Slashdot Mirror

← Back to Stories (view on slashdot.org)

Anonymous Defaces Panda Security Site

Posted by Unknown on from the it's-anonymous-cowards-all-the-way-down dept.

An anonymous reader writes "Surviving members of anonymous and/or lulzsec have hacked Panda Security's systems and defaced their site. Looks like revenge is coming back." El Reg has screenshots of the defacement. Panda Security says the intruders only managed to exploit the web server and did not compromise their internal networks.

80 comments

  1. Remove one head..... by Moheeheeko · · Score: 2, Insightful

    ....two more shall take its place.

    1. Re:Remove one head..... by bigpaperbag · · Score: 5, Insightful

      And those two shall continue in pointless vandalism that no one beyond their twitter followers and the people cleaning up after them care about.

    2. Re:Remove one head..... by Anonymous Coward · · Score: 5, Interesting

      Quite relevant.

    3. Re:Remove one head..... by The+Mister+Purple · · Score: 1

      Indeed!

      --
      "For a successful technology, reality must take precedence over public relations, for nature cannot be fooled." Feynman
    4. Re:Remove one head..... by Anonymous Coward · · Score: 0

      The FBI turned sabu and used him for almost a year to collect info on the others.

      They would not have rounded him and other lulzsec members up if they didn't already have another mole.

      Whoever hacked panda is probably that mole and the FBI is using them to attract anyone left that feels like hacking.

    5. Re:Remove one head..... by Anonymous Coward · · Score: 1

      The moral of the story is that anonymous should stay anonymous, even amongst themselves. There is no reason why they can't and no reason why they should assume each of their peers are trustworthy.

    6. Re:Remove one head..... by Anonymous Coward · · Score: 0

      The moral of the story is that anonymous should stay anonymous, even amongst themselves. There is no reason why they can't and no reason why they should assume each of their peers are trustworthy.

      "They"?

    7. Re:Remove one head..... by causality · · Score: 1, Insightful

      And those two shall continue in pointless vandalism that no one beyond their twitter followers and the people cleaning up after them care about.

      You're excluding a significant group: those who appreciate irony. I mean, it's a security company. You'd expect them to know how to secure a Web server (or to choose a quality hosting service if they don't run it themselves).

      You don't find that amusing?

      --
      It is a miracle that curiosity survives formal education. - Einstein
    8. Re:Remove one head..... by Anonymous Coward · · Score: 0, Troll

      The FBI had Sabu, but they only had Sabu because he was being too much of a moralfag and caught the ire of other Anon's who dox'd him (before he was a mole, before he was arrested, before he was even being monitored), they were only able to dox him because GoDaddy slipped up and put his real name on a domain's public whois instead of his proxy service. He had said he owned that domain in IRC, and because of this they were able to link up the connections. When the anti-moralfags went around doxing everybody well before this all went really public (even though they had a lot of false positives) they generated leads for the feds. And at least one of those leads panned out.

      Even though Sabu was already suspected of being in cahoots with the feds by others, he was still able to gain trust in his own circle. Mostly because those accusations fly around loosely in groups like those anyways.

      Morals of the story:
      Anon will eat each other if given the chance. Every. Single. Fucking. Time. For the lulz.
      The feds are always in it in the long tail, they may not be skilled, but they: 1) Pay attention. 2) Are patient. 3) Can do an IRL Show of Force anywhere in the US for any reason.
      You might be able to control your fuckups, the fuckups of everybody else, however, can still lead to your downfall.
      Anon should stay Anon. When you start taking credit for things because you want rep, you'll get rep, and if its big enough, most likely it'll leak into IRL, for better or worse.

      Do it for the shit head activists or do it for the lulz, just don't do it for the rep.
      Known unknowns are still in it for their own rep.
      Be an unknown unknown.

    9. Re:Remove one head..... by sexconker · · Score: 1

      The moral of the story is that anonymous should stay anonymous, even amongst themselves. There is no reason why they can't and no reason why they should assume each of their peers are trustworthy.

