http://www.gamesas.com/index.php?/topic/1201895-lulzsec-takes-down-eve-online-minecraft-and-league-of-legends/
http://www.gamesas.com/index.php?/topic/1201569-lulzsec-takes-down-eve-online-minecraft-and-league-of-legends/

As many of you are aware, many companies and organizations have found themselves victims of a hacking outbreak that has occurred only recently. Most victims, as a matter of fact, are parts of the gaming industry. And of the hacking groups out there causing mayhem, the most prominent of them is LulzSec. Victims of this hacking spree thusfar include http://www.gameinformer.com/b/news/archive/2011/04/26/everything-you-need-to-know-about-the-psn-meltdown.aspx (several times in fact), http://origin-www.gameinformer.com/b/news/archive/2011/06/05/nintendo-servers-hacked.aspx, http://www.gameinformer.com/b/news/archive/2011/06/11/epic-games-39-latest-victim-of-hack-attack.aspx, http://www.gameinformer.com/b/news/archive/2011/06/17/sega-gets-hacked.aspx, http://arstechnica.com/tech-policy/news/2011/06/titanic-takeover-tuesday-lulzsecs-busy-day-of-hacking-escapades.ars?comments=1 and even our own http://www.gameinformer.com/b/news/archive/2011/06/13/bethesda-sites-hacked.aspx. And that's just scratching the surface.

As I mentioned, the group responsible for most, if not all, of these attacks is the hacker group calling itself LulzSec (http://twitter.com/#!/lulzsec). LulzSec has found itself at odds with a good deal of people and groups after their hacking exploits, which include the FBI, the CIA, Anonymous, and a gray-hat hacker known as th3j35t3r (http://twitter.com/#!/th3j35t3r).

Because this is a gaming forum, many of us have found ourselves on the wrong end of the stick. As a result, those of us affected and the rest of us who could be affected should take extra steps when it comes to protecting our security. As a primary rule, you should listen to everything http://www.gamesas.com/index.php?/user/272052-defron/ has to say. Change your passwords, emails, remove credit card information if you don't need it at the present, pay attention to the security of your various services, and possibly try out some credible third party services for password management.

If you feel that you are comfortable in your security, check again just to be safe . After that, join us here, sit back, grab some popcorn, and watch the drama unfold. I'll keep this post updated with the goings-on as often as I can. My main sources are http://www.gameinformer.com/ for news related to the game companies themselves, http://arstechnica.com/ for general news about LulzSec, and LulzSec's http://twitter.com/#!/lulzsec for their self-published misadventures, though other news sites all over the place are reporting as well.

Current News: LulzSec is taking the weekend off, or so they claim.

Previous:
LulzSec taking more requests to hack more websites and services.
Sega hacked, LulzSec claims to not be behind it.

Lulzsec is offering to help them get revenge on those that did.

This is what confuses me the most. It's so uncharacteristic of them. Though the rest of their statement was in line with all of their previous hacking statements, which is "We did it because we are fans of [Insert Old Product Here]"

They hacked the CIA? Those hackers really do want to get caught.

1. Hack Sega
2. Say you didn't do it
3. Place the blame on someone else
4. ???
5. Profit!

Ever since Jester got involved they've been more quiet and "nice", guess they're trying to lay low for awhile. Doubt it's the last we've seen of them though.

Meh, it's the NSA that they really have to worry about.

Hmm. They've not exactly been coy about what they do, or especially worried about angry reactions so far. But he tweet could also very much be sarcasm, I guess.

Of course, doesn't matter. *shrug* They're still responsible, whether they do the deed or some eager copycat tried to add to the stream of hacks.

It just makes me wonder why they would hesitate to take credit for this when they've bragged about everything else, including most notably the month-long outage of the PSN. The only reason I can think of is that something has happened to them which created some fear, and they're trying to save face at the last minute. Maybe th3j35t3r's antics have them scared, and they're trying to take some of the blame off of themselves. Maybe they're trying to extort Sega like a crime boss forcing business owners to pay protection money. Who knows?

They have stated their overall mission just recently though, which you can read http://pastebin.com/HZtH523f. (It's Pastebin, it's safe)

Isn't what they are doing like... illegal though? I mean they are basically telling everyone they did it... so what is stopping real law from coming into play?

The internet needs boundaries...

They are truly saints.

"and we'll continue creating things that are exciting and new until we're brought to justice, which we might well be"

Thats easy talk coming from someone sitting behind a computer and not in a jail cell.

Kind of in the same boat as LulzSec but more for the people. Anonymous Ops: http://s3.amazonaws.com/data.tumblr.com/tumblr_lmwt1byHRg1qjkzz8o1_1280.png?AWSAccessKeyId=AKIAJ6IHWSU3BX3X7X3Q&Expires=1308423480&Signature=COIpLzPYSY%2BnRfZSONYwRjYcBl4%3D

I like it! :thumbsup:

http://www.gameinformer.com/b/news/archive/2011/06/17/sega-gets-hacked.aspx

Looks like Sega got hacked and yet Lulzsec says that they didn't do it, I smell a shephard crying out wolf.

Aww [censored].

The main problem with tracking down and arresting hackers is isolating where they live. Anyone with any sense doing illegal stuff on the net is going through proxies and the like to avoid having their work traced back to them. Also, even if you do trace the actions to a specific house it doesn't mean that anyone in said house is responsible. The hacking could have been done by someone using their internet connection without permission. Similarly, if the computers at the site are shared, you have the problem of not being certain which user was responsible. And if you trace it to a specific locale, but can't find any related data on a hard drive or collaborating testimony, well then your whole case probably won't stand up in court.

Indeed. LulSec may be a part of the human anatomy you generally find on the back side of a person, but if they said they didn't do something, they didn't do it.

There's no lulz if noone knows you did it.

The Internet may need well defined borders for policing, but the Police already have well defined borders.

If the FBI or whoever track one of the hackers to..... Picking a country completely from random.... Azerbajan; what exactly are they going to do about it? The FBI do not have any power to arrest someone in Azerbajan.

I lied about selecting a country from Random - a study has suggested a good sized chunk of the commercial spam sitting in your spam box probably comes from there (with Denmark and Nevis rounding out the top 3).

You've got to collect enough evidence to convict/extradite when you don't have the powers of law enforcement on your side - I'm not a lawyer but I believe its illegal for my UK based ISP to give my account information to the FBI - the FBI would need to convince UK law enforcement to get it; in a less friendly country or a country that doesnt see cybercrime as an issue, they may not work with the FBI, unless they track my IP address to some other service within their juristiction where they can get my details, they're snookered.

Put Simply, its a pain in the neck to investigate and enforce - but given the chutzpah behind LulzSec's activities, there surely will be arrests, and soon.

Usually all it takes to get someone's information is tracking their IP to an ISP and getting a warrant. But like you said, things get so much more complicated when you have cyber criminals across international borders. In most big nations like the US, Britain, Canada, etc, it's easy enough to simply contact the authorities over there and let them take care of it. But when you have a country like a former soviet republic, the reliability of law enforcement there is often minimal. And organizations like the CIA aren't allowed to just step in and abduct someone during the night unless it's a threat to national security.

And like DarthRavanger said, even if you do track it down to a name, gathering enough evidence to actually convict them is a very difficult matter.

Come ON now. DDOS attacks are not fun, they're just plain annoying, hell they aren't even security holes that can be exploited and thus would be beneficial to point out to the site owner. DDOS attacks just test how much bandwidth and server capacity they're ready to purchase. Using DDOS attacks like this is just them waving their e-peens.

They've deleted the entry. Not that much calls on a friday night ?

*edit* Oh.

Well, duh. Suspending that number is the minimum I'd say.

According to Anonymous (or at least some members of Anonymous because Anonymous is not a unified group), http://twitter.com/#!/YourAnonNews/status/81782565194829824.

I wonder why.

Also, there's this http://www.youtube.com/watch?v=udcnlLXUh8E&feature=player_embedded from NMA. No idea who NMA is, but it looks like stuff that was on advlt Swim from a while back

Sorry for having two posts in a row, but anyways, LulzSec took down a small browser-based game called http://en.wikipedia.org/wiki/TribalWars. Nothing big, but it was one of their requests. So, they are active once again/still active.

And hackforums in the same run. Well, good to see they still like to grasp porcupines.

They're like a chinese news channel, they actually have some very intresting cases..rarely.

There are some DDoS attacks that exploit flaws in firewalls or servers.
http://en.wikipedia.org/wiki/Slowloris