Anonymous and includes members of the defunct group Lulz Security laimed responsibility for a spate of recent break-ins said on Friday that they had infiltrated the networkof IRC Federal, an engineering contractor that works for federal agencies including the Federal Bureau of Investigation and stole internal documents from its database and e-mail system, also said it had defaced IRC Federal’s Web site. European authorities made headway this week in the pursuit of Anonymous members there with several raids in Italy where the group has attacked public and private websites and it has done round the world and in the United States…………
Hacking group Anonymous has released an archive containing what it claims to be private emails and databases of IRC Federal, a contractor that partners with the U.S. Department of Defense, Department of the Navy, the Federal Bureau of Investigation and the Department of the Army. The group calls this latest release ‘F*ck FBI Friday II’ and says that it “laid nuclear waste to their systems, owning their pathetic windows box, dropping their databases and private emails.” Anonymous says that it found information in the emails that includes various contracts, development schematics, and internal documents for various government institutions. These include a proposal for the FBI to develop a Special Identities Modernization (SIM) Project to reduce terrorist and criminal activity by protecting all records associated with trusted individuals and revealing the identities of those individuals who may pose serious risk to the United States and its allies. Other data that Anonymous claims is included in the archive includes fingerprinting contracts for the Department of Justice, biometric projects for the military and strategy contracts for the National Nuclear Security Administration Nuclear Weapons Complex. The group says that they have also found logins to VPNs and several Department of Energy logins that they’re including with live access.
To quote Anonymous’s release notes:
Today we release the ownage of another government-contracted IT company, IRC Federal. They brag about their multi-million dollar partnership with the FBI, Army, Navy, NASA, and the Department of Justice, selling out their “skills” to the US empire. So we laid nuclear waste to their systems, owning their pathetic windows box, dropping their databases and private emails, and defaced their professional looking website.
In their emails we found various contracts, development schematics, and internal documents for various government institutions including a proposal for the FBI to develop a “Special Identities Modernization (SIM) Project” to “reduce terrorist and criminal activity by protecting all records associated with trusted individuals and revealing the identities of those individuals who may pose serious risk to the United States and its allies”. We also found fingerprinting contracts for the DOJ, biometrics development for the military, and strategy contracts for the “National Nuclear Security Administration Nuclear Weapons Complex”.
Additionally we found login info to various VPNs and several Department of Energy login access panels that we are dumping *live* complete with some URLs to live ASP file browser and upload backdoors – let’s see how long it takes for them to remove it (don’t worry we’ll keep putting it back up until they pull the box ;D)
This is an embarrassing situation for a company dealing with such sensitive information and yet another lesson learned through exploitation that security needs to be much more than what it currently is for many such high-profile/significant sites. And though the information leaked sounds important at first-glance, the coming days will reveal whether or not this is just another forgetful hacktivist release that merely reiterates the flaws of current security measures, or if something significant will come of it all.