「利用者:Gesteinbrunnen/sandbox-b」の版間の差分

ここはGesteinbrunnenさんの利用者サンドボックスです。編集を試したり下書きを置いておいたりするための場所であり、百科事典の記事ではありません。ただし、公開の場ですので、許諾されていない文章の転載はご遠慮ください。 登録利用者は自分用の利用者サンドボックスを作成できます（サンドボックスを作成する、解説）。 この利用者の下書き：User:Gesteinbrunnen/sandbox・User:Gesteinbrunnen/sandbox-b その他のサンドボックス: 共用サンドボックス | モジュールサンドボックス 記事がある程度できあがったら、編集方針を確認して、新規ページを作成しましょう。

下書き CyberBerkut Template:More citations needed

CyberBerkut (ロシア語: КиберБеркут, ウクライナ語: КіберБеркут) is a modern organized group of pro-Russian hacktivists.^[1] The group became locally known for a series of publicity stunts and distributed denial-of-service (DDoS) attacks on Ukrainian government, and western or Ukrainian corporate websites.^[2] By 2018, this group was accused by western intelligence agencies, such as National Cyber Security Centre (United Kingdom) of being linked to the GRU, providing plausible deniability.^[3]

The group emerged after the dissolution of special police force "Berkut" that became notorious for its violent repression used during the EuroMaidan demonstrations.^[4] The group is anonymous.^[要出典] Their proclaimed goals are fighting against neo-fascism, neo-nationalism and arbitrary power in Ukraine.^[要出典] To further this aim, CyberBerkut activists targeted the "Right Sector" IT resources.^[要出典] CyberBerkut targets included NATO, and its allies.^[5]

• Attacks on NATO websites.^[6][7]
• Attacks on U.S. private military companies.^[8]
• Publication of correspondence of deputies of (political parties) Batkivshchyna and Ukrainian Democratic Alliance for Reform.^[9]
• Publication of correspondence with the United States Embassy in Ukraine and United States foundations.^[10]
• Disclosure to public of telephone recording between Yulia Tymoshenko and Nestor Shufrych.^{[11][nb 1]}
• Disclosure to public of telephone recording between EU High Representative for Foreign Affairs Catherine Ashton and Foreign Minister of Estonia Urmas Paet.^[13]
• Blocking cellular phones of members of the Yatsenyuk Government and persons close to them.^[14]
• Blocking Internet resources of Secretary of the National Security and Defence Council of Ukraine Andriy Parubiy and news portals: LigaBusinessInform and Ukrainian Independent Information Agency.^[15]
• Publication of video materials that are blocked on YouTube.^[1]
• Attempts at disrupting the recruitment of the National Guard of Ukraine.^[要出典]
• Attempted destruction of the electronic system of the Central Election Commission of Ukraine prior to the 2014 Ukrainian presidential election.^[要出典]
• Publishing lists of alleged Ukrainian military deserters^[要出典]
• Attempts at disrupting the work of the Central Election Commission of Ukraine by damaging the IFES system before the elections and blocking cellphones of their organisators.^[16][17]
• Temporary disruption of the websites of the Ministry of Internal Affairs and the General Prosecutor of Ukraine. Websites of TV channels 1+1 and Inter were also temporary disrupted ^[要出典].
• Email hacking and publication of the conversation between Ihor Kolomoyskyi and the persecutor of the Lviv Oblast, hacking of the computer and email of a person related to Ihor Kolomoyskiy.^[18][19][20] Archives of the contents of 89 email accounts of Lviv oblast's prosecutor office employees.
• Hacking and publishing of the Minister of Internal Affairs Arsen Avakov's conversation.^[21]
• Blocking of the website of the President of Ukraine Petro Poroshenko on 29 June 2014.^[22]
• Publication of the real name and biography of Semen Semenchenko – Konstantin Grishin.^[23]
• Hacking of the German Chancellery and the German Bundestag^[24][5]
• Hacked U.S. Senator John McCain's computers during a visit to Ukraine in 2015 and released a video depicting a fake ISIS beheading video being filmed^[25]

The group also publishes pro-Donetsk People's Republic videos.^[1] In one of them it is claimed that Ukrainian security forces are living under a "Jewish occupation".^[1]

