Report: Hackers may target Stratfor supporters
A US-based security think tank that recently fell victim to a hack and extract attack is warning subscribers they may be targeted by cyber criminals for voicing their support on Facebook.
"Dear readers, it's come to our attention that our members who are speaking out in support of us on Facebook may be being targeted for doing so and are at risk of having sensitive information repeatedly published on other websites," a Stratfor rep warned on the company's official Facebook page.
"So, in order to protect yourselves, we recommend taking security precautions when speaking out on Facebook or abstaining from it altogether. We thank you so much for your support during this situation - it has helped to make Stratfor what it is today. Keeping you and your information safe is our number one priority."
Although numerous media reports attribute the Stratfor hack to Anonymous (which yielded over 4,000 credit card numbers), the collective has officially denied responsibility for the incident.
"The Stratfor hack is not the work of Anonymous. Stratfor is an open source intelligence agency, publishing daily reports on data collected from the open Internet. Hackers claiming to be Anonymous have distorted this truth in order to further their hidden agenda, and some Anons have taken the bait," the group claimed in a online communiqué.
"The leaked client list represents subscribers to a daily publication which is the primary service of Stratfor. Stratfor analysts are widely considered to be extremely unbiased. Anonymous does not attack media sources."
According to Anonymous, Stratfor has been deliberately misrepresented by "these so-called Anons" and portrayed in false light as a company which engages in activity similar to HBGary.
"Sabu and his crew are nothing more than opportunistic attention whores who are possibly agent provocateurs... As a media source, Stratfor's work is protected by the freedom of press, a principle which Anonymous values greatly. This hack is most definitely not the work of Anonymous," the group added.
Meanwhile, security researchers at F-Secure noted that some of the credit card numbers stolen from Stratfor subscribers have apparently been used to to make "sizable" donations to various charities, including the Red Cross, CARE, Save The Children and the African Child Foundation. Nevertheless, says F-Secure, the transactions are unlikely to be validated.
"At the first glance, actions like this look a bit like the actions of Robin Hood - steal from the rich, give to the poor. But unfortunately, in this case the poor won't get a dime. These anonymous donations will never reach the ones in need. And in fact, these actions will just end up hurting the charities, not helping them.
"When credit card owners see unauthorized charges on their cards, they report them to their bank or credit card company. Credit card companies will do a chargeback to the charities, which will have to return the money. In some cases, charities could be hit with with penalties. At the very least, they will lose time and money in handling the chargebacks."