LulzSec takes down website of UK crime agency SOCA

Those persistent hackers, known to us all as LulzSec, have struck again. Less than a week after bringing down the CIA website, BBC News now reports that they have succeeded in bringing down the website of the UK’s Serious Organised Crime Agency (SOCA).

SOCA’s website went down on Monday afternoon (UK time) for an unknown period of time, but by early evening it had been restored, albeit with occasional 404s popping up here and there.

LulzSec tweeted: “Tango down – in the name of #AntiSec”. That hashtag refers to the “Anti-Security” campaign that LulzSec launched yesterday, in which they state:

“We encourage any vessel, large or small, to open fire on any government or agency that crosses their path. We fully endorse the flaunting of the word "AntiSec" on any government website defacement or physical graffiti art.”

Today, they added that LulzSec’s “top priority is to steal and leak any classified government information, including email spools and documentation. Prime targets are banks and other high-ranking establishments."

It seems that LulzSec used a classic DDoS (distributed denial of service) attack on SOCA, overloading its web servers by bombarding it with useless traffic.  

It’s worth noting that SOCA is the UK’s primary agency for dealing with cybercrime – today’s security breach will certainly see plenty of red faces there.

Although SOCA has not issued a formal statement at time of writing, Rory Cellan-Jones from BBC News, who was one of the first to break the news on Twitter, also tweeted: “SOCA investigating claims it’s been hacked by @lulzsec”, suggesting that he’s at least received some acknowledgement from within SOCA of the take-down.

Report a problem with article
Previous Story

DARPA creating National Cyber Range to fight cyber attacks

Next Story

Zune HD apps being ported to Windows Phone

50 Comments

Commenting is disabled on this article.

xSuRgEx said,
lulz why dont you try and ddos or breach the security of the GCHQ website.

That's why they have a hotline, give them a call and make your request. It's for the Lulz after all.

netsendjoe said,
why are we paying attention to this? all they want is the attention obviously...

Because account information is constantly being pulled by LulzSec. If they can continue doing it so loudly, what does that say about those who never say a word? Are you really safe/secure?

i wonder how to join the scene if there are somebody who can contact me i would be glad to have my part of fun for LUL

These guys rock! They are really good! I like 'em!

Also I like their "quotes" posted on Twitter in conjunction with their images! Hilarious! Would be great to add some megusta, melvin, cereal guy etc.

I'd like to see you hacking into servers and obtain critical information about a companies customers. This one was a DDOS, sure. They have done others that actually require intelligence however. I wouldn't call that being a script kiddy.

Nerd Rage said,
I'd like to see you hacking into servers and obtain critical information about a companies customers. This one was a DDOS, sure. They have done others that actually require intelligence however. I wouldn't call that being a script kiddy.

+1

Nerd Rage said,
I'd like to see you hacking into servers and obtain critical information about a companies customers. This one was a DDOS, sure. They have done others that actually require intelligence however. I wouldn't call that being a script kiddy.

Far as we're aware, 100% of their attacks were using known public exploits or DDoS attacks.... so... no skill other then the time to find servers susceptible...

AgentGray said,
Far as we're aware, 100% of their attacks were using known public exploits or DDoS attacks.... so... no skill other then the time to find servers susceptible...

No skill required? Well that makes these attacks even worse when going against government and security company websites/networks.

dead.cell said,

No skill required? Well that makes these attacks even worse when going against government and security company websites/networks.

its not hard to scan for unsecure servers all this group are doing is using well known tools to do there dirty work. and again with the exploitation part. metasploit has become the tool of the bed room wannerbe hacker. most have no clue how to code exploits or any understanding of how and why the exploits are working.

xSuRgEx said,

its not hard to scan for unsecure servers all this group are doing is using well known tools to do there dirty work. and again with the exploitation part. metasploit has become the tool of the bed room wannerbe hacker. most have no clue how to code exploits or any understanding of how and why the exploits are working.


Well, they are actually calling other hackers for using metasploit and they actually asked people that doubt their skills to explain how they did the Bethesda hack.

DrunkenBeard said,

Well, they are actually calling other hackers for using metasploit and they actually asked people that doubt their skills to explain how they did the Bethesda hack.

i think it's more embarrassing for an agency like the FBI to be hacked by well known exploits, that by some kind of high level unknown method.

14 year old moron script kiddies. No matter their age, or what they actually are, they come across as no more. Pathetic.

Septimus said,
14 year old moron script kiddies. No matter their age, or what they actually are, they come across as no more. Pathetic.

Why so jelly?

Every single day someone gets hacked. It's nothing new, they are just letting everyone know and trying to get all the attention they can.

Previously on Dallas : The Jester and The Web Ninjas attack LulzSec and release information about claimed members of the group. Meanwhile Anonymous twits that LulzSec are their "bros", that /b/ isn't Anonymous and that they will be joining forces with LulzSec to launch Operation AntiSec which is intended to be the ultimate "hacker reunion" and a hymn to anarchy. Following that, LulzSec starts a series of DDoS attacks while promising that " Government hacking is taking place right now behind the scenes". *Theme Song*

Soulsiphon said,
Quit front-paging this crap already. Neowin scared of something?

