By Tom Espiner, 13 March, 2012 12:33
Confession of a Former White Hat
The Vatican has confirmed a second attack against its website by the Anonymous hacking group, and an infiltration of its radio database.
The Vatican has confirmed a second hack on its systems by the Anonymous activist group.
A Vatican spokesman on Tuesday downplayed the impact of the hack on the Vatican Radio database, saying the hackers had gained access to an old server “shortly after 2pm” on Monday.
“There was a second attack we are aware of directed against the [Vatican IP] address,” said the spokesman. “[Concerning] Vatican Radio, a database on an old server was accessed. Thirty percent of the information on the server was so outdated it was of no use.”
Anonymous claimed to have hacked Vatican Radio in protest against the Vatican Radio allegedly using “repeaters with power transmission largely outside the bounds of the law” in a Pastebin post on Monday.
AnonOps Communications, a recognised mouthpiece of the hacktivist collective, published a link to the Pastebin post on Tuesday. Comments on the post called for alleged LulzSec members arrested last week by the FBI and international law enforcement to be freed.
“Almost any protest which bares the request ‘free the LulzSec team’ is a honourable cause [sic],” said the comment.
Anonymous first took down the Vatican website last Wednesday, in protest against the Roman Catholic Church, which Anonymous accused of actions including the molestation of children by priests.
The first successful Vatican hack was made a day after the LulzSec arrests which saw prominent LulzSec hacker ‘Sabu’ — Hector Xavier Monsegur — exposed as an FBI informant.
The AnonymousIRC Twitter channel said on Tuesday that the FBI had done Anonymous “a favour” by arresting Sabu.
“Not rocket science,” said the Tweet. “Really. Hacks will continue and so will the anger of the people. Arresting Sabu is not a win for the FBI it was a favour [sic].”
Norton Antivirus source code
LulzSec and Anonymous appear to have continued operations since the arrests. On Friday, Anonymous released Norton Antivirus 2006 source code, which the collective had threatened to do in February, after the release of Symantec PCAnywhere source code. The source code was stolen in 2006, according to Symantec.
The source code was released to the Pirate Bay file-sharing site, with a quote attributed to Jeremy Hammond, one of the alleged LulzSec hackers arrested the FBI last week. Hammond is alleged to be the hacker ‘sup_g’.
“Our civilization is facing a radical, imminent mass change,” said the quote. “The alternative to the hierarchical power structure is based on mutual aid and group consensus.”
Symantec downplayed the release of the code on Friday, but confirmed the code was bona fide.
“Symantec can confirm that the source code for 2006 versions of Norton Antivirus posted by Anonymous is authentic,” the company said in a statement. “The exposure of this code poses no increased risk to Norton or Symantec customers. This code is part of the original cache of code for 2006 versions of the products that Anonymous has claimed to possess over the last few weeks.”
The code was “so old that current out-of-the-box security settings will suffice against any possible threats that might materialize as a result of this incident”, said Symantec, which added that it expected Anonymous to release source code for 2006 versions of Norton Internet Security.