LulzSec dumps more than half a million user credentials in final act

Share this article:

LulzSec committed its final act as a group over the weekend by dumping the details of 500,000 accounts, with some emails and passwords displayed in clear text.

Calling it the ‘final release', it said that the accounts were obtained from random sources including hackforums.net, nato-bookshop.org and several gaming forums.

According to LulzSec, most accounts had a username and password combination from Battlefield Heroes Beta, a game published by EA, yet it said that it had masked all passwords to protect the users from further attacks.

There have also been rumours that the final document contained a Trojan. Staff at file-sharing site The Pirate Bay said that the final release contained infections, with anti-virus vendors detecting it as a Trojan.

Anonymous group, who has adopted the AntiSec movement from LulzSec, said that the Trojan ‘in the 50 days torrent' caused the data to be removed from The Pirate Bay, but said it was ‘not from LulzSec, material uploaded as received'.

James Lyne, senior technologist at Sophos, said: “There are lots of reports of a Trojan being part of the download on The Pirate Bay that has been seen previously. What we are trying to understand is whether this was added to the torrent as a last ‘lulz' or whether the torrent had been scraped and Trojan-ised.”

Share this article: