It's been a hell of a week for hacking. While the attacks on Citigroup and the International Monetary Fund were high-profile and perhaps more significant than the mischevious rampage of the shadowy Lulz Security, LulzSec is the outfit garnering fascination online because of its thumb-to-nose publicity stunts. On Tuesday, the group opened a telephone hotline to take requests for hacking targets, and attacked gaming sites, security firms, and a magazine. Yesterday, apparently in response to Twitter taunts from rival hacker Quadrapodacone, LulzSec took down the Web site for the Central Intelligence Agency.
Today they've got a new stunt, which we shall refrain from calling their biggest, silliest, weirdest, most ambitious yet because tomorrow they will probably top it: The group has released a file containing 62,000 apparently random email addresses and passwords--logins, apparently, for a host of web sites. It's left the task of exploring the new cache of information to its Twitter followers, who are taking the challenge to heart. Here's what some of them are doing with the new data.
@LulzSec What the fuck. Got an e-mail that's got plenty of conversations with 14-15 year old girls naked..
@LulzSec got 3 e-mails with active dating site profiles. changed all pictures to dicks.
@LulzSec Mail account with tax exempts (SS# and all) on an entire family.
@LulzSec already got 2 facebooks. *thumbs up*
The source of the data is still a mystery, but Myko H. Hypponen, CRO for the Finnish security firm F-Secure, posits that at least one is the user database for the Web site Writerspace.com, where authors and fans hobnob in chat rooms and swap resources. He doesn't have proof, but the reasoning is straightforward: "Why writerspace.com? Well, the most common passwords include these: mystery, bookworm, reader, romance, library, booklover and..writerspace." Seems as good a guess as any.