“Anonymous” Not So Anonymous After GCHQ Leak

Announced by the newest source to the leak party, NBC, news surfaced that the worldwide hacktivist group Anonymous has been carefully monitored and tracked by agents at the GCHQ for almost three years.

The campaign first went into action in September of 2011, shortly after Anonymous claimed victory against the websites of major payment providers such as Paypal, Visa, and Mastercard. The act was in response to all three companies claiming they would no longer be accepting online donations for the website WikiLeaks, a move which Anonymous did not agree with in the slightest.

Operation Payback“, as it came to be known, was successfully infiltrated by members of the GCHQ who used spoofed accounts to discuss the plan with the higher ranking members of a group which supposedly “has no leaders”. The irony beyond that of course is that in order to use these accounts, the GCHQ had to employ many of the same tactics that Anonymous relies on in its daily business, including social engineering, DDOS attacks, and good ol fashioned malware plants.

Ars Technica

Once infiltrated, the GCHQ was able to take meticulous logs of all conversations held between themselves and other members of Anonymous over the popular underground chat client IRC.

When a user known only as Gzero came onto the #OperationPayback IRC chat looking for a popular website to use as a malware distribution source, an informant from the GCHQ (whose name has been redacted in the slides) offered to provide him with a porn site that could fulfill his request.

By running a Whois inquiry on the server once Gzero had set up shop, the British spy agency was able to convict him for the theft of over 200,000 Paypal accounts, and close to 3,000 credit cards from the major providers listed above.

Of course, the hypocrisy in all this is that Anonymous is being arrested for utilizing many of the same tips and techniques that the GCHQ used to catch them, but only one side of the fight has yet to answer for the crimes on their day in court.

Overall, the operation, named ROLLING THUNDER, was able to identify three members of the Anonymous hacking clan, and even disabled their IRC chat channel for close to two days following the scandal.