND deleted all backup data making their clients sites and information completely unrecoverable, probably stealing huge amounts of private data at the same time.

REAL cyber-crime goes on on a massive scale, beyond belief, but hidden in the background. If anything we should be thanking Lulzsec for highlighting the issue and forcing governments and others to do something about it.

Everyone in power that's mad at Lulzsec is mad because of the embarrassment caused to them or because of fundamental misunderstanding of current reality (understandable, most of them are old fuddy-duddies with as much technical prowess as a peach)

Try to remember, the worst cybercrime is the kind you DON'T and potentially never will hear about. Or if you do, you have no-clue who did it (i.e. they don't announce it).
0 Votes
+ -
RE: LulzSec:
DeusXMachina 22nd Jun
@deadly_dodo@...

Oh please, get a clue.
First, Lulzsec are not even real hackers. They are using widely available scripts that anyone can find on the internet to attack sites with bad security. They have no beneficial expertise to provide, just the time on their hands and the motivation to be destructive.
As for "not going out of their way to do damage", that is just plain stupid. They released thousands of innocent people's info out on the net. Where it WAS grabbed by real cyber-criminals. And used. They aided and abetted the crimes subsequently committed. They knew this would happen, and did it KNOWING this would happen, and you still find them innocent? Really?!?
0 Votes
+ -
RE: LulzSec:
CaptOska 22nd Jun
@DeusXMachina
seems to me if LulzSec is using such commonly available tools to get by the security of websites, then "the bad guys" would certainly be able to achieve the same thing. I am sure that "the bad guys" would do a bit more than simply publish the info.
Yes, this does affect us personally
Are YOU happy that the security of the agencies that hold our personal data is so lax? I'm not.
How many commercials for banks and credit cards do you see about how safe and secure your information is?
Now, along comes LulzSec demonstrating it just ain't so.
0 Votes
+ -
RE: LulzSec:
deadly_dodo@... 22nd Jun
@DeusXMachina I'm sorry but I find your perception of reality to be greatly entertaining so I have to perpetuate the conversation. Firstly at what point did I say or suggest that LulzSec were innocent?

Also for an interesting comparison when there was a death penalty in the UK for being a catholic priest (it was considered treason, for which you would be hung, drawn and quartered... a death worse than crucifiction), did that make being a catholic priest wrong or evil?

Oh and did you actually happen to read all that I said? Because I'm pretty sure I was attempting to emphasize the fact that real cyber criminals do far more damage than LulzSec ever will and are the real threat and are the ones that should be concentrated on rather than the world spending humongous amounts of resources attempting to catch hackers that announce themselves and what they've done leaving a much easier mess to clean up.

Just to extrapolate a second, the really dangerous hackers (strictly speaking should be called 'crackers') will either use the information they gather for their own twisted aims, without telling anyone that they've used it or got it (so victims can do nothing about it, i.e. change their information) or they will sell it on to thousands in the criminal underworld.

The information that LulzSec posted became comparatively speaking worthless to the criminal underworld the second they released it as public information. Sure some low-level information scavengers will filter through the scraps to find the one poor sod who didn't change his information but compared to the millions of credit card numbers and parts of our e-identities that are traded every day they are relatively worthless.

To them the LulzSec data is tainted because it is significantly less likely to hold useful data (due to its public nature, either the would be victim was smart and changed his information or another criminal group already abused it for all it was worth)

Bizarrely I think you would find it interesting to read LulzSec's press releases, in them you will find them admitting wholly that they will most likely get caught, they do not believe they are 'above the law' they may think the law is insufficient and flawed (which it is) but they expect to be caught eventually. That sorta brings home a different kind of reality don't you think?

Put yourself in their shoes and think why the flying f**k would I ever deliberately, knowingly put myself in a position where I expect, I know I am going to end up in prison with the entirety of the rest of my life ruined?

