PayPal, Symantec Hacked In Anonymous November 5 Hacking Spree

New submitter Journe writes "Anonymous claims to have begun a hacking spree for the 5th of November. In their spree, they've laid waste to several Australian Government sites, and, for some reason, the site of Saturday Night Live. They also claim to have leaked VMware source code, along with user and employee info from Paypal and Symantec. There's some argument however that Anonymous is falsely taking claim for Symantec."

Re:Political motivation?

I think believing that these attacks are targeted that finely, or that there haven't just been a bunch of random people attacking anything that looked vulnerable isn't realistic.

What probably happened is they searched for particular sites running particular combinations of software (it's not all that hard to find out what someone *claims* to be running), or even had just an automated sweep which returns a few likely candidates (my web server is hit all the time by people looking for proxy / malware PHP files that obviously only exist if you're vulnerable / infected already).

I mean, there were Ghanan consulates in that list and all sorts. I think it's more a question of "what was vulnerable" when a particular date for a hacking spree was decided upon rather than any political message (although, sure, one of the hackers might have a motive, or they might look at certain websites first, etc.).

And the age-old argument - Anonymous is not "any one person". It's not even a coherent group. Just about anybody that hacked a site and bothered to tell Anonymous would have been listed there because, by their own admission, they have no idea who their members are / are not and they have no "entry requirement" as such.

It seems much more random to me. If you wanted to make a political statement, you could have gone for US presidential candidates or particular organisations and made the news. But obviously most of those places secure their stuff quite well.

So we end up with PayPal (who are currently denying that anything happened, which I wouldn't be shocked about - there's been a lot of "didn't actually happen" hacks lately where people just post convincing lists of usernames as if they are hacked data), an antivirus vendor and an embassy in some African state.

It's hardly targeted anarchy. It's more like "who left their window open?".

Re:paypal?

[Cinder6]

Here's an article I found (by clicking through a few times from TFA). For those who don't want to read:

However according to PayPal’s head of PR, they claim to be investigating the alleged hack, but so far they have stated that they are unable to validate any evidence that there has been a security breach which we can only take to be a good thing.

They also say 28,000 accounts, which means the odds of an individual being hacked are very very low (considering there are over 110 million users). Even still, it's a good idea to change your password, at least.