      Anonymous != LulzSec.
      LulzSec != Anonymous.

    10. Re:Remove one head..... by ackthpt · · Score: 2

      ....two more shall take its place.

      Eventually intelligent people realize there's something better to do than watch your leet skillz atrophy in prison and find something more constructive to do.

      --

      A feeling of having made the same mistake before: Deja Foobar
    11. Re:Remove one head..... by afabbro · · Score: 1

      Anonymous != LulzSec. LulzSec != Anonymous.

      Oh, whatever...anonymous runs around saying it's anonymous and you can't define anonymous and anonymous is an "anarchic, digitalized global brain". So for all you know, there is a lot of overlap or even 100% overlap. You don't really know.

      --
      Advice: on VPS providers
    12. Re:Remove one head..... by GameboyRMH · · Score: 1

      Yeah I lol'd at "surviving members of Anonymous" XD

      --
      "When information is power, privacy is freedom" - Jah-Wren Ryel
    13. Re:Remove one head..... by GmExtremacy · · Score: 1

      I was surprised to hear that any were still alive after the massacre...

    14. Re:Remove one head..... by future+assassin · · Score: 1

      >And those two shall continue in pointless vandalism that no one beyond their twitter followers and the people cleaning up after them care about.

      When the man in charge no longer fears its citizens, vandalising the man is the next best thing before taking up arms.

      --
      by TheSpoom (715771) Uncaring Linux user here. I have nothing to add to this but please continue. *munches popcorn*
    15. Re:Remove one head..... by Oligonicella · · Score: 1

      Assertion != Fact

    16. Re:Remove one head..... by idontgno · · Score: 1

      "Irony" is defined as "poignantly contrary to expectation". If you find the hacking of any "compusec" company ironic, the problem is in your unrealistic expectations.

      --
      Welcome to the Panopticon. Used to be a prison, now it's your home.
    17. Re:Remove one head..... by AtomicAdam · · Score: 1

      http://theoatmeal.com/comics/irony You should probably read this comic about Irony before you start to tell others about Irony

    18. Re:Remove one head..... by X0563511 · · Score: 1

      Yes and no. I see it this way:

      They did the risk analysis and determined that putting all kinds of effort into making their external webserver was not worth it. This gives them more resources to secure what actually matters, the internal stuff.

      --
      For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
    19. Re:Remove one head..... by X0563511 · · Score: 1

      Yes. It's an interesting word that is used when referring to a group of mixed/known gender people in third person.

      --
      For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
    20. Re:Remove one head..... by V.+P.+Winterbuttocks · · Score: 1

      Pray, tell what are some interesting words that are used when referring to a group of single/known gender people in the third person? Like, the word that you'd use to refer to a group of only men, or to a group of only women?

      --
      I'm the real Vorokrytin P. Winterbuttocks.
    21. Re:Remove one head..... by Anonymous Coward · · Score: 0

      You mean have their leet skillz starve half to death as they work 60 hours a week to baaaaaarely make ends meet, while at the same time watching the microscopic handfull of people at the top of the food chain making more money in 15 minutes than you make in a year, and knowing full well that these people pay less taxes than you?

      Yep, far better, that option.

    22. Re:Remove one head..... by Anonymous Coward · · Score: 0

      Unless your purpose here is irony (sarcasm), you don't get it. And if it was, then this is higher-order sarcasm, which really isn't all that amusing after middle school.

    23. Re:Remove one head..... by X0563511 · · Score: 1

      referring to a group of single/known gender people in the third person?

      He/him/his/etc
      She,her,hers/etc

      to refer to a group of only men, or to a group of only women?

      It's actually not just one word that is used:
      Those men
      Those women

      --
      For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
    24. Re:Remove one head..... by causality · · Score: 1

      "Irony" is defined as "poignantly contrary to expectation". If you find the hacking of any "compusec" company ironic, the problem is in your unrealistic expectations.

      If you must have a dictionary definition, perhaps you would read this link and see Number Five.

      And yeah, I expect a "security company" to have a basic level of security. They accomplish at least that much, or they fail in a way I find comical. This one failed. It is possible for others to be more successful. This is determined solely by a given company's performance. "Unrealistic?" Only if you assumed I was shocked or surprised that some company somewhere failed at something. But you see, I never said that; I indicated amusement, not shock, making this false assumption of yours your very own realism FAIL.

      That shouldn't be hard to understand, so what's the problem? That I got a laugh out of it? That perhaps you didn't? I hope you're just trolling, or maybe having a bad day, and aren't actually this much of a bitch.

      --
      It is a miracle that curiosity survives formal education. - Einstein
    25. Re:Remove one head..... by causality · · Score: 1

      Yes and no. I see it this way:

      They did the risk analysis and determined that putting all kinds of effort into making their external webserver was not worth it. This gives them more resources to secure what actually matters, the internal stuff.

      In terms of cold logic, devoid of any notion of PR or politics or marketing, I agree with you. Unfortunately a business environment includes those things as well.

      The problem is that a company wanting to convince potential clients of its security expertise really wouldn't want this kind of PR. Allowing this to happen is a bad move. It would be reasonable for potential customers to ask, "if they couldn't secure their own server that they have or should have had full control over, how are they possibly going to secure *my* equipment?"

      --
      It is a miracle that curiosity survives formal education. - Einstein
    26. Re:Remove one head..... by V.+P.+Winterbuttocks · · Score: 1

      I suppose you're correct, "those men" or "those women" could take the place of the general word "they". However, you could just as easily still use "they".

      --
      I'm the real Vorokrytin P. Winterbuttocks.
    27. Re:Remove one head..... by operagost · · Score: 1

      If these amateurs keep getting butthurt and attacking people just for calling them "childish", they won't last long.

      --

      Gamingmuseum.com: Give your 3D accelerator a rest.
    28. Re:Remove one head..... by Khyber · · Score: 2, Informative

      ""Irony" is defined as "poignantly contrary to expectation""

      A security company lacks security to secure their own shit.

      That is the VERY definition of irony, you ill-educated nitwit. Go back to school.

      --
      Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
    29. Re:Remove one head..... by rtb61 · · Score: 1

      Now would that be the Fucking, Bloody, Idiots crew or Homeland Insecurity, or some foreign government agency. These days it's getting really hard to tell who is doing what under the title of 'Anonymous'. Don't forget those Fucking, Bloody, Idiots involved in the Lulsec debacle also want to remain 'Anonymous'.

      I would hope that you comment does not refer to the disturbing trend amongst the right of US politics of the desirability of homosexual rape in prisons, seriously you are aware of how truly sick that concept truly is. Not being American perhaps you can explain to me why you believe there is a benefit in promoting homosexual rape in US prisons.

      --
      Chaos - everything, everywhere, everywhen
    30. Re:Remove one head..... by Em+Adespoton · · Score: 1

      You mean have their leet skillz starve half to death as they work 60 hours a week to baaaaaarely make ends meet...?

      No, I think he means they'll realize that they can make more money writing Fake Antivirus malware for russian gangs and skimming profits off the rounding errors of electronic funds transfers -- and that they're less likely to get caught doing it.

      Really... the thing about activism of any sort is that getting caught is part of the deal. It's civil disobedience, not criminal intent to harm -- but it happens to be actions that DO harm more than the perpetrators realize, and has thus been deemed a criminal offence in many places.

      When enough "upstanding citizens" end up in jail that the system can't support the people in power, then things may change based on this kind of disobedience. Until then, other means will be much more useful while also being more constructive to society.

    31. Re:Remove one head..... by Anonymous Coward · · Score: 0

      As a matter of fact, irony is supposed to be on purpose. So not really...

    32. Re:Remove one head..... by Anonymous Coward · · Score: 0

      he was being too much of a moralfag

      `Moralfag' is the definition of anyone who calls themself `Anonymous' outside of the imageboards. I'm glad to see all this malignant cancer being arrested. They do nothing but shitpost (not the fun kind) and facebook. These whyweprotest faggots have it coming for taking it offline. Anon VS. the GNAA is great and lulzy, but Anon VS. KFC is only funny when it becomes Anon v. KFC.