In general, it would most likely help you, especially in your personal life, if you stopped de-humanizing humans. Even Hitler was a man, a man which his maid to the day she died professed to be absolutely charming. (quick Google search will confirm this). People of the world, in general, in order cope with life and their incredibly simplified ideas of reality, monstorify and de-humanize anyone that doesn't immediately fit in with their perception (or understanding) of reality.

On that note I've got some news for you, given the right environment, you'd be one of them, or at least you'd try to be... not sure you'd have the skillz ;p
0 Votes
+ -
RE: LulzSec:
DeusXMachina 22nd Jun
@ deadly_dodo
You are a fool. Where did you imply they are innocent? You certainly implied, in fact directly stated they were virtuous.
1) "Lulzsec are not going out of their way to do damage"
(Yes, they are.)

2) "It takes integrity and honesty (real character) to wield such skills and not do that kind of damage, and not use it for selfish gain but rather the opposite...."

Also, "if they had wanted they could have actually attacked Sony, deleted swathes of data and completely taken down their system."

You clearly have no idea how security works. You have NO basis for this statement. Just because they could access the data has NOTHING to do with whether they can take down the system.

Your "analogy" (and I use the term VERY loosely) of the death penalty in the UK is nonsensical. No, it does not make being a catholic priest wrong. But there is no correspondence in your analogy. Being a Roman Catholic (I assume you mean Roman Catholic, because the Church of England IS Catholic, and always has been, and so are its priests) does not inherently cause harm. Releasing that data did.

It is funny that you do not see how you contradict yourself, on the one hand saying that real criminals would have done more damage, and on the other saying that the data that was stolen could not do much damage (a conclusion that is patently false.) You clearly know very little about data mining. With that data, even if the users quickly changed their passwords, I could easily then cain a LARGE number of CC and soc. numbers (good luck changing those).

"On that note I've got some news for you, given the right environment, you'd be one of them, or at least you'd try to be... not sure you'd have the skillz ;p"

And I've got some for you. 1) You are in no position to say what I would or would not do. 2) No one in Lulz was put in any such "position". 3) They do NOT have skillz. They ar script kiddies. They are NOT using original exploits, they are downloading scripts from the web. How do I know this? Unlike you, I know hw they did it. 4) You don't know about my 1337 /sarcasm.

That said, I really didn't need to write any of this to prove you wrong. Godwin already did that.
0 Votes
+ -
RE: LulzSec:
deadly_dodo@... Updated - 23rd Jun
@DeusXMachina lulz! you make me laugh. Go take a look at the data they released. Please go, read it all.

Tell me, how many SOC or CC numbers do you see?

Also minor point here suggesting they weren't going out their way to do harm actually implies that they are doing harm but it is not their reason for doing what they are doing.

You obviously lack a fundamental grasp of logic within language, you are reading with your emotions and not your intelligence.

Try again buddy and give me some more lulz!

Oh yeah also... the priest analogy was regarding 'if it's the law does it make it right/wrong' it could be argued that being a Roman Catholic Priest (apologies for the previous omission of Roman, CoE is usually referred to as Anglican and Roman Catholics as Catholics simply because it's easier and people understand, like you did, hence what I intended was communicated, as I expected it to be so yay me *happy dance!*) was causing harm by perpetuating the religious split and encouraging prejudice between groups of civilians that lead to discontent and violence (which was a genuine issue at the time of Queen Elizabeth I, culminating in the gunpowder plot against her successor James I)

The world isn't as black and white as you think.

Also regarding my Sony comment, please go and actually take a look at the data they published. It would really help you in this. They published admin account details, if they had admin account details it is highly likely they uh... had admin account details. (that point should be self explanatory, but just in-case, these are admin account details to an online portal, not an internal system, admin accounts generally give you the privilege of altering/deleting information and give you further access to information which may well lead deeper down the rabbit whole. Mind you they themselves admit they publish relatively little of the information they garner, just enough to prove that it happened so they may well have been further down. Also given the state of Sony's security, such that, by your own admission, a script kiddy could break in, do you really think the rest of their security will be any better?).