• Repeated blocking of CB's Facebook pages, although new ones have been made on the following day ^[要出典].
• Likely in response to attacking the websites of Greystone Limited and Triple Canopy, CyberBerkut's websites have been temporarily disrupted. The websites started to work again on the following day.^[要出典]
• Arrests of people suspected in relation to CyberBerkut.^[26]

Gay Nigger Association of America

「GNAA」はこの項目へ転送されています。その他の用法については「GNAA (曖昧さ回避)」をご覧ください。

Template:Pp-move-indef

Gay Nigger Association of America

略称	GNAA
設立	2002年 (22年前) (2002)[27]
種類	Internet trolls
目的	Trolling
加盟	Goatse Security[28][29][30]
ウェブサイト	www.gnaa.eu
テンプレートを表示

The Gay Nigger Association of America (GNAA) was an internet trolling group. They targeted several prominent websites and internet personalities including Slashdot, Wikipedia, CNN, Barack Obama, Alex Jones, and prominent members of the blogosphere. They also released software products, and leaked screenshots and information about upcoming operating systems. In addition, they maintained a software repository and a wiki-based site dedicated to internet commentary.^[31][32]

Members of the GNAA also founded Goatse Security, a grey hat information security group. Members of Goatse Security released information in June 2010 about email addresses on AT&T's website from people who had subscribed to mobile data service using the iPad. After the vulnerability was disclosed, the then-president of the GNAA, weev, and a GNAA member, "JacksonBrown", were arrested.^[33]

The group was run by a president.^[30] New media researcher Andrew Lih stated that it was unclear whether or not there was initially a clearly defined group of GNAA members, or if founding and early members of the GNAA were online troublemakers united under the name in order to disrupt websites.^[34] However, professor Jodi Dean and Ross Cisneros claimed that they were an organized group of anti-blogging trolls.^[31][35] Reporters also referred to the GNAA as a group.^[36][37][38]

In her 2017 book Troll Hunting, Australian journalist Ginger Gorman identified the president of the GNAA as an individual from Colorado known as "Meepsheep."^[39] Known former presidents of the GNAA were security researcher Jaime "asshurtmacfags" Cochran, who also co-founded the hacking group "Rustle League,"^[40] and "timecop," founder of the anime fansub group "Dattebayo."^[39][41] Other members included former president Andrew "weev" Auernheimer, Daniel "JacksonBrown" Spitler,^[33][42] and former spokesman Leon Kaiser.^[43] GNAA has also been documented as having been loosely affiliated with the satirical wiki Encyclopedia Dramatica.^[39]

The group's name incited controversy and was described as "causing immediate alarm in anyone with a semblance of good taste," "intentionally offensive,"^[34] and "spectacularly offensive."^[36] The group denied allegations of racism and homophobia, explaining that the name was intended to sow disruption on the internet and challenge social norms (claiming it was derived from the 1992 Danish satirical blaxploitation film Gayniggers from Outer Space).^[31] In an interview on the OfFenzive podcast, president Weev recalled an anecdote where the organization did actually once contain a member that was a homosexual black male.^[44]

The GNAA used many different methods of trolling. One was to simply "crapflood" a weblog's comment form with text consisting of repeated words and phrases.^[31][36] On Wikipedia, members of the group created an article about the group, while adhering to Wikipedia's rules and policies, a process Andrew Lih says "essentially [used] the system against itself."^[34] Another method included attacking many Internet Relay Chat channels and networks using different IRC flooding techniques.^[45]

The GNAA also produced shock sites containing malware.^[31][46] One such site, "Last Measure," contained embedded malware that opened up "an endless cascade of pop-up windows displaying pornography or horrific medical pictures."^[46][47] They also performed proof of concept demonstrations.^[45][48] These actions occasionally interrupted the normal operation of popular websites.

