Q&A: Lulz Security

The hacker group known as Lulz Security leapt to prominence by carrying out a series of attacks on Sony, Nintendo, and broadcasters Fox and PBS. On 25 June it said it was disbanding itself.

Like many hacker groups, LulzSec appears to be a loosely organised collective in which no-one is really in charge.

It claims to specialise in finding poorly protected websites to attack. Information they steal is sometimes posted to the web.

Sony has been prominent among its victims. In early June Lulz Security broke into the servers behind the sonypictures.com, sonybmg.nl and sonybmg.be websites.

The group gained access to around one million user accounts and published details of several thousand online.

Lulz is a corruption of the famous web abbreviation LOL which stands for "Laugh Out Loud".

Humour forms part of the group's agenda, as outlined on its website.

"Considering fun is now restricted to Friday, where we look forward to the weekend, weekend, we have now taken it upon ourselves to spread fun, fun, fun, throughout the entire calendar year," declares a message on the front page.

The humour references seem to be intended to separate the group from others that hack for money.

But not everything LulzSec does is for the fun of it.

The group also hacked the website of America's Public Broadcasting Service because it made a documentary critical of Wikileaks.

No-one knows.

The internet and the web make it easy to be superficially anonymous and LulzSec has done a good job of hiding its tracks.

We do not even know if it is a group or just an individual with lots of time on their hands.

It has been active since early May, but on 25 June it announced through its Twitter account and on a file-sharing website that it was ceasing its activities after 50 days.

However, it is impossible to know whether members of Lulz Security were active in other groups before they joined this one.

It is possible that LulzSec was formed by people who were disillusioned with other groups and wanted to cause a stir on their own. Members of LulzSec may also still be part of other hacking groups.

One of the first documents the group posted was a list of US X Factor contestants complete with names, date of birth, e-mail addresses and phone numbers.

It ended by releasing a package of documents, apparently including confidential material taken from the Arizona police department and US telecoms giant AT&T.

It also planned to publish five gigabytes of "government and law enforcement data" from around the world over a period of three weeks after its announced disbandment.

Not really.

Net analysis suggests that the computers handling their website are located in Palo Alto, California. However, it is easy to administer a website from far away, so that is no guide to their location.

Some have tried to look at the group's Twitter stream to see when they post messages and to work out their time zone.

Even that could be misleading because the Tweets could be posted automatically or by a member of the group in that part of the world.

Any reasonably competent hacker group will pipe what they do through a series of machines that sit in different jurisdictions to complicate any attempt to track them down.

LulzSec was expected to get more attention from law enforcement following its recent attack on Unveillance, a non-profit organisation affiliated to the FBI.

Such moves as the arrest of 19-year-old Briton Ryan Cleary as part of a Scotland Yard and FBI probe into the group may have influenced its decision to disband.

Hard to say.

The tricks they have used to winkle out information from websites are well-known and tools to carry them out are available for free all over the net.

In the case of the recent Sonypictures.com hack, the group used an SQL injection - a relatively straightforward attack on the website's logon system.

Their success may have more to do with the security failings of their targets than it does with their command of computer code.

Hundreds.

They range from disinterested academics and professionals through teenage trouble-makers to out-and-out criminals.

At one end of the scale are "white hat" hackers who find vulnerabilities and inform website owners so they can fix them

"Black hat" hackers represent the other extreme - they are typically criminals or hackers working for criminals looking to access information for profit.

In the middle are "grey hat" hackers who are generally intent on mischief making. At the moment, LulzSec seems to fall into this category.