You really should just stop being so ang... wait don't its funny I love it!
0 Votes
+ -
RE: LulzSec:
DeusXMachina Updated - 24th Jun
@ deadly_dodo

"Go take a look at the data they released. Please go, read it all. Tell me, how many SOC or CC numbers do you see?"

And go take a look at my post and show where I said they released soc or CC #s. What I said was that WITH the info they released, simple data mining techniques could be used to GET soc and CC #s.

"Also minor point here suggesting they weren't going out their way to do harm actually implies that they are doing harm but it is not their reason for doing what they are doing."

They did harm. People had accounts hacked. It is documented. They knew it would.

"You obviously lack a fundamental grasp of logic within language, you are reading with your emotions and not your intelligence."

I taught logic, my grasp is just fine. YOU might want to try Hooked on Phonics, all things considered.

"Oh yeah also... the priest analogy was regarding... ."

And it was still a failed analogy.

"... these are admin account details to an online portal, not an internal system, admin accounts generally give you the privilege of altering/deleting information and give you further access to information which may well lead deeper down the rabbit whole.[sic]"

Funny how you understand this point here, and yet are totally obtuse to it above. But as to THIS point, you have NO reason to believe that the actual system files reside on this server. Having admin access to this data server in NO way guarantees you are in a position to do any damage to the system as a whole, and certainly does not guarantee that there is anything deeper down the hole.
0 Votes
+ -
RE: LulzSec:
dimonic 22nd Jun
Children, yes. But "me-generation" children. Born to a lifetime of entitlement and ease, given powerful tools, but no sense of morality.

It is my theory that there are those who try to do the right thing regardless of the rules (and sometimes break the rules by doing the right thing), and there are those who just do what they want as long as the consequences don't appear too dire. Lulz certainly falls into the latter category, while Assange is more in the former.
0 Votes
+ -
Hmm... Dem snitchers must have touched LulzSec's 'Precious'....
egads@... 22nd Jun
Suppose now that there were two such magic rings, and then just put on one of them and then unjust the other; no man can be imagined to be of such an iron nature that he would stand fast in justice. No man would keep his hands off what was not his own when he could safely take what he liked out of the market, or go into houses and lie with any one at his pleasure, or kill or release from prison whom he would, and in all respects be like a god among men.

Then the actions of the just would be as the actions of the unjust; they would both come at last to the same point. And this we may truly affirm to be a great proof that a man is just, not willingly or because he thinks that justice is any good to him individually, but of necessity, for wherever any one thinks that he can safely be unjust, there he is unjust.

For all men believe in their hearts that injustice is far more profitable to the individual than justice, and he who argues as I have been supposing, will say that they are right. If you could imagine any one obtaining this power of becoming invisible, and never doing any wrong or touching what was another's, he would be thought by the lookers-on to be a most wretched idiot, although they would praise him to one another's faces, and keep up appearances with one another from a fear that they too might suffer injustice.

? Plato's Republic, 360b-d (Jowett trans.)
0 Votes
+ -
RE: LulzSec:
CaptOska 22nd Jun
@egads@...
considering how expensive writing medium was 2000-3000 years ago, it's a wonder why plato wasn't more succinct.
0 Votes
+ -
RE: LulzSec:
COGlory 22nd Jun
Their parents should just ground them.

