Apparently committing crimes for the “lulz” is still entertaining for the group known as LulzSec.
They announced their latest conquests around 12:30pm PDT today, senate.gov and Bethesda Softworks.
Nothing terribly secret was lost in the breach of the US Senate’s web server. LulzSec posted some basic information on the filesystems, user logins and the Apache web server config files.
The also dumped a directory listing of what appears to be every single file on the server. Under the Computer Fraud and Abuse Act this hack could earn someone 5 to 20 years in prison, if convicted.
At the end of their post LulzSec appears to be taunting the American authorities…
"This is a small, just-for-kicks release of some internal data
from Senate.gov - is this an act of war, gentlemen? Problem?
- Lulz Security"
They also attacked Bethesda Softworks, the makers of Quake, Fallout, Doom, Elder Scrolls and other big name video games.
It is unclear why LulzSec decided to attempt to embarrass yet another video game company other than to show off.
They made a statement on their website suggesting they needed to prove they were better hackers than the group who recently hacked the website of Bethesda’s new game Brink.
It is difficult to explain random acts of sabotage and defacement, so I am not going to attempt to get into the heads of those behind these attacks. About the only take-away is that it’s best to secure your web assets against these types of attacks before rather than after.