AntiSec hacks security site to protest LulzSec arrests

Antivirus company Panda Security is apparently targeted after a researcher celebrates reports that LulzSec's former leader had become an informant.

Steven Musil Night Editor / News
Steven Musil is the night news editor at CNET News. He's been hooked on tech since learning BASIC in the late '70s. When not cleaning up after his daughter and son, Steven can be found pedaling around the San Francisco Bay Area. Before joining CNET in 2000, Steven spent 10 years at various Bay Area newspapers.
Expertise I have more than 30 years' experience in journalism in the heart of the Silicon Valley.
Steven Musil
2 min read
Screen shot by Steven Musil/CNET

An online hacker group associated with Anonymous responded to the arrest of six suspected hackers by hacking and defacing a security firm's Web site.

Members of AntiSec hacked the Web site of antivirus company Panda Security after it was revealed today that five men in the U.K., Ireland, New York, and Chicago had been charged with hacking-related offenses, as well as news that LulzSec leader Hector Xavier Monsegur, known as Sabu, had assisted federal officials in their probe of the group.

"Yeah yeah, we know, Sabu snitched on us. As usually happens FBI menaced him to take his sons away. We understand, but we were your family too. (Remember what you liked to say?)," reads a note posted to the site. "It's sad and we can't imagine how it feels having to look at the mirror each morning and see there the guy who shopped their friends to police."

Monsegur, an unemployed father of two, is accused of running LulzSec, an online group accused of computer attacks against Fox Broadcasting, PBS, and global intelligence firm Stratfor. The group is accused of stealing confidential information--including passwords--and releasing it publicly, hijacking e-mail accounts and even secretly listening in on a conference call in which the FBI and Scotland Yard talked about trying to catch them.

After the 28-year-old entered a guilty plea on August 15 to 12 counts of computer hacking conspiracies and other crimes, he reportedly became an informant, participating in the group's activities while federal law enforcement officials worked to infiltrate the group. Officials have declined to comment on that allegation.

The group apparently targeted the company for comments made earlier in the day by Panda Security researcher Luis Corrons, who had celebrated the arrests and predicted that Anonymous would be incapable of perpetrating the kind of data breaches and defacements for which LuLzSec was responsible.

The note also accused Panda Security of assisting in a recent sweeps in Europe and South America that resulted in the arrest of 25 suspected members of Anonymous.

"Pandasecurity.com, better known for its shitty ANTIVIRUS WE HAVE BACKDOORED, has earning money working with Law Enforcement to lurk and snitch on anonymous activists. they helped to jail 25 anonymous in different countries...yep we know about you. How does it feel to be the spied one?"

Update March 7 at 8:00 a.m. PT: Panda Security has issued a statement saying that the breached server was outside Panda's internal network and was used primarily for marketing campaigns and blog hosting. "The attack did not breach Panda Security's internal network and neither source code, update servers nor customer data was accessed. The only information accessed was related to marketing campaigns such as landing pages and some obsolete credentials, including supposed credentials for employees that have not been working at Panda for over five years."