美国黑客侠盗:劫富济贫 窃百万美元捐赠
The loose-knit hacking movement 'Anonymous', who claimed to have used victims' credit cards to donate to charity, said the stunt was just the beginning of their masterplan.一个名为“匿名者”黑客的分散性运动组织宣称,他们用受害者的信用卡的钱捐给慈善组织,并表示这次的小花絮只是后面大计划的开始。
Thousands of credit card numbers and other personal information belonging to clients of U.S.-based security think tank Stratfor has been hacked, the organisation said. 该组织声称,美国的安全智库Stratfor遭他们攻击,上千份信用卡和部分个人客户的信息资料被盗窃。
Some victims confirmed unauthorised transactions linked to their credit cards. Anonymous boasted of stealing Stratfor's confidential client list, which includes entities ranging from Apple Inc. to the U.S. Air Force to the Miami Police Department, and mining it for more than 4,000 credit card numbers, passwords and home addresses. 部分客户证实他们的账户出现未经授权的交易。“匿名者”炫耀自己盗取了机密的客户名单,名单包括苹果公司、美国空军、迈阿密警局等组织机构,还拿取了至少4000份信用卡帐号、密码和家庭地址。
In a statement released, Anonymous said: 'Tomorrow, we will be dropping another enormous dump on our next target: the entire customer database from an online military and law enforcement supply store.' The hackers added that Stratfor were 'clueless' when it came to database security. The global intelligence firm's website is currently shutdown and undergoing maintenance. “匿名者”公开表示:“明天,我们将先像蝗虫般横扫另一个目标,下个目标将是一个为军队和执法机构做供给的网上供应商的所有数据。”另外,“匿名者” 还表示,当面临数据安全问题,Stratfor"束手无措”的。这家全球智库组织的网站已经关闭,并宣称进行网站维护中。
Stratfor is also helping in an investigation with the FBI. Austin, Texas-based Stratfor provides political, economic and military analysis to help clients reduce risk, according to a description on its YouTube page. 同时,Stratfor协助FBI进行事件的调查。 根据其在YouTube页面上的介绍,位于德克萨斯州奥斯丁的Stratfor为客户提供政治、经济及军事上的分析,避免风险。
Proprietary information about the companies and government agencies that subscribe to Stratfor's newsletters did not appear to be at any significant risk, however, with the main threat posed to individual employees who had subscribed. Anonymous said the client list it had already posted was a small slice of the 200 gigabytes worth of plunder it stole from Stratfor and promised more leaks.订阅Stratfor分析的公司和政府机构的所有资料并不会对它们造成大危机,然而,订阅了分析的个人客户会面临着不小的风险。“匿名者”称,已经公布的客户名单只是这“Stratfor200GB掠夺行动”中资料的冰山一角,他们还承诺公布更多的机密资料。
It said it was able to get the credit card details in part because Stratfor didn't bother encrypting them — an easy-to-avoid blunder which, if true, would be a major embarrassment for any security-related company. “匿名者”还表示,由于Stratfor对机密资料的机密疏于管理(其实这是一个很容易避免的错误),他们能获得部分的信用卡细节资料。假如这是事实,这将是所有网络安保公司面临的重大尴尬。
Fred Burton, Stratfor's vice president of intelligence, said the company had reported the intrusion to law enforcement and was working with them on the investigation. Stratfor has protections in place meant to prevent such attacks, he said.Stratfor情报副总裁弗雷德•伯顿表示,公司已经将这次的入侵上报给执法机构,并协助他们进行调查。伯顿还说,Stratfor公司已经就防范类似攻击做好了相关的应急防护措施。