LulzSec Hacks Senate Server, Asks Rhetorically "Is This An Act Of War, Gentlemen?"

Tyler Durden's picture

After a major hack of the IMF's website over the weekend promptly scrambled the FBI, just as Operation Empire State Rebellion announced it was taking its attack of the Fed Chairman to the next level (we have yet to see anything here more than just rhetoric), today, the competing hacker group, the one implicated in numerous Sony breakins as well as a recent defacing of an FBI-affiliate, LulzSec, has proven it broke into the Senate's SPARC server and exposed everything that admin chris_vontz@saa.senate.gov apparently was unable to hid sufficiently well. On its website, LulzSecurity left the following preface to the several hundred thousand code-long data dump of everything located in the Senate server: "We don't like the US government very much. Their boats are weak, their lulz are low, and their sites aren't very secure. In an attempt to help them fix their issues, we've decided to donate additional lulz in the form of owning them some more! This is a small, just-for-kicks release of some internal data from Senate.gov - is this an act of war, gentlemen? Problem? - Lulz Security." And what is completely not surprising, following a Dow Jones inquiry, "a Senate representative said she was unaware of any breach of the body's web site." Well it has been breached- anyone curious what is contained in the server can do so here. A cursory investigation does not reveal the exposition of any sensitive data.... This time. Yet one thing LulzSec most certainly acquired was the user/pass combinations of all individuals affiliated with the Senate, and are likely currently actively downloading all their emails. We continue to wonder just how safe the Fed's email server is...

The hacking of the Senate appears to have been a "bonus round" to what LulzSec was actually targetting, which seems to have been Bethesda Softworks. Below is how the hacker group describes their action:

Greetings Internets,
 
This is a story all about how we made Bethesda Softworks, ZeniMax
Media, and everything they own, our bitch for life.
 
As you should know, The Lulz Boat stores vast amounts of booty;
much of this booty we don't release as it's simply too shiny and/or
delicious. As of late, certain inferior sailing boats have discovered
flaws in Brink (brinkthegame.com), thinking themselves exciting and new.
 
Too late. The Lulz Boat controls this ocean, chumps.
 
Some weeks ago, we smashed into Brink with our heavy artillery Lulz
Cannons and decided to switch to ninja mode. From our LFI entry point,
we acquired command execution via local file inclusion of enemy fleet
Apache vessel. We then found that the HTTPD had SSH auth keys, which
let our ship SSH into other servers. See where this is going?
 
We then switched to root ammunition rounds.
And we rooted... and rooted... and rooted...
 
After mapping their internal network and thoroughly pillaging all of
their servers, we grabbed all their source code and database passwords,
which we proceeded to shift silently back to our storage deck.
 
Please find enclosed everything we took, excluding one thing -
200,000+ Brink users. We actually like this company and would
like for them to speed up the production of Skyrim, so we'll
give them one less thing to worry about. You're welcome! :D
 
Please keep making awesome games, guys, and you should
totally add an official LulzSec top hat to new releases.
 
But anyway, bwahahaha... >:]