HBGary: Security Firm Investigating ‘Anonymous’ Hacked and Exposed

“Do not meddle in the affairs of hackers, for they are subtle and quick to anger.”

Following last week’s hacking of shamed LIGATT CEO Gregory D Evans, this week it was the turn of security firm HBGary to get exposed. HBGary have been aiding the FBI with their investigations into members of Anonymous. Although Anonymous isn’t a centralised ‘group’, their recent DDoS attacks and hacks of oppressive governments and anti-wikileaks organisations (including PayPal, MasterCard and VISA), have made them a target of the US Federal Government.

HBGary were allegedly preparing to hand over information about certain members of Anonymous to the FBI, who have already made several arrests in the US and UK, and obtained over 40 search warrants in an attempt to shut down Anonymous (probably not possible imo). Angered by CEO Aaron Barr and HBGary’s involvement in FBI investigations, members of Anonymous compromised a number of HBGary servers, defacing their website, gaining access to CEO Aaron Barr’s Twitter account, and obtaining a large number of emails. In what seems to be the popular punishment at the moment, over 50,000 corporate emails were released in a torrent. Anonymous also stated, on one of their many Twitter accounts, that the source code of HBGary’s security products was also obtained – although these don’t appear to have been released (yet?).

“You’ve angered the hive, and now you are being stung.”

Anonymous posted a message to HBGary on their defaced website, where they mock the firm for their lack of security and the unsubstantial ‘public’ information that was going to be handed sold to the FBI.

Hit the jump for Anonymous’ full message.

Ars Technica has a good review of how this all went down, and a step-by-step account of how the hack was possible.

[Update] Aaron Barr steps down as CEO of HBGary Federal

Read more