In July 2004, two GNAA members submitted leaked screenshots of the upcoming operating system Mac OS X v10.4^[49] to the popular Macintosh news website MacRumors.^[50]

In June 2005, the GNAA announced that it had created a Mac OS X Tiger release for Intel x86 processors which caught media attention from various sources.^[51][52][53] The next day, the supposed leak was mentioned on the G4 television show Attack of the Show.^[54] The ISO image released via BitTorrent merely booted a shock image^[54][55] instead of the leaked operating system.^[56]

On February 3, 2007, the GNAA successfully managed to convince CNN reporter Paula Zahn that "one in three Americans" believe that the September 11, 2001, terror attacks were carried out by Israeli agents.^[57] CNN subsequently ran a story erroneously reporting this, involving a round-table discussion regarding antisemitism and an interview with the father of a Jewish 9/11 victim.^[58] The GNAA-owned website said that "over 4,000" Jews were absent from work at the World Trade Center on 9/11.^[58]

On February 11, 2007, an attack was launched on the website of US presidential candidate (and future US president) Barack Obama, where the group's name was caused to appear on the website's front page.^[59]

In late January 2010, the GNAA used a then-obscure phenomenon known as cross-protocol scripting (a combination of cross-site scripting and inter-protocol exploitation) to cause users of the Freenode IRC network to unknowingly flood IRC channels after visiting websites containing inter-protocol exploits.^[37] They also have used a combination of inter-protocol, cross-site, and integer overflow bugs in both the Firefox and Safari web browsers to flood IRC channels.^[38]

On October 30, the GNAA began a trolling campaign in the aftermath of Hurricane Sandy on the US East Coast, spreading fake photographs and tweets of alleged looters in action. After the GNAA published a press-release detailing the incident,^[60] mainstream media outlets began detailing how the prank was carried out.^[61][62]

On December 3, the GNAA was identified as being responsible for a cross-site scripting attack on Tumblr that resulted in thousands of Tumblr blogs being defaced with a pro-GNAA message.^[63]

In January 2013, the GNAA collaborated with users on the imageboard 4chan to start a "#cut4bieber" trend on Twitter, encouraging fans of Canadian pop singer Justin Bieber to practice self-harm.^[64][65]

From 2014 into 2015, GNAA members began playing an active role in the Gamergate controversy, sabotaging efforts made by pro-Gamergate parties. Several GNAA members were able to gain administrative access to 8chan's (an imageboard associated with Gamergate) primary Gamergate board, which they disrupted and ultimately closed. The GNAA also claimed responsibility for releasing private information related to many pro-Gamergate activists.^[66]

On October 13, 2016, GNAA member Meepsheep vandalized Wikipedia to cause the entries for Bill and Hillary Clinton to be overlapped with pornographic images and a message endorsing Republican presidential candidate Donald Trump.^[67]

In August 2017, GNAA was named as having been involved in a feud between employees of the popular dating app Bumble, and tenants of the apartment building in Austin, Texas where the company was, at the time, illegally headquartered.^[68] Joseph Bernstein of BuzzFeed News reported that one of the building's residents contacted GNAA to "fight back" against Bumble after multiple complaints regarding the company's activities were ignored. The dispute resulted in Bumble choosing to relocate from the building, which GNAA claimed credit for in a press release the group spammed across several websites via clickjacking.^[68]

Several members of the GNAA with expertise in grey hat^[69] computer security research began releasing information about several software vulnerabilities under the name "Goatse Security." The group chose to publish their work under a separate name because they thought that they would not be taken seriously.^[42]

In June 2010, Goatse Security attracted mainstream media attention for their discovery of at least 114,000 unsecured email addresses^[70] registered to Apple iPad devices for early adopters of Apple's 3G iPad service.^[29][71] The data was aggregated from AT&T's own servers by feeding a publicly available script with HTTP requests containing randomly generated ICC-IDs, which would then return the associated email address. The FBI soon investigated the incident. This investigation led to the arrest of then-GNAA President,^[72] Andrew 'weev' Auernheimer, on unrelated drug charges^[73] resulting from an FBI search of his home.^[42][74]

In January 2011, the Department of Justice announced that Auernheimer would be charged with one count of conspiracy to access a computer without authorization and one count of fraud.^[75] A co-defendant, Daniel Spitler, was released on bail.^[76][77] In June 2011, Spitler pleaded guilty on both counts after reaching a plea agreement with US attorneys.^[78] On November 20, 2012, Auernheimer was found guilty of one count of identity fraud and one count of conspiracy to access a computer without authorization.^[79] These convictions were overturned^[なぜ?] on April 11, 2014, and Auernheimer was subsequently released from prison.^[80]

