Hacker Group Targets Porn Site Users' Names, Passwords

CYBERSPACE—There’s a new hacker group in town, LulzSec, aka Lulz Boat, which uses the provocative tagline, “Laughing at your security since 2011!” Since early May, they’ve been blatantly hacking into mainstream databases and publicly releasing whatever information they’ve found there, and late last week they shifted their focus onto porn sites and the user names and passwords belonging to their visitors.

It gets better. LulzSec also has been encouraging its Twitter followers to try to log into the Facebook accounts of the porn site visitors it found and out them to friends and family as porn fiends. That the porn site hacks is happening does not explain why, since previous hacks by the group were solely targeted at mainstream companies and organizations, but seemed less politically inspired than, say, Anonymous, whose creed of an open internet seems to drive much of its nefarious activity. LulzSec, on the other hand, seems more intent on having fun.

According to the group’s site, since May 7, 2011, to one degree or another they have hacked databases belonging to, among others, the X Factor, Fox.com, PBS.org, SonyPictures, Nintendo and an IT company allegedly affiliated with the Federal Bureau of Investigation. Quite an eclectic list of targets, to be sure, and in each case whatever has been culled from the hacks has been released publicly. In the case of the FBI-affiliated site, emails; with PBS, user names and passwords of staffers, authors and users; and for Nintendo.com, the site’s web server configuration.

New to the hacking publicity game, however, LulzSec comes off a little confused as to the rationale for its attacks. Regarding its hack of the porn site, pron.com, the company posted to its site Friday, “Hi! We like porn (sometimes), so these are email/password combinations from pron.com which we plundered for the lulz. Check out these government and military email addresses that signed up to the porn site...”

In addition to the .gov and .army originating emails, the list also contains about 26,000 other user names and passwords for pron.com, which LulzSec encourages its followers to then use on Facebook:

“These guys probably sign into Facebook with the same email/pass combo, so we suggest the following:

1) sign into their Facebook accounts

2) find their family members

3) tell them all about how the victim (you!) signed up to porn sites

4) watch the hilarity

5) tell us about it on twitter!

6) ???????

7) PROFIT”

LulzSec is no doubt basking in the media attention it is currently getting while trying to figure who will be its next target for… fun.