- #doingitrite: Tips on Staying Anonymous
- Over the past month, we’ve witnessed a heap of Anons getting v&, most notably sup_g, Kahuna and W0rmer.
- The only positive to come out of these arrests is that all Anons should learn not to be so easily socially engineered from now on. sup_g, Kahuna and W0rmer all contributed a lot to the cause and they will not be forgotten – but in spite of their talents, they left glaring clues to their identities all over the web. The feds didn’t catch them by using l33t whitehack skillz – the Anons effectively unmasked themselves.
- Anyone who’s serious about remaining anonymous should learn from these indictments to avoid making the same mistakes. It doesn’t matter how good a hacker you are – if you’re DM’ing pictures of yourself to femanons, you might as well just hand yourself in to the feds now.
- For future reference, these are the Anons’ fatal mistakes, as highlighted in their indictments:
- Kahuna allegedly:
- • Used ‘anonJB’ as one of his IRC names – JB are his real-life initials
- • Continued to operate as ‘anonJB’ after being correctly doxed in September 2011: http://pastie.org/2477266
- • Hacked websites using his work IP
- • Had Facebook, Gmail, Twitter and YouTube accounts in his real name. These revealed his Anon sympathies IRL, including a link to an Anonymous educational video: http://www.youtube.com/user/jborell3
- • Retweeted Anon accounts from his own real-life Twitter (no crime, but hardly a smart move when you’re also an Anon)
- • Mentioned on IRC that his dad was a lawyer (the chat log was later leaked)
- • Accessed the @ItsKahuna Twitter account on occasions using his home IP
- • Tweeted news of his neighbors installing a new WEP router that he was accessing
- • Tweeted as @ItsKahuna to say he was fixing his friend’s computer. The IP address this tweet was posted from matched one of his Facebook friends IRL.
- • Fucked up and allowed details concerning his computer host to be revealed on air – he then DM’d KSL TV to ask for this incriminating evidence to be deleted from later broadcasts.
- • DM’d pictures of his face to @anoncutie. All of Kahuna’s tweets, DMs and IP logs were later revealed when feds subpoenaed Twitter.
- • Admitted in a DM to @missarahnicole the date of his 21st birthday
- Full indictment: http://www.scribd.com/doc/89670544/Indictment-and-Complaint-against-Anonymous-hacker
- W0rmer allegedly:
- • Posted CabinCr3w and W0rmer photos of his girlfriend’s boobs – complete with iPhone geo-data that led to her home address.
- • W0rmer’s girlfriend, @MissAnonFatale, revealed in a DM to @ItsKahuna that her and W0rmer would get married once he’d arranged his passport & visa to Oz.
- • W0rmer posted a screenshot of a botnet he was running. In the background, his Skype and IRC user names are clearly visible in the applications he is running
- • Signed off on a forum post with the words “Higino Ochoa – AkA wOrmer” << facepalm.jpg
- • Broke into Texas PD’s website using his neighbor’s wireless – but without trying to mask his IP
- • His Facebook account publicly revealed that he was in a relationship with a girl in Australia. This girl could then be linked to him via the EXIF data on the Cabin Cr3w photos and by her own Anonymous Twitter account.
- Full indictment: http://cryptome.org/2012/04/usa-v-ochoa-complaint.pdf
- sup_g allegedly:
- • Used various nicknames on IRC, but allowed himself to be addressed by all these nicknames in chats with Sabu, thereby linking him to all his online personas
- • He regularly admitted on IRC which other nicks he used, when quizzed by others
- • He gave out personally identifiable info on IRC – such as admitting that he’d had activist mates who’d been arrested at a specific demonstration. sup_g’s twin brother was one of those arrested.
- • He also admitted on IRC that he’d been arrested at Republican National Convention in 2004, and confessed to having done time in federal prison
- Full indictment: http://www.scribd.com/doc/84134934/Hammond-Jeremy-Complaint
- All of these Anons would still be free if they hadn’t given out so much personal information. It wasn’t failed proxy chains or Tor relays that did for them; nor was it deep packet inspection or ‘no log’ VPNs giving up logs – for the most part it was simple social engineering.
- At the risk of stating the obvious: if you’re doing illegal shit online, *stay* anonymous. Delete EXIF data, delete old DMs, don’t use Facebook, don’t use Twitter without masking your IP, use an anonymous nickname that can’t be tied to your real-life identity and always assume that chats are being logged and will be published.
- #FreeKahuna #FreeW0rmer #Free sup_g #FreeTopiary #FreePalladium #FreePwnsauce #FreeKayla #StayAnonymous
#doingitrite: Tips on Staying Anonymous #FreeKahuna
jellybro Apr 16th, 2012 4,508 Never
RAW Paste Data