  2. Fir...HA HA COMMENT DEFACED by egamma · · Score: 1

    But seriously, accounts for users gone 5 years? It seems the security team needs to talk to the marketing team about keeping their external server cleaned up.

    --
    Battlemaster--Game with friends in medival realms
    1. Re:Fir...HA HA COMMENT DEFACED by psergiu · · Score: 1

      The Panda Security site now serves malware - it asks me to install an antivirus. And i'm on a mac. Same message when accesed from Linux.

      --
      1% APY, No fees, Online Bank https://captl1.co/2uIErYq Don't let your $$$ sit in a no-interest acct.
    2. Re:Fir...HA HA COMMENT DEFACED by icebraining · · Score: 1

      Well, there are antivirus programs for Linux; they're useful if you're scanning a Windows partition or running an email server.

      --
      Dilbert RSS feed
  3. Oblig by g0bshiTe · · Score: 2

    Don't be a sad Panda!

    --
    I am Bennett Haselton! I am Bennett Haselton!
  4. Script kiddies revenge by denis-The-menace · · Score: 0

    Being that Anon is a *loose* organization, I hope this is just a whiny branch of Anon and not something that most of Anon approves of.

    Defacing for defacing sake is childish.

    Losses on both sides should be expected.

    --
    Obama's legacy: (N)othing (S)ecure (A)nywhere and (T)error (S)imulation (A)dministration
    1. Re:Script kiddies revenge by MightyMartian · · Score: 1

      Judean People's Front, bloody splitters!

      --
      The world's burning. Moped Jesus spotted on I50. Details at 11.
    2. Re:Script kiddies revenge by Anonymous Coward · · Score: 0

      Being that Anon is a *loose* organization

      So, are you saying they are sluts?

    3. Re:Script kiddies revenge by Like2Byte · · Score: 1

      Judean People's Front, bloody splitters!

      I thought they were the "Peoples' Judean Front."

    4. Re:Script kiddies revenge by afabbro · · Score: 2

      Defacing for defacing sake is childish.

      Defacing for defacing sake is the Anonymous motto.

      --
      Advice: on VPS providers
    5. Re:Script kiddies revenge by Medievalist · · Score: 1

      Judean People's Front, bloody splitters!

      I thought they were the "Peoples' Judean Front."

      No, that's us. They're the Judean Popular Peoples' Front.

      Bloody splitters.

    6. Re:Script kiddies revenge by Ziekheid · · Score: 1

      I'm suprised people still don't realize what the true Anonymous collective is. Doing it for the lulz, it has nothing to do with politics. Splinter cells that spawned off the original Anonymous may have an agenda but the original Anonymous did (and does) not.

  5. umm why? by G00F · · Score: 4, Insightful

    So why hack panda?

    If it really was anonymous, who's a loose group of hackers trying to change/make things better, what was their goal?

    --
    The spirit of resistance to government is so valuable on certain occasions that I wish it to be always kept alive
    1. Re:umm why? by Kenja · · Score: 4, Insightful

      Because they could and no one had paid attention to them (Anonymous) in a while.

      --

      "Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
    2. Re:umm why? by Anonymous Coward · · Score: 0

      If it really was anonymous, who's a loose group of hackers trying to change/make things better, what was their goal?

      The Lulz.

      Anonymous has no interest in making things better. Anonymous has no interests. Certain collectives among Anonymous members may have goals and interests, but Anonymous exists solely to exist, and as often as their existence is a positive effort in the world, equally often will their existence be a negative, if lulzy influence.

    3. Re:umm why? by Anonymous Coward · · Score: 3, Informative

      Well... according to the SECOND PARAGRAPH of the article (which you can get to if you click the hyperlink cleverly disguised as a hyperlink) Panda Security helped the FBI infiltrate chatrooms and messageboards.

