Anonymous Hacks U.S. Government Site, Threatens Supreme 'Warheads'
5 hours ago
The hacktivist group Anonymous hacked the US federal sentencing website early Saturday, using the page to make a brazen and boisterous declaration of "war" on the U.S. government.
The group claims mysterious code-based "warheads", named for each of the Supreme Court Justices, are about to be deployed.
As of midnight Pacific time, the front page of Ussc.gov — the Federal agency that establishes sentencing policies and practices for the Federal courts — is filled with a long screed in green on black, together with this YouTube video:
All areas of ussc.gov other than the front page appear to be functioning normally. In other words, there's no denial of service attack or widespread vandalism. (Update, an hour later: it's getting a little slow and has all the hallmarks of a DDoS.)
At the bottom of the page is a series of nine files, mirrored three times. Each file is named for a current U.S. Supreme Court Justice.
The statement opens with a lament for Aaron Swartz, the Reddit programmer and Internet activist who committed suicide earlier this month. Promising revenge for his treatment at the hands of a federal prosecutor, the screed veers into some of the most inflammatory — dare we say hyperbolic — language we've seen on a simple front page hack.
The group talks of planting "multiple warheads" on "compromised systems" on various unnamed websites, and encourages members to download a given file from ussc.gov that is "primed, armed and quietly distributed to numerous mirrors." It has given the warhead "launch" the name of "Operation Last Resort," the text said:
There has been a lot of fuss recently in the technological media regarding such operations as Red October, the widespread use of vulnerable browsers and the availability of zero-day exploits for these browsers and their plugins. None of this comes of course as any surprise to us, but it is perhaps good that those within the information security industry are making the extent of these threats more widely understood.
Still there is nothing quite as educational as a well-conducted demonstration...
Through this websites and various others that will remain unnamed, we have been conducting our own infiltration. We did not restrict ourselves like the FBI to one high-profile compromise. We are far more ambitious, and far more capable. Over the last two weeks we have wound down this operation, removed all traces of leakware from the compromised systems, and taken down the injection apparatus used to detect and exploit vulnerable machines.
We have enough fissile material for multiple warheads. Today we are launching the first of these. Operation Last Resort has begun...
Here's the list of files the group is encouraging its followers to download:
What's in the files, and does it have anything to do with the recent "Red October" series of security breaches, thought to be prevalent in China and Russia? Anonymous plays coy:
The contents are various and we won't ruin the speculation by revealing them. Suffice it to say, everyone has secrets, and some things are not meant to be public. At a regular interval commencing today, we will choose one media outlet and supply them with heavily redacted partial contents of the file. Any media outlets wishing to be eligible for this program must include within their reporting a means of secure communications.
We have not taken this action lightly, nor without consideration of the possible consequences. Should we be forced to reveal the trigger-key to this warhead, we understand that there will be collateral damage. We appreciate that many who work within the justice system believe in those principles that it has lost, corrupted, or abandoned, that they do not bear the full responsibility for the damages caused by their occupation.
It is our hope that this warhead need never be detonated.
What "collateral damage" is the hacktivist group talking about — and is there anything to their threats? We're continuing to update this story, but give us your take in the comments.