Thursday August 18, 2011 5:15 pm
Amateur hacker takes credit for cracking BART police Web site
BART's troubles with Anonymous hackers continued Wednesday with the apparent hacking of a BART Police Officers Association website and ensuing publication of private data belonging to more than 100 BART police officers.
A Pastebin posting of data obtained in what appears to have been a "serious security breach" of BARTpoa.com, according to Sophos' NakedSecurity blog, includes the names, home addresses, email addresses, and passwords belonging to officers employed by Bay Area Rapid Transit (BART).
And the latest attack on BART may have been done by a self-proclaimed first-time hacker.
Late Wednesday, Twitter accounts associated with Anonymous and the campaign against BART began pointing to a purportedly leaked Internet Relay Chat log in which a user called "Lamaline_5mg" claimed to have broken into the BARTpoa.com database, acting alone and using an SQL injection tool, a common means of network intrusion:
"[08/17/11 11:18] Lamaline_5mg I don't want the media to know anything about the hackers.
[08/17/11 11:19] n0pants in what sense?
[08/17/11 11:19] Lamaline_5mg I am not a hacker. This is my first attack.
[08/17/11 11:19] n0pants ohwow
[08/17/11 11:19] n0pants that's pretty newsworthy too
[08/17/11 11:19] Lamaline_5mg I just got pissed about what bart did and learned a lot about Microsoft SQLi.
[08/17/11 11:19] n0pants u cover yr ass?
[08/17/11 11:20] Lamaline_5mg Sure I do."
BART has come under fire from free speech advocates and drawn the ire of the loose collective of online hackers and activists known as Anonymous for shutting down cell phone service during a protest last week over the shooting death of 45-year-old Charles Blair Hill by BART police in July.
The transit authority has claimed it shut down cell service for public safety reasons, attempting to prevent protest organizers from communicating and organizing via mobile devices in the face of disruptive and potentially dangerous gatherings at San Francisco underground stations.
But critics of the cell service shutdown say BART lacks the authority to cut off such communications and have attacked the legal rationale espoused by BART spokespeople for doing so.
On Sunday, hackers broke into the mybart.org website, defacing some pages and posting mybart.org user data online. Earlier this week, Anonymous helped organize a street protest that resulted in BART authorities and the SFPD shutting down four downtown San Francisco BART and Muni stations for a few hours.
"These people are criminals and we're going to forward this information to the FBI," Jesse Sekhon, BART's union president, told SFGate.com after the BARTpoa.com data was posted. "These people need to be brought to justice. They can't be terrorizing people."
But it remained unclear late on Wednesday just who was behind the latest attack on BART. The leaked chat log may or may not point to the real perpetrator, given the unreliability of such anonymous exchanges.
However, the person or person behind @AnonyOps, the Twitter account which has spearheaded the Anonymous operation against BART, certainly attempted to distance itself from the BARTpoa.com hack, tweeting:
"FYI, No one claimed responsibility for the hack. Some random joe joined a channel and released the data to the press."
This article, written by Damon Poeter, originally appeared on PCMag.com and is republished on Gear Live with the permission of Ziff Davis, Inc.
- Related Tags:
- bart, bart police, bart protests, bay area rapid transit, cellphones, charles blair hill, controversy, hackers
© Gear Live Inc. – User-posted content, unless source is quoted, is licensed under a Creative Commons Public Domain License. Gear Live graphics, logos, designs, page headers, button icons, videos, articles, blogs, forums, scripts and other service names are the trademarks of Gear Live Inc.