    4. Re:umm why? by Hentes · · Score: 1

      I think they did it for the lulz.

    5. Re:umm why? by ThatsNotPudding · · Score: 1

      If it really was anonymous, who's a loose group of hackers trying to change/make things better, what was their goal?

      Mainly - if AnonymousRC is to be beleved - Panda's head was talking shit about their helping the FBI and all the arrests, thus the karma blowback.

      Putting politics (if their actions and the overkill reactions can be termed politics) aside, should anyone be using the antivirus products of a company that got pwned hard by hackers? At least they announced it, but it makes you wonder how many black hats have already picked Panda's cheeseball locks.

    6. Re:umm why? by Inda · · Score: 1

      Wasn't me. I didn't do it. Try Anonymous.

      --
      This post contains benzene, nitrosamines, formaldehyde and hydrogen cyanide.
  6. Download their DDoS tool and be punk'd! by Anonymous Coward · · Score: 0

    Anonymous FTW!!!onehundredeleven!!!!

  7. After all... they must die: by jkiller · · Score: 1

    What shall be done about these Chinese bears? http://www.youtube.com/watch?v=ANg7iPu9DAg&noredirect=1"

  8. ...huh? by JustAnotherIdiot · · Score: 1

    Surviving members of anonymous and/or lulzsec

    You make it sound like there's only a handful of them, are you new to the internet or something?

    --
    What do I know, I'm just an idiot, right?
    1. Re:...huh? by afabbro · · Score: 1

      You make it sound like there's only a handful of them,

      People who want to feel alternative and underground and rebellious and cool by wearing Guy Fawkes masks? There's a ton.

      People who also break into computer systems and deface web sites? A handful.

      --
      Advice: on VPS providers
    2. Re:...huh? by GameboyRMH · · Score: 1

      Yeah they're like Highlanders, keep taking 'em out and eventually there will only be one! :-P

      --
      "When information is power, privacy is freedom" - Jah-Wren Ryel
    3. Re:...huh? by X0563511 · · Score: 1

      People who also break into computer systems and deface web sites? A handful.

      Unfortunately not.

      --
      For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
  9. You ignore the threat of impunity by Anonymous Coward · · Score: 2, Funny

    What's done is not important. That it's done with impunity is.

    One day someone will decide to kill someone "for the lulz",

    and it will be hilarious.

    1. Re:You ignore the threat of impunity by Anonymous Coward · · Score: 1

      I believe that has happened many, many times in the course of human history. It just didn't have a lame catchphrase to go with it back then.

      Well, there IS "thrill kill". I guess that counts, though it's not nearly as lame as "for the lulz".

  10. "Surviving"? by elrous0 · · Score: 2, Interesting

    What, were they hit by a tornado? The FBI, got warrants on 5 people--one of whom was a traitor, and several others in countries where they haven't even been arrested yet. I'm pretty sure Anon is big enough to not be devastated by the loss of one Benedict Arnold and four foot soldiers.

    --
    SJW: Someone who has run out of real oppression, and has to fake it.
    1. Re:"Surviving"? by Anonymous Coward · · Score: 0

      You don't understand.

      Anonymous or lulzec is a few brilliant guys surrounded by 100s of retards that can't do anything much beyond searching out public information and lending their box to run DDoS programs.

      They arrested these top guys. And now, all that they have done to Panda is defaced a website through known security holes. Probably guessing a default password and username to upload a new index.html file. Hardly anything like a HBGary hack.

    2. Re:"Surviving"? by GameboyRMH · · Score: 1

      I bet their membership fluctuates by more than 5 people per second during a popular operation.

      --
      "When information is power, privacy is freedom" - Jah-Wren Ryel
    3. Re:"Surviving"? by GmExtremacy · · Score: 1

      There are no "brilliant" guys. Otherwise, I doubt they'd be getting caught so easily.