Decocidio

欧州気候取引所の　抗議運動＝節　Decocidioの自己リンクとなっている ウィキペディア自身をウィキペディアの出典に使うのは「Wikipedia:検証可能性#ウィキペディア自身及びウィキペディアの転載サイト」に抵触するため不可の可能性

PLATINUM (cybercrime group) PLATINUM is the name given by Microsoft to a cybercrime collective active against governments and related organizations in South and Southeast Asia.^[1] They are secretive and not much is known about the members of the group.^[2] The group's skill means that its attacks sometimes go without detection for many years.^[1]

The group, considered an advanced persistent threat, has been active since at least 2009,^[3] targeting victims via spear-phishing attacks against government officials' private email addresses, zero-day exploits, and hot-patching vulnerabilities.^[4][5] Upon gaining access to their victims' computers, the group steals economically sensitive information.^[1]

PLATINUM succeeded in keeping a low profile until their abuse of the Microsoft Windows hot patching system was detected and publicly reported in April 2016.^[2] This hot patching method allows them to use Microsoft's own features to quickly patch, alter files or update an application, without rebooting the system altogether, this way, they can maintain the data they have stolen while masking their identity.^[2]

In June 2017, PLATINUM became notable for exploiting the serial over LAN (SOL) capabilities of Intel's Active Management Technology to perform data exfiltration.^{[6][7][8][9][10][11][12][13]}

^{[要説明][1]}

Once in control of a target's computer, PLATINUM actors can move through the target's network using specially built malware modules. These have either been written by one of the multiple teams working under the Platinum group umbrella, or they could have been sold through any number of outside sources that Platinum has been dealing with since 2009.^[1]

Because of the diversity of this malware, the versions of which have little code in common, Microsoft's investigators have taxonomised it into families.^[1]

The piece of malware most widely used by PLATINUM was nicknamed Dispind by Microsoft.^[1] This piece of malware can install a keylogger, a piece of software that records (and may also be able to inject) keystrokes.^[要出典]

PLATINUM also uses other malware like "JPIN" which installs itself into the %appdata% folder of a computer so that it can obtain information, load a keylogger, download files and updates, and perform other tasks like extracting files that could contain sensitive information.^[1]

"Adbupd" is another malware program utilised by PLATINUM, and is similar to the two previously mentioned. It is known for its ability to support plugins, so it can be specialised, making it versatile enough to adapt to various protection mechanisms.^[1]

In 2017, Microsoft reported that PLATINUM had begun to exploit a feature of Intel CPUs.^[14] The feature in question is Intel's AMT Serial-over-LAN (SOL), which allows a user to remotely control another computer, bypassing the host operating system of the target, including firewalls and monitoring tools within the host operating system.^[14]

Microsoft advises users to apply all of their security updates to minimize vulnerabilities and to keep highly sensitive data out of large networks.^[1] Because PLATINUM targets organizations, companies and government branches to acquire trade secrets, anyone working in or with such organizations can be a target for the group.^[15]

• Intel AMT § Known vulnerabilities and exploits
• Titanium (malware)

Teamp0ison

Teamp0ison was a computer security research group consisting of 3 to 5 core members. The group gained notoriety in 2011/2012 for its blackhat hacking activities, which included attacks on the United Nations, NASA, NATO, Facebook, Minecraft Pocket Edition Forums, and several other large corporations and government entities.^[6] TeaMp0isoN disbanded in 2012 following the arrests of some of its core members, "TriCk", and "MLT".^[7]

TeaMp0isoN released several documents pertaining to the English Defence League (EDL), leaking information which included personal details of several high-ranking EDL members.^[8] In addition, TeaMp0isoN went on to deface EDL's official website.^[9]

