The hacking collective Lulz Security continued its campaign of mischief yesterday with eight hacks into gaming sites, an online magazine, and an IT security company. At this point, the group's attacks on seemingly random Web targets are getting fairly commonplace, and yesterday's hacks, while disruptive, didn't result in data breaches or other serious consequences (except a lot of annoyed gamers). What's unique about the so-called Titanic Takeover Tuesday is that the targets allegedly came from requests to a phone line. The group tweeted yesterday, "Call into 614-LULZSEC and pick a target and we'll obliterate it. Nobody wants to mess with The Lulz Cannon - take aim for us, twitter. #FIRE." Meanwhile, online vigilantes identified a man they say is responsible for the attacks.
Callers to (614) 585-9732 got one of two messages in a faked French accent. The shorter, apparently more common missive said, "Bonjour this is Pierre Dubois, leave me a message after the beep and I will get back to you." We heard that on three of four calls. But once we heard a different fake-French voice saying, "Bonjour, you have reached the voicemail box of Pierre Dubois and Francoise Deluxe. We are not available right now because we are busy raping your internets. Leave a message and we will get back to you whenever we feel like it."
The attacks, predictably, enraged gamers, who took to message boards including the anarchic (and NSFW) 4Chan /b/ board to furiously discuss how to track and stop the folks behind LulzSec. It was on 4Chan where a post appeared claiming to have the identity of the LulzSec ringleader as one William P. Davis, the Web editor of the Bangor Daily News, in Maine. The post got picked up on several message boards, including that for the game EVE Online, which LulzSec targeted. We called the alleged ringleader to ask him about his day, now that he's been "outed."
"First of all, to start out, I have no involvement in LulzSec, I know nothing about the organization. I know nobody in the organization. And to be honest, LulzSec is way above anything I could do. I’m not a hacker, I’m a PHP developer," Davis told us. He said he had no solid proof as to why he might have been targeted by what he described as a "troll" on 4Chan, but he has a theory.
"I’m not entirely sure how I got dragged into this or who I pissed off, but from what they were saying on the messageboards … I run a site called Freze.it. And that site played a role in documenting LulzSec’s first really public hack, the PBS hack. What the site does is it will take a Web site and archive it... This was used on the night of the PBS hack by a few people to document the hack that was going on. They saved the article about Tupac, and a couple of the defacements that went up." PBS, naturally, fixed the site as soon as it could, so Freze.it became a valuable resource for those who wanted to preserve an image of the hacked site. "On 4Chan, somebody said the Freze.it site and my personal site shared HTML and CSS elements with LulzSec.com. But as near as I can tell, the only thing that’s similar is that both sites start with the HTML tag."
Davis said LulzSec itself hasn't targeted him or taken much notice of him, except to tweet, "Who the hell is William P. Davis?" Overall, in fact, other than an uptick in Twitter followers and a bunch of calls, he hasn't seen any attack on his sites or that of the Daily News. "4Chan hasn’t done much. Most of the calls I’ve gotten are people informing me that my information is posted on 4Chan.... I’m more interested in who, exactly, I seem to have annoyed here. As online editor of the Bangor Daily News, I annoy a lot of people on a daily basis,but I don’t think any of them would do this."