    4. Re:"Surviving"? by Anonymous Coward · · Score: 0

      And now, all that they have done to Panda is defaced a website through known security holes

      Apparently, Panda wasn't aware of the security holes - and they are a known security company. Surely you must realize the damage caused here isn't the defacement of Panda's website...it's Panda's reputation which has taken a hit.

    5. Re:"Surviving"? by Paracelcus · · Score: 1

      This is NOTHING but one more propaganda piece, exploiting the ignorance of the average American for their own election year ends!

      --
      I killed da wabbit -Elmer Fudd
    6. Re:"Surviving"? by Em+Adespoton · · Score: 1

      There are different kinds of brilliant. Someone can be able to factor primes in their head but be clueless about social interaction. Most people would call them brilliant.

      Likewise, someone may understand system security systems, or understand how to manipulate masses of bored people into doing their will, and this doesn't mean that they have the skills to evade those hunting them down.

      The people who are brilliant in that manner never get caught, so you never hear about them. They also tend to operate low-key, so their exploits likely aren't even noticed by others most of the time. These are the people that have somehow suppressed (or been born without) the natural instinct to share their accomplishments with others in their social sphere.

    7. Re:"Surviving"? by GmExtremacy · · Score: 1

      Indeed. The problem seems to be needless gloating and carelessness.

  11. Panda Security... by Anonymous Coward · · Score: 1

    They're the scientologist version of anti-virus, aren't they?

    1. Re:Panda Security... by Em+Adespoton · · Score: 2

      You've been down-modded, but I believe you are to some degree correct... the last I heard, the Church of Scientology owned a major stake in the company. The company is, however, a legit security company, and has employees/investors who do not belong to the CoS. So the observation is likely not all that pertinent to the discussion.

      Considering the historical Anonymous attacks on CoS though, there could be some sort of a tie-in.

  12. Required xkcd by Petron · · Score: 1, Interesting

    http://xkcd.com/932/

    "Anonymous /LulSec drew funny mustaches on a poster put up by Panda Security!!!!"

    --
    if (it != oneThing) it = another;
  13. YA by Anonymous Coward · · Score: 0

    AND think that was done 9 months ago
    ROFL////

  14. Owch by Crasoose · · Score: 3, Insightful

    I would hate to be a member of a company who is supposed to focused on security and got hacked by script kiddies. I would say it isn't good for business but the majority of their customers wouldn't know or care.

  15. Panda by Anonymous Coward · · Score: 0

    You know someone's boss at Panda is screaming "HOW COULD YOU LET THIS HAPPEN????"

  16. Hacking by GrBear · · Score: 1

    The hacking of their website makes them a Sad Panda.

  17. So, some bragging, posturing "hacker"... by Paracelcus · · Score: 1

    So, some bragging, posturing "hacker" wannabe, get's set up by the FBI and is terrorized into "giving up" others, (probably people who, like him wanted to show off) and the Government (like they always do) will exploit this utterly pointless exercise to impress Ma and Pa Kettle of Bug Tussle, TN in a bit of election year propaganda!

    Kinda like "Seal team six".

    Ah iz votin fer him he caught the Hayakeeruz!
    Whuts uh Hayakeeruz?

    --
    I killed da wabbit -Elmer Fudd
  18. PR by ThatsNotPudding · · Score: 1

    Panda Security says the intruders only managed to exploit the web server and did not compromise their internal networks.

    Given the products and services they sell, of course that's their spin.

  19. unfortunate collateral by Anonymous Coward · · Score: 0

    wont someone think of the pandas?

  20. Honeypot by Anonymous Coward · · Score: 0

    This is more honeypot activity by the FBI. Sabu has many times stated that he operated the anonops.li IRC server, plus he sort of started the whole modern Antisec movement.

    Seeing as how that IRC channel is on the deface, you can safely assume the AnonymousIRC twitter account and that IRC server are compromised, this is more activity by the feds to pull in more activists.

  21. Possible anti-Scientology motivation? by Anonymous Coward · · Score: 0

    Might this perhaps be motivated by allegations of links between Panda Security (formerly Panda Software) and the Church of Scientology?