In January 2011, unauthorized status updates were posted on Mark Zuckerberg and French President Nicolas Sarkozy's accounts on social-networking site Facebook. On 25 January, a spokesperson for Facebook acknowledged the bug in their system and said it has been fixed. Later that week The Daily Beast reported that "TriCk", a member of TeaMp0isoN, along with members of a group known as "ZHC", said they had exploited a bug in the web site on the previous New Year's Eve, allowing them to post unauthorized status updates and to block temporary newsfeeds to a list of 130 pages. A spokeswoman for one of the targeted groups, the English Defence League, confirmed that they were targeted and their pages critical of Islam were indeed hacked. Members of Facebook's security team said after being contacted on the matter by The Daily Beast, they had found no evidence of malicious activity in their logs.^[10]

In June 2011, the group published what appeared to be the address book and other private data of former British Prime Minister Tony Blair on Pastebin. According to TeaMp0isoN, the data was obtained originally in December 2010. Blair's spokesman said the data was not obtained from Blair directly, but from the personal email account of his former staff.^[11] TeaMp0isoN responded to this, commenting "Blairs sheep are lying about how we got the info, we got into the webmail server via a private exploit & we wiped the logs so Good luck".^[12]

During the 2011 England riots it was believed that the BlackBerry Messenger service was used by looters for collaboration. TeaMp0isoN defaced the official BlackBerry blog as a response to Research In Motion (RIM), the maker of the BlackBerry, promising to co-operate with the United Kingdom police and government. TeaMp0isoN released a statement saying, "We are all for the rioters that are engaging in attacks on the police and government."^[13]

In July 2011, TeaMp0isoN released eight Court Cases against Sarah Palin, claiming they had intentions to do the same with Barack Obama.^[14]

On 8 August 2011, TeaMp0isoN released the hashed administrator passwords for a website hosted under NASA's domain, after using a public vulnerability.^[15]

In November 2011, TeaMp0isoN released a list of email addresses and passwords that were reportedly obtained via an SQL injection vulnerability in the United Kingdom's Ministry of Defence.^[16] The Ministry of Defence is responsible for controlling Britain's defence policies and is also the headquarters of the British Armed Forces.

In December 2011, TeaMp0isoN leaked the account data of 13 million South Korean online game subscribers.^[17]

In April 2012, TeaMp0isoN targeted MI6 (the UK's Secret Intelligence Service). The group created a script that allowed them to repeatedly flood the anti-terrorism hotline with computer-generated calls, before calling up the hotline themselves in order to mock officers. The officers then warned them that they would be traced and reported to the FBI. TeaMp0isoN then reportedly wiretapped the MI6 agents, recording a conversation between officers and posting the leaked conversation on YouTube.^[18][19]

On 3 April 2012, TeaMp0isoN gained access to a NATO web server, before leaking data obtained from the server and defacing the index page of the site.^[20][21]

TeaMp0isoN joined forces with the hacker collective Anonymous to announce OpCensorThis, an operation intended to protest against censorship. The operation received a lot of media attention and music artists such as Lyricist Jinn and Tabanacle created a music video in order to raise awareness of the operation.^[22][23]

TeaMp0isoN then went on to deface several sites in support of OpCensorThis, the most significant being the United Nations Development Programme, and the British tabloid newspaper, the Daily Mail.^[24][25]

In response to the Occupy Movement, an online announcement claimed that TeaMp0isoN joined Anonymous to launch Operation Robin Hood, intending to hack into websites, obtain credit cards and make donations to activist organizations while the banks would have to refund the hacked accounts.^[26][27] The video stated: "Operation Robin Hood will take credit cards and donate to the 99% as well as various charities around the globe. The banks will be forced to reimburse the people their money back", while encouraging people to "move your accounts into secure credit unions".^[26]

As part of Operation Robin Hood, TeaMp0isoN leaked over 26,000 Israeli credit card details, obtained via vulnerabilities in Israeli banks, One and CityNet.^[28]

TeaMp0isoN went on to publish the credit card details and passport scans of well-known rapper Sean Combs (also known as P-Diddy). TeaMp0isoN then used his credit card to donate money to charity and to order pizzas for those who requested via Twitter.^[29] P-Diddy launched an internal investigation to attempt to track down TeaMp0isoN, reportedly hiring a team of private detectives.^[30]

