Anonymous has had a busy Christmas week with news about its AntiSec arm breaching security think tank Stratfor's servers and reports about the group making donations to charity with stolen credit cards. Now it appears that Anonymous also targeted specialforces.com as part of its aptly titled LulzXmas festivities.
The hacker collective released the credit card and personal information, including names and addresses of those ordering products from the site on Pastebin yesterday. They also took opportunity to further embarrass Stratfor over their confusion as to whether their data was encrypted or not.
"To be fair, at least SpecialForces.com DID store their customers’ credit card information using blowfish encryption (unlike the global intelligence and security industry "professionals" at Stratfor, who apparently remain confused as to whether their customers’ information was even encrypted or not). Nevertheless, our voodoo prevailed and we were quickly able to break back into the military supplier’s server and steal their encryption keys. We then wrote a few simple functions to recover the cleartext passwords, credit card numbers, and expiration dates to all their customers’ cards. That’s how we roll," they said on Pastebin.
The attack was in response to the site's core customer base being primarily military and law enforcement personnel, who they claim have enjoyed purchasing tactical equipment they use on citizens."What’s that, officer? You get a kick out of pepper-spraying peaceful protesters in public parks? You like to recreationally taser kids? You have a fetish for putting people in plastic zip ties?"
Anonymous said they have been in possession of 14,000 passwords and 8,000 credit cards from the site for several months, but a disgruntled 'former comrade' had leaked that list earlier than intended.
It is clear the hacktivist collective intends to finish 2011 with a big bang, following up from many high profile intrusions this year that have seen the group transcend to an almost cult like status online.