A group of Anonymous hackers associated with AntiSec defaced the Spanish security firm PandaLabs security website last night.
The attack was meant to show the hacktivist collective is not deterred or demoralized following the arrests of some of its participants, the most notorious being Hector Xavier Monsegur aka “Sabu.”
The defacement of the site was like all previous AntiSec defacements; hackers blackened out the site, used red text, and embedded a video at the top. The video they chose: one titled “Anonymous’ LulzXmas” which Anons said they were including “for nostalgia.” (Anonymous aficionados might remember the video from last year, when Anonymous members began their series of high profile hacks called “LulzXmas,” the most infamous target being security think tank Stratfor.)
Anonymous also directly addressed the former member, Sabu, who has been working as an informant for the FBI since August.
“#ANTISEC IS BACK ONCE AGAIN KNOCKING SNITCHES DOORS CAUSE TRAISON IS SOMETHING WE DONT FORGIVE,” wrote Anonymous in all caps. Their message continued in a rant-like poem.
SABU SNITCHED ON US
AS USUALLY HAPPENS FBI MENACED HIM TO TAKE HIS SONS AWAY
WE UNDERSTAND, BUT WE WERE YOUR FAMILY TOO (REMEMBER WHAT YOU LIKED TO SAY?)”
The defacement went on to offer love to all their fallen comrades, including everyone from arrested Anonymous to Arab Spring participants.
Luis Corrons, PandaLabs technical director, had written a blog post suggesting the hackers got what was coming to them, writing "Where is the lulz now?"
PandaLabs, the defacement said, was chosen for the attack because they helped law enforcement arrest members of Anonymous in 25 countries. The message on the defaced page called those arrested members “activists, not even hackers.”
Anonymous also charged PandaLabs with actively lurking in their Internet Relay Chat (IRC) channels, Anonymous’ communication method.
Given that this is Anonymous, the hackers also made fun of PandaLab’s employees and PandaLab’s antivirus program, which they claimed to have compromised.
"The attack did not breach Panda Security's internal network and neither source code, update servers nor customer data was accessed. The only information accessed was related to marketing campaigns such as landing pages and some obsolete credentials, including supposed credentials for employees that have not been working at Panda for over five years.”
That wasn’t reassuring to some.
“Well, after this me and my company's computers are quitting Panda Security as a security provider,” wrote Rosefildo Fosforêncio on Facebook. “Adios.”
At press time the PandaLabs site was unable to load, but a copy of the defacement text was placed on the text-sharing site Pastebin.
Photo by Anonymous9000