Following the arrest of founding TeaMp0isoN member "TriCk," the group announced Operation Retaliation, which began with reported DDoS attacks against MI6, before attacks took place against, among others, the Japanese electronics multinational Panasonic, the Australian Government, and the World Health Organization.^[31] In addition, Consternation Security and Doxbin were also reported to have been hacked.^[32][33]

In November 2011, TeaMp0isoN released more than 128 usernames and login details, which they say were obtained from the United Nations Development Programme. According to a spokeswoman for the UNDP the data was extracted from "an old server which contains old data".^[34] TeaMp0isoN disputed this statement, releasing server logs and other evidence to suggest that the server was still in fact actively being used by the United Nations.^[35]

In April 2012, TeaMp0isoN hacked the United Nations again, this time targeting the UN's World Health Organization and leaking a list of usernames and hashed passwords, including administrator credentials.^[36][37]

On 10 April 2012, the group created a script to call the British Anti-Terrorism Hotline with hoax calls continuously for a 24-hour period to protest the extradition of terrorist suspects to the United States. On 12 April, police arrested two teenagers, aged 16 and 17, over the incident under suspicion of violating the Malicious Communications Act 1988 and the Computer Misuse Act.^[38]

On 9 May 2012, alleged TeaMp0isoN member and spokesperson "MLT" was arrested by officers from Scotland Yard on suspicion of offences under the Computer Misuse Act, relating to the attacks on the Anti-Terrorist Hotline and other offences.^[39]

In 2015, TeaMp0isoN returned and no longer appear to be committing any illegal activities. Posting from their official Twitter account, they have identified and disclosed vulnerabilities in Google, Amazon, eBay, Harvard University, NOAA, Comcast, Time Warner Cable, Western Union, the United Nations, the London Stock Exchange, Autodesk and several other large systems. TeaMp0isoN has also released several zero-day exploits, including one that affected the memorial sites of Malcolm X and Marilyn Monroe, and one that affected a commonly-used WordPress plugin used by a large number of websites. In addition to this, their website and forums have returned alongside their newly launched IRC network, and it appears they also have plans for a wargaming website allowing penetration testers to hone their skills within a legal and ethical environment.^[要出典]

In April 2015, TeaMp0isoN identified and disclosed vulnerabilities in many major universities including Harvard University, Stanford University, Princeton University, the University of Texas, and the University of California, among others. The majority of the vulnerabilities found were via SQL injection flaws.^[40] Also at this time, TeaMp0isoN identified a zero-day SQL Injection vulnerability, resulting in many sites being compromised, including Crime Stoppers in Waterloo, Ontario, Peel and other Canadian cities and districts.^[41]

In May 2015, TeaMp0isoN member "KMS" targeted the Minecraft Pocket Edition Forum, seemingly infiltrating their database and leaking a list of over 16,000 usernames and passwords.^[42]

Activities in 2016 indicated that they came back as a mix between a black hat and a white hat group. They disclosed vulnerabilities in the United States Department of Education, UCLA, and various other institutions.

In February/March 2016, the group breached both a UN Agency and one of America's largest Internet service providers. During mid-February, TeaMp0isoN breached the United Nations World Tourism Organization and defaced their forum index.^[43] During late February, TeaMp0isoN breached the Time Warner Cable Business Class Managed Security Services Portal. Their (since suspended) Twitter feed indicated that they gained access to the backend ticket system as well as the details of 4,191 users.^[44]

TeaMp0isoN member "TriCk" is believed to be Junaid Hussain, a black hat hacker who was arrested for doxing Tony Blair's personal information. He fled the UK while on police bail and reportedly joined ISIL.^[45] It is believed that Hussain became a prominent ISIL propagandist, using social media to recruit soldiers to join ISIL, and was behind several high-profile attacks under the group name "CyberCaliphate".^[46] Hussain is also believed to have links to Jihadi John. Hussain has also been suspected of cooperating with other ISIL members to unmask individuals who report to rebel media groups, and doxing U.S. soldiers and their families.^[47]

Hussain was a prominent target on the Pentagon's Disposition Matrix due to his influence overseas. On 26 August 2015, U.S. officials said they have a "high level of confidence" that Hussain was killed in a drone strike in Syria.^[48]

ポータル United Kingdom

• Hacktivism

Derp (hacker group)

Austin Thompson,^[1] known as DerpTrolling, is a hacker that was active from 2011 to 2014.^[2] He largely used Twitter to coordinate distributed denial of service attacks on various high traffic websites. In December 2013 he managed to bring down large gaming sites such as League of Legends in an attempt to troll popular livestreamer PhantomL0rd. Public reaction to his presence has been generally negative, largely owing to the unclear nature of his motives.

