“Dear citizens of the world”, the FBI is warning that members of the hacktivist group Anonymous hacking collective have secretly accessed US Goverment computers and stolen sensitive information in a campaign that began almost a year ago.
The Hacktivists have exploited a flaw in Adobe applications to compromise the target systems and install software backdoors to maintain the control of the victims computers over the time, the facts dated back to last December, according Reuters report.
The hacking campaign affected the U.S. Army, Department of Energy, Department of Health and Human Services, and other goverment agencies, FBI reveals.
The Federal Bureau of Investigation memo called the hacking campaign “a widespread problem that should be addressed” and provided useful information for system administrators on how to determine if their networks were compromised.
Goverment investigators are investigating the scope of the hacking, believed that hackers are still operating under coverage.
According to an Oct. 11 internal email from Department of Energy Secretary Ernest Moniz’s chief of staff, Kevin Knobloch, data stolen during the Anonymous hack on the department included personal information on at least 104,000 employees, contractors, family members, and others, along with information on many bank accounts that officials were “very concerned” could lead to theft.
An FBI spokeswoman would not elaborate on the investigation.
Officials say the hacking campaign is associated with the case of Lauri Love, a British man arrested and charged in October with hacking into systems of the US Army, the US Sentencing Commission, the Department of Energy, and other agencies. He was released on bail until February.
The FBI believes the campaign began when Love and others used a security flaw in Adobe’s ColdFusion software, which is used to construct websites.
Adobe spokeswoman Heather Edell said she was unaware of the FBI memo, but stated the company has found that most attacks on its software happen when programs have not been updated with the latest security.
Some of the data gathered during the “Operation Last Resort” campaign had been previously reported by those associated with Anonymous, though “the majority of the intrusions have not yet been made publicly known,” the FBI wrote.
“It is unknown exactly how many systems have been compromised, but it is a widespread problem that should be addressed.”
Among other causes, Anonymous members that took part in the campaign said it was in retaliation against the overzealous prosecution of hackers, such as the draconian penalties sought for Aaron Swartz, who committed suicide while awaiting trial over his own high-profile hacking activities.
Anonymous authored a statement on the hacked Sentencing Commission website in honor of Swartz. It listed “Operation Last Resort” – the campaign that cited the treatment of Swartz as well as the “erosion of due process, the dilution of constitutional rights [and] the usurpation of the rightful authority of courts by the ‘discretion’ of prosecutors” – as the catalyst for the attack.
Internet activist and Anonymous member Jeremy Hammond, who pleaded guilty to hacking servers of the private intelligence company Statfor and leaking its information to anti-secrecy site WikiLeaks, was sentenced to 10 years in jail on Friday.
As a worldwide movement, Anonymous has in the past rallied in support WikiLeaks and Army soldier-turned-whistleblower Chelsea Manning. The collective supported Arab Spring anti-dictatorship protesters in the Middle East and the Occupy Wall Street movement, which started in New York City over two years ago but has since spread across the world as a means of addressing the overt, allegedly corrupt ties between corporations and authorities.
Sources: RT.com ,TheHackerNews.com