Porn Site Users Beware: LulzSec Posts Your E-mail Address

The mischievous computer hacking team known as LulzSec has turned its attention from consumer electronics maker Sony to the pornography industry -- at least for now.

LulzSec has hacked 55 pornographic websites and posted on its website 26,000 registered user e-mail addresses and passwords. The group focused most of its efforts on the pron.com site.

It's a new twist to the group's seemingly random hacking campaign.

The news follows LulzSec's other recent hacking escapades in which it targeted Sony's source code server, the FBI-affiliated Infraguard organization and the British state health service.

In the latest attack on porn sites and their users, LulzSec draws particular attention to a handful of military and governmental addresses that are part of the haul, identified by .mil and .gov addresses. If the individuals concerned use the same passwords with military or government sites, as often happens, this could represent a significant security breach.

Also included are administrator web addresses and passwords for several sites. These addresses all use the same form, which might indicate the sites are either owned by the same organization or use the same site software, which is perhaps how LulzSec was able to obtain the data -- the group exploited the same vulnerability each time.

"We like porn (sometimes), so these are email/password combinations from pron.com which we plundered for the lulz," a message on the group's site reads.

LulzSec encouraged visitors to its site to plug the e-mail addresses and passwords into Facebook to see if they could break into people's accounts. But Facebook appears to have been quick on the draw. LulzSec says Facebook locked the e-mail addresses on the hacker group's list.

For comprehensive coverage of the Android ecosystem, visit Greenbot.com.

Subscribe to the Security Watch Newsletter

Comments