After pleading guilty to charges of hacking in 2018, he was sentenced to 27 months in federal prison, as well as being required to pay $95,000 in restitution.^[1]

Initially,^[いつ?] Derp sent a few tweets using the Twitter account “DerpTrolling” to indicate that he were going to bring down the popular gaming website League of Legends.^[3] his first attack however, was on a game called Quake Live.^[4] Hours afterwards, many of the League of Legends game server regions in North America, Europe, and Oceania, as well as the website and Internet forums were taken down.^[5] To bring down the game servers, he used an indirect attack on Riot Games' internet service provider Internap.^[6] he revealed to have been targeting a popular livestreamer who goes by the name of PhantomL0rd on the streaming website Twitch.^[7] Reddit summarized the report by saying that he had planned to use distributed denial of service attacks to flood traffic^[8] on various high-profile gaming websites associated with PhantomL0rd, including League of Legends and Blizzard Entertainment's Battle.net.^[6] According to The Escapist, the hacker also issued a threat to take down Dota 2 if PhantomL0rd were to lose his game,^[9] which the hacker carried out. However, he only crashed Phantoml0rd's game, while other games in DoTA 2 were running normally.

When PhantomL0rd asked the hacker why he was attacking these sites, he responded by saying it was "for the lulz"^[5] and that it was also partially out of dislike for "money-hungry companies."^[10] He also persuaded PhantomL0rd into playing Club Penguin^[3] while simultaneously managing to take down Electronic Arts website EA.com.^[9] PhantomL0rd's personal information was leaked during the attack and released onto multiple gaming websites, in a process often referred to as doxing. This led to many fake orders of pizza arriving at his house, as well as a police raid on his house when they received reports about a hostage situation.^[4] According to PhantomL0rd, at least six policemen searched through his house,^[6][9] but they only realized later that the call was fake.^[11] The hacker group claimed to have additionally attacked several other Internet games and websites including World of Tanks, the North Korean news network KCNA, RuneScape, Eve Online, a Westboro Baptist Church website, the website and online servers of Minecraft, and many others. A day after the attacks, Riot Games issued a statement confirming that their League of Legends services had indeed been attacked by the hacker, though the hacker have brought their services back online.^[9]

The news website LatinoPost criticized the attack as being "frivolous" and merely "just for attention," unlike so-called hacktivist groups.^[10] VentureBeat noted that PhantomL0rd's stream was still drawing in over one hundred thousand viewers and that it is "still good for his traffic."^[8] PlayStation LifeStyle stated that they believe the current problems with the PlayStation Network had more to do with the "influx of new PS4 owners and increased holiday online activity" than any effect or damage the hacker attempted on the network.^[7] Editor of popular gaming news website Game Informer's Mike Futter also blamed the Twitch streaming service and PhantomL0rd for not shutting the stream immediately despite having received several warnings throughout, and that this was tantamount to playing accomplices to the crime. Varga defended himself by saying that he was merely trying to maintain a business, and that if he did not comply, DerpTrolling would have targeted another streamer.^[12]

• Lizard Squad
• Anonymous (group)

Derp (hacker group)

Austin Thompson,^[1] known as DerpTrolling, is a hacker that was active from 2011 to 2014.^[2] He largely used Twitter to coordinate distributed denial of service attacks on various high traffic websites. In December 2013 he managed to bring down large gaming sites such as League of Legends in an attempt to troll popular livestreamer PhantomL0rd. Public reaction to his presence has been generally negative, largely owing to the unclear nature of his motives.

