Arrest Payback: Panda Hacked

Thursday, March 8, 2012 @ 03:03 PM gHale

In a payback hack, attackers claiming to belong to Anonymous defaced Panda Security’s PandaLabs website Wednesday as a response to the arrests of five hackers Tuesday in Europe and the U.S.

In a characteristically defiant message posted on PandaLabs’ hacked homepage, Anonymous taunted the former LulzSec leader Sabu for helping the FBI nab the hackers, and vowed to carry on its hactivist campaign regardless of the setback.

RELATED STORIES
FBI Flips Hacker; Busts 6 More
Guilty: Russian Admits Cyber Fraud
Nabbed: Cops Catch Serial Hacker
Hack Attack: Student Pleads Guilty

“We are Antisec we’ll fight till the end,” the message noted. “To FBI and other s…. come at us bros we are waiting for you,” it noted. The message was preceded by a seven-minute video clip set to the tune of “Santa Claus is Coming to Town” that appeared to recap Anonymous’ activities over the past year.

The attackers also posted what seemed to be the login credentials of numerous Panda Labs employees on the defaced homepage. They noted the attack on the security firm’s site was in retaliation for Panda’s role in helping law enforcement crack down on members of the hacking collective.

“They helped to jail 25 anonymous in different countries and they were actively participating in our IRC channels trying to dox many others,” the attackers said in a reference to a series of arrests of Anonymous members last year. “Yep we know about you. How does it feels being the spied one?” the message asked.

A Panda Security spokeswoman said the hackers had obtained access to a Panda Security webserver hosted outside of Panda’s internal network. The company used the server for marketing campaigns and to host company blogs, it said. “Neither the main website www.pandasecurity.com nor www.cloudantivirus.com were affected in the attack,” the company said.

“The attack did not breach Panda Security’s internal network and neither source code, update servers nor customer data was accessed. The only information accessed was related to marketing campaigns such as landing pages and some obsolete credentials, including supposed credentials for employees that have not been working at Panda for over five years,” the company said.

Prior to the attack, PandaLabs technical director Luis Corrons had posted a blog titled “Where is the Lulz Now” praising Tuesday’s arrests.

The attack on Panda Labs comes less than 24 hours after the U.S. Attorney’s office for the Southern District of New York said it had arrested five prominent members of Anonymous and a splinter group LulzSec in raids in the U.K. and in Chicago. Among those arrested was one person investigators say is responsible for the Christmas Day hacks against security intelligence firm Strategic Forecasting (Stratfor).

Each of those arrested face computer hacking charges and faces a maximum of 20 to 30 years in prison if convicted.

The arrests came with the help of Hector Monsegur, a New York native who was the leader of LulzSec before his arrest last year. Monsegur, who also used the handle “Sabu,” pleaded guilty in August to 12 hacking charges and faces up to 124 years in prison. After his arrest, Sabu agreed to help the FBI go after other members of LulzSec and Anonymous in the hopes of receiving a reduced sentence.

The attackers of Panda’s website this morning chided Monsegur for being a snitch. “Traison (sic) is something we don’t forgive,” the message noted. “Yeah Yeah we know…Sabu snitched on us. As usually happens FBI menaced him to take his sons away we understood.”

The attackers noted the arrests might well mean the end of LulzSec, but not of Anonymous. “Anonymous existed before LulzSec and will continue existing,” the message read.