You do realize that not reporting on their attacks is ridiculous right? As much as you may hate LulzSec, they do have a point when mentioning these attacks could be carried out by other hackers who won't give a crap about draining your bank accounts or using your information for other malicious acts. And I'm quite positive such individuals wouldn't be tweeting their criminal actions for all to see either.

LulzSec may be a thorn in our side, but it could easily be much much worse. Also, I have no idea how you're trying to establish that Neowin is posting this news because they are "scared".

dead.cell said,

As much as you may hate LulzSec, they do have a point when mentioning these attacks could be carried out by other hackers who won't give a crap about draining your bank accounts or using your information for other malicious acts.

I don't have a problem with Neowin reporting on security breaches, but come on... no reason to report DDoS attacks. That's just silly.

rfirth said,

I don't have a problem with Neowin reporting on security breaches, but come on... no reason to report DDoS attacks. That's just silly.

This is currently a massive ongoing event in the tech world (and to some extent outside too). Not reporting on it would be silly. And reporting means all details, no matter how small.

rfirth said,

I don't have a problem with Neowin reporting on security breaches, but come on... no reason to report DDoS attacks. That's just silly.

Maybe so, but I believe the real bit of news here is that they're "officially" launching a campaign to attack high ranking establishments and such.

Also, didn't Sony say the DDoS attacks increased the difficulty in determining whether real intrusions were taking place? Considering LulzSec is doing both sorts of attacks, I think it might be worth noting who they're targeting.

I really want twitter to make that information and his IP public. It's always the minority that have to ruin the Internet for everyone.

They need to take these cowards out. Hiding behind your computer chomping on bonbons and drinking soda is a cowardly act. They will be caught...everything is traceable...and there are smarter people than they are. Only a matter of time before they are trying to hack themselves out of jail to avoid being raped. Prisoners love people like this.

techbeck said,
They need to take these cowards out. Hiding behind your computer chomping on bonbons and drinking soda is a cowardly act. They will be caught...everything is traceable...and there are smarter people than they are. Only a matter of time before they are trying to hack themselves out of jail to avoid being raped. Prisoners love people like this.

Only criminals that show up in masks and shoot people are brave!!

techbeck said,
Not what I meant and no they are not.

I know, I know, it was just the first thing to pop in my head when I read your comment.

techbeck said,
They will be caught...everything is traceable...

Not everything. Say they are doing their hacking using some Starbucks free WiFi, from the safety of their car, routing through proxies, it's nigh on impossible to trace. Thought judging from their past actions they're probably not that paranoid.

But still, you get my point.

Uhyve said,

Not everything. Say they are doing their hacking using some Starbucks free WiFi, from the safety of their car, routing through proxies, it's nigh on impossible to trace. Thought judging from their past actions they're probably not that paranoid.

But still, you get my point.

Err, if they keep doing this kind of damage? yeah, it'd be traceable. Goes to Starbucks. Starbucks has cameras. Just a matter of how much they **** people off.

Uhyve said,

Thought judging from their past actions they're probably not that paranoid.

Probably not, but they should be.

rfirth said,

Probably not, but they should be.

Actually if you read some of the chat logs from the public channels they use they're pretty paranoid. They sit behind VPNs for everything, store anything and everything associated with what they do on encrypted drives and are at least smart enough to try and destroy logs when they can.

They'll probably still get caught, but I can't imagine how. Would probably require a government/individual to either coerce or hack whoever provides their VPN services.

it can be allied to a security breach... while u take all atention of ppl to the down website, the other holes can become less protected by admins eyes..

Was on their Twitter. On Friday, they said this:

Taking the weekend off. <3 #****FBIFriday is secret this week. Nothing to release, but definitely something gained.

They followed this up yesterday by saying "Recently we got bored of owning FBI, so we're just throwing it out there. You guys suck, stop reusing your damn passwords, peons! #ADVICE" and "To further embarrass the FBI, we're not going to leak said users. We're simply going to allow the press to call them and ask about it. "

Whether it's true or not is up in the air, as it could just be a ploy.

And around the same time via twitter; AnonymousIRC:

"@activepolitic Unfortunately for the U.S. Government, longer sentences will not have the slightest impact on what is about to come" -AnonymousIRC Twitter

"today's security breach"
Hi neowin editors, just to inform you a DDoS is NOT a security breach, many thanks.

KavazovAngel said,
So much for the lulz... DDOS don't make you a hacker.

This tweet from more recent, since this article is 2 hours old; the site was only down depending on where you were.

"DDoS is of course our least powerful and most abundant ammunition. Government hacking is taking place right now behind the scenes. #AntiSec" -Lulzsec Twitter

Alladaskill17 said,

This tweet from more recent, since this article is 2 hours old; the site was only down depending on where you were.

"DDoS is of course our least powerful and most abundant ammunition. Government hacking is taking place right now behind the scenes. #AntiSec" -Lulzsec Twitter

Behind the scenes?

I suppose it makes sense if you want to remain anonymous. They will, probably, reveal it to us later.