Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
The hackers who raided the servers belonging to global intelligence firm Stratfor are using some of their plunder to send fictitious emails to subscribers.
The "lulzy" emails claim to come from George Friedman, the CEO of Stratfor.
They claim the firm "would like to hear form our loyal client base as to our handling of the recent intrusion by those deranged, sexually deviant criminal hacker terrorist masterminds", according to a email posted online by Matthijis Koot, a network researcher at the University of Amsterdam.
But it appears the emails were actually sent by the hackers involved in the heist, who are part of the AntiSec movement, a joint venture between Anonymous and LulzSec hackers.
The email he got also contained three links, one of which leads to a lengthy, disjointed document that includes stolen data and apparent email exchanges among Stratfor system administrators and programmers after they detected unusual activity on the network.
The goal of the emails also appears to be to have some fun at the expense of the recipients, as a second link promises a video announcement but leads to a clip of 80s pop star Rick Astley singing "Never Gonna Give You Up," a common internet meme known as rickrolling.
A third link asks users to rate Stratfor's incident response, but is actually an image of a joke report form.
None of the links lead to websites that allow recipients to enter in any information, nor does there appear to be any malicious code associated with the messages.
In an apparent legitimate, follow-up message sent Friday to Stratfor readers, Friedman told recipients that Stratfor would never send an email like that.
"This email, and all similar ones, are false and attempt to prey on the privacy concerns of customers and friends," he wrote.
Interested parties are asked to follow Stratfor's Facebook and Twitter accounts for official announcements.
The company's website remains offline, except for a home page that offers some information about the breach.
Nearly a week after the attack, which was publicised Christmas Eve Day, the hackers dumped 75,000 names, addresses and passwords of every customer that has ever paid Stratfor for services.
Additionally, the group posted the personal information on 860,000 people who registered with the company.
The intruders also claim to have gotten their hands on 90,000 credit card numbers, which were purportedly used to make about a million dollars in donations to charities.
Some security experts, however, expressed doubt that the recipients would be able to keep the money because of the fraud involved.
This article originally appeared at scmagazineus.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.