OurMine

OurMine is a hacker group^[4] that is known for hacking popular accounts and websites, such as Jack Dorsey and Mark Zuckerberg's Twitter accounts. The group often causes cybervandalism to advertise their commercial services,^[5][6][7] which is among the reasons why they are not widely considered to be a "white hat" group.^[5][6]

In 2016, OurMine hacked the Twitter accounts of Wikipedia co-founder Jimmy Wales,^[8] Pokémon GO creator John Hanke,^[9][10] Twitter co-founder Jack Dorsey,^[11] Google CEO Sundar Pichai,^[12] and Facebook co-founder Mark Zuckerberg, whose Pinterest was also hacked.^[13] In addition to social media accounts, the group has hacked the website TechCrunch.^[14][15][16]

In October, BuzzFeed News published an article linking the OurMine group to a Saudi Arabian teenager using the name Ahmad Makki on social media. OurMine denied the allegations, claiming that Makki was only a "fan" of the group.^[17] One day after the article's publication, OurMine infiltrated BuzzFeed's website and altered the content of several posts to read "Hacked By OurMine".^[18][19]

Other 2016 hacks include the Twitter accounts of Sony President Shuhei Yoshida;^[20] the Wikimedia global account of Jimmy Wales;^[21] the Twitter accounts of Netflix and Marvel;^[22] the Twitter accounts of Sony Music Global;^[23] the Instagram accounts of National Geographic;^[24] and the Twitter accounts of National Geographic Photography.^[25]

In 2017, OurMine hacked into a Medium website employee account. The account was part of a strategic partnerships team, allowing OurMine to hijack blogs belonging to Fortune and Backchannel.^[26]

Twitter accounts hacked in 2017 included that of David Guetta,^[27] the New York Times,^[28] the WWE,^[29] and Game of Thrones (along with some other HBO TV shows, and HBO's own official account).^[30] They also hacked the Twitter and Facebook accounts of PlayStation (including a claimed leak of the PlayStation Network databases),^[31] FC Barcelona,^[32] and Real Madrid (including their YouTube channel);^[33] several Facebook accounts of CNN were also hacked.^[34]

Some YouTube accounts were hacked by OurMine in 2017 included that of the Omnia Media network, gaining access to numerous channels;^[35][36][37] and various YouTube channels from the Studio71 network were also hacked.^[38]

On August 31, OurMine left a message on the homepage of WikiLeaks. "Hi, it’s OurMine (Security Group), don’t worry we are just testing your…. blablablab, oh wait, this is not a security test! Wikileaks, remember when you challenged us to hack you?" The messages went on to accuse Anonymous of trying to dox them with false information and included an exhortation to spread the #WikileaksHack tag on Twitter. The message was visible when the site was accessed from certain locations. At the time of publication, some visitors to the site were greeted with a message saying that WikiLeaks’ account has been suspended.^[39]

In September 2017, OurMine claimed responsibility for hacking Vevo and publishing more than 3TB of their internal documents.^[40]

In January, OurMine compromised the Twitter, Facebook and Instagram accounts of the NFL and 15 NFL teams.^[41]

In February, OurMine compromised Facebook's Twitter account.^[42] Later that month, they also compromised the Twitter account of South Korean boy band, NCT 127.^[43]

In May, the group OurMine invaded the Brazilian streaming platform Globoplay and sent a notification to all users of the Globoplay app.^[44]

Legion Hacktivist Group

Template:Hacking

Legion is a hacktivist group that has attacked some rich and powerful people in India by hacking their twitter handlers. The group claims to have access to many email servers in India and has the encryption keys used by Indian banks over the Internet.^[1][2]

Legion came into news when it launched its series of attacks starting with Rahul Gandhi, the member of Indian National Congress.^[3]

Reports say that not only Rahul's Twitter handler was hacked but his mail server was also hacked. The very next day, INC's Twitter handler was also hacked and tweeted irrelevant content. The group then hacked Twitter handlers of Vijay Mallya, Barkha Dutt and Ravish Kumar.^[4]

Because the Russian government tried to censor Telegram in 2018-2020, the Legion Hacker group hacked a sub-domain belonging to Federal Antimonopoly Service. They didn't cause big harm, but they posted a message to the Russian government stating that "The vandalism and destruction Roskomnadzor has caused to internet privacy and Russian anonymity has made them a target of Legion." - This text document was removed after 16 hours but it is still available via Wayback Machine.^[5]