A security firm investigating the people behind the recent Anonymous cyberattacks on various Web sites has become a victim of the group's exploits.
Information security research firm HBGary Federal, which said that it had been working with the FBI to identify the leaders of Anonymous, saw its Web site hacked and the Twitter account of its CEO, Aaron Barr, compromised yesterday by the group.
"Today we taught everyone a lesson. When we actually decide to bite back against those who try to bring us down, we bite hard," Anonymous tweeted on Barr's hacked Twitter page.
Beyond tweeting its success in hacking Barr's account, Anonymous revealed information about the CEO claiming to be his home address, Social Security number, and cell phone number. The group was also able to hack into the LinkedIn account of HBGary Chief Operating Officer Ted Vera, a task that Forbes said took a little more than two minutes and another 10 minutes to get Vera's address and phone number.
HBGary Federal's domain names hbgary.com and hbgaryfederal.com, which have since been released, and its Web site, which has since been taken offline, were all hacked in the attack, Anonymous replaced the site with a page describing its motives behind the attack. In its message, the group claims that documents uncovered by HBGary purporting to reveal the names of the "higher-ups" at Anonymous had incorrect information.
In addition to defacing the Web page, Anonymous downloaded more than 60,000 of the company's e-mails, which it then posted to the Pirate Bay file-sharing site along with its statement touting its attack against the security firm.
Barr apparently got himself into hot water when he told the Financial Times in a story published Saturday that he had identified two of the key members of Anonymous in the United States as well as senior members in other countries. Although the Financial Times said that he wasn't intending to share his findings with the authorities, one source from Anonymous involved in the cyberattack told Forbes that Barr was planning to sell the information to the FBI.
The cyberattack against HBGary was both more involved and more vicious than the standard distributed denial-of-service (DDoS) attacks that Anonymous launched against PayPal, Visa, MasterCard, and other companies in December. Claiming it was targeting those sites in defense of whistle-blowing site WikiLeaks, Anonymous has found itself in trouble with the FBI, which has been issuing search warrants as part of an ongoing investigation and with British police, which recently arrested five individuals in connection with the cyberattacks.