Share

Related Links

Related Stories

  • NullCrew: the principled hacker group?
    In a wide-ranging interview broadcast over online Spreaker radio but conducted probably via IRC, UK Anon Winston Smith has been talking to Null, the leader of the NullCrew hacking group.
  • Sony hacked by NullCrew; Anonymous attacks MI5 and MI6
    NullCrew, a new hacking group that has been particularly active over the last couple of months, has hacked Sony mobile websites – adding to its rapidly growing list of victims (Cambridge University, Yale University, Cambodia Army, PMT Air and many more).
  • Second LulzSec member arrested over Sony hacks
    Raynaldo Rivera (aged 20), aka neuron, royal and wildicv, has been taken into custody following his indictment last week charging him with conspiracy and unauthorized impairment of a protected computer; that is, last year’s Sony hacks.
  • Six months' reprieve for LulzSec's Sabu
    Hector Xavier Monsegur, aka 'Sabu' and former lead figure in LulzSec, has been granted six months' reprieve before sentencing for his continuing co-operation with the authorities.
  • Group claims credit for hack into Yale's network
    The group NullCrew has claimed that it hacked into Yale University’s network and stole user names, passwords, social security numbers, addresses, and phone numbers of 1,200 students and staff.

Top 5 Stories

News

NullCrew continues its hacking spree with a new international operation

29 October 2012

NullCrew is a hacking team that bears some similarities to the defunct LulzSec: it has sympathy with Anonymous, but is separate from Anonymous. It does, however, operate with none of the taunting flamboyance that probably led to the downfall of LulzSec.

Accused of not being sufficiently creative on their Twitter account, NullCrew responded, “You mean like LulzSec, how they would say all this stupid shit? Yeah... We're not like that.” This was immediately after NullCrew had pasted the haul from their latest victim, Ford Motor co, on Pastebin. What is noticeble is that NullCrew sometimes announces how they get into their victims’ systems – in this case via an error-based SQL injection vulnerability.

The crew had also just published (on Saturday) what it terms its e-zine on Pastebin – but this was rapidly removed. It is still available on AnonPaste and details hacks into www.mt.gov (boolean-blind base SQL injection), www.la.gov (unspecified method, and “nothing worthwhile in the databases”), un.org (XSS in webtv.un.org), www.texas.gov and fhpr.osd.mil (both unspecified). A related post still on Pastebin and posted on Thursday 25 October, explains the rationale: a new international protest against what it calls “corrupt governments and agencies. By agencies, I'm talking about organizations like Monsanto for example.”

In announcing this new operation, which it calls ‘F-theSystem’ it calls for groups to unite in their opposition. “You do not need to be in NullCrew, Anonymous, or any official hacktivist/activist group. You don't need any knowledge with technology. There are other ways to fight. Protests, Articles, Video footage...”

However, it is the online criminal expertise of NullCrew that will worry cyber law enforcement. Last month NullCrew hacked into Cambridge university. Earlier this month they breached Orange.co.uk, the World Health Organization, Sony (again), and dumped details from Foxconn and state.gov. 

NullCrew has already been around for longer than the famous 50 days of LulzSec; and seem better at covering their tracks than predecessors like LulzSec and UGNazi. But one thing we can all be sure of is that the FBI and SOCA and Europol are all looking for NullCrew.

This article is featured in:
Internet and Network Security

 

Comments

Chipzz says:

29 October 2012
Hahahah, and what whitehat wrote this masterpiece? Also, I'd reserve my opinions about how skilled 'NullCrew' is, because (to be quite frank) they're just the next line of Anonymous skidiots. If you don't believe me... well just wait and find out.

81abe8ae18709d9c67b558be2d19ad3e

Note: The majority of comments posted are created by members of the public. The views expressed are theirs and unless specifically stated are not those Elsevier Ltd. We are not responsible for any content posted by members of the public or content of any third party sites that are accessible through this site. Any links to third party websites from this website do not amount to any endorsement of that site by the Elsevier Ltd and any use of that site by you is at your own risk. For further information, please refer to our Terms & Conditions.

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×