:P
0 Votes
+ -
RE: LulzSec:
afedwin@... 22nd Jun
These guys are kind of interesting. Puerile, maybe, but interesting nonetheless.
0 Votes
+ -
RE: LulzSec:
katrillionaire@... 22nd Jun
Nearly all men can stand adversity, but if you want to test a man's character, give him power.
0 Votes
+ -
Actually, the "snitches get stitches" thing is...
rmazzeo 22nd Jun
...kinda ghetto, don't you think? I mean, we get on those in the 'hood for not snitching, so I guess these guys are no better than the minority slum thugs...way to go...it just proves that they are ALL lowlife sleazebags...hackers & those in the 'hood...
0 Votes
+ -
RE: LulzSec:
dch48 22nd Jun
These guys all need to be put in 5X8 cells with no access to anything that runs on electricity, and kept there for a very long time. Now they're ratting each other out. What's that old saying? No honor amongst thieves--yeah that's it.
0 Votes
+ -
RE: LulzSec:
phatkat 22nd Jun
Honor amongst thieves.
0 Votes
+ -
RE: LulzSec:
Otis Driftwood Updated - 23rd Jun
@phatkat
There is no honor amongst those who take by stealth that which others own. Evil is as evil does, and evil's seeds were sown in the rotten crotch of a slime dripping slut whose mouth smelled worse than her butt. The father of this evil child is not known, for two dollars the seed was sown in corrupted flesh with sores and boils and puss that passed for passions oils. The odor of her has seeped into the walls wherein she'd sleeped, and lay with lowborn toothless sons of some b*t*h, who carried buckets of dung from the homes of the rich, and emptied the crap into the stream that fed the cisterns of the cream of society who had crappers indoors, and began to have weeping sores, and then a rat brought black death too, and that's what a little evil can do.
Honor among thieves you say? Not in the past, and not today.
They'd gladly cut their childrens throats just to win a few more votes. Yeah, those thieves. Hemp rope and stout tree limbs a cure for those who believes we didn't notice that they were thieves. Insta poem, you inspired with but three words. How to fix politics? Maybe we could get Ivan to nuke DC while Congress is in session? G'bye.
0 Votes
+ -
RE: LulzSec:
Otis Driftwood 23rd Jun
White hats are still around. Fighting with PayPunk and China on a sat link that's cold dead and out of band. Yeah, there is a lot of money out there in accounts that are alphanumeric with knit one P2 and can you type in simplified Japanese and Hebrew? Well the owners are stiffs in the ground or the table, pump em out, fill em up and into the icebox like a case of black label. Started building and writing in 68. Never mistake talent for script kiddies.
75 words or 75 lines? Non-verbose mode? I don't got it.
0 Votes
+ -
RE: LulzSec:
tom@... 23rd Jun
A bunch of children with probably one or two adult-aged children leading them.
0 Votes
+ -
Very irresponsible of you!!!
pjher 23rd Jun
To post Cleary's address, telephone no., etc.!
HE'S INNOCENT UNTIL PROVEN GUILTY. Remember that and what you've done!
0 Votes
+ -
RE: LulzSec:
FAULKNE 13th Oct
Good day to confirm this comment I would appreciate T h e b e s t o f Z D N e t d e l i v e r e d your website very nice to everyone Yes, Oracle is the only one with shared-disk architecture, but that is there advantage. It means you can add or remove nodes and the database lives on. In a shared nothing architecture, if you lose a node, you lose the system. I'm sure Oracle appreciates EMC highlighting their advantage.I also desire to signal in your RSS feeds. Thank you as soon as once again and maintain up the great operate Awesome post! Thank you very much || thanks for nice content this is really benefit to me.
0 Votes
+ -
best food for all
juvysan1234 14th Oct
free printable rental lease agreement |
best food for all |
cheap hotels near disneyland |
0 Votes
+ -
ako pinoy
Tythanya 14th Oct
WATCH AMAZING FUNNY,DRAMA,ADVENTURE,HORROR,PINOY MOVIES 2011

Watch Praybeyt Benjamin

Watch Aswang

Watch Budoy
SITES'S YOU MAY ALSO LIKE

Watch Praybeyt Benjamin

asian men hairstyle

cars for Sale

dragon ball z

Influenza
0 Votes
+ -
RE: LulzSec:
BerthaCounsellor 16th Dec
I agree with razorsyntax & Str0b0, there is simply no excuse for Hackers!
couple counsellor

Join the conversation!

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix
Click Here
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix
ie8 fix