UPDATED: LIGATT's LulzSec Investigation PR Was Fake

Tuesday, June 07, 2011

Headlines

69dafe8b58066478aea48f3d0f384820

UPDATE: LIGATT Security's Gregory Evans returned Infosec Island's phone call regarding an article we ran based on a press release issued at Free-Press-Release.com (see a screenshot of the press release and original article below).

The press release indicated that LIGATT Security had undertaken an investigation into the hacker collective LulzSec in an effort to reveal members' names and locations.

Evans confirmed that the press release was fake, and was not drafted or submitted my LIGATT security staff as indicated.

"It was completely made up, just like the LIGATTLeaks incident, and it's all over the web," Evans said. "That's what makes your site different, you actually took the time to call us about it."

"They took elements of our real press releases and used them. they even added the Safe Harbor Act," Evans explained. "And we only use PR NewsWire, we never use Free Press Release."

 

LIGATT-LuzSec

We asked Evans about the cause of the downtime for the www.LIGATTSecurity.com website and whether it could be attributed to Lulzsec, and Evans could provide few details.

"We are in the middle of switching servers, so I am not sure why the site is down. We have eight servers, and we need to see which one is down and why. I can't deny that it's possible it's because of an attack, but right now I can't tell you," Evans said.

LulzSec had tweeted "@GregoryDEvans 0/10 your head is a bowling ball and your pins just went bye-bye," and many were speculating the downtime was due to a DDoS attack by the hacker collective.

"They've been good for business... I did twenty interviews in the last week... Hackers are job security," Evans said.

Editors note: A special thanks to Eric Irvin (@SecRunner) for his help on this.

*   *   *

Sometimes there is a strange convergence of elements in the daily news cycle that defies reason and challenges the depth of one's own imagination - this is one of them.

Gregory Evans, infamously known as the self-proclaimed "Worlds #1 Hacker" and CEO of the much-maligned LIGATT Security, claims to have successfully doxed the hacker collective known as LulzSec, and promises to publish the information sometime soon.

LulzSec recently claimed responsibility for attacks against Sony and PBS, as well as for the hacking of networks belonging to the Atlanta chapter of FBI affiliate InfraGard. The group defaced the organization's website and exposed InfraGard's email database.

“I have gone into their IRC servers and I have located names and addresses of users. Since the attack on Infragard I have felt that these guys need to be stopped," LIGATT Security's Gregory Evans stated in a press release.

LulzSec's defacement of the InfraGard site gave indications that the attack was in retaliation for the Obama administration's recent assertion that cyber-based attacks can be construed as an act of war in certain circumstances.

LulzSec claims to have also hacked Sony Pictures, Sony Entertainment, and Sony BMG last week, compromising the data for over one million customers as well as gaining access to admin passwords, music "codes" and "coupons".

LulzSec also recently gained unauthorized access to the online networks belonging to Public Broadcasting System in protest of a Frontline documentary examining the whistleblower organization WikiLeaks and accused federal document leaker Bradley Manning.

“I and my Board of Directors, who are former FBI agents, have undertaken this investigation after the Atlanta Infragard site was compromised. We are going to post our findings on our LIGATT Security International site as well as forward the information to the FBI once we are ready," Evans said.

The big question is why would Evans and LIGATT Security advertise the fact that they intend to produce documentation on LulzSec members prior to actually doing so, other than being motivated by the need for some good publicity?

Many will recall earlier this year that HBGary Federal CEO Aaron Barr was forced to resign in the wake of an devastating network breach at the hands of hackers associated with the Anonymous movement.

The attack was precipitated by statements from HBGary Federal's Aaron Barr, who claimed to have infiltrated the Anonymous network in an effort to uncover the identities of those in leadership rolls.

LIGATT and Evans already have enough problems of their own making, and it seems counter-intuitive for the company to so aggressively invite more.

LIGATT Security had suffered an embarrassing hack back in January that resulted in the public release of as many as 80,000 company emails and internal communications.

Security industry pundits have for some time been highly critical of LIGATT's business practices, and Evans has been the subject of well documented allegations of plagiarism.

A Superior Court judge in Georgia recently sanctioned LIGATT Security and its majority owner Gregory Evans for what amounted to frivolous subpoenas and other illegitimate legal actions, and the company has been on the losing end of several other lawsuits in recent years.

LIGATT and Evans apparently have no fear of reprisal from a hacker group that has already demonstrated they can swiftly and successfully penetrate multiple networks around the world.

Is it because:

  • They are baiting LulzSec in an effort to ensnare the members by eliciting an attack, or
  • Publicity is publicity, and an attack on LIGATT would certainly produce some, or
  • Evans has said it so many time that he really does believe he is the "World's Greatest Hacker"
Perhaps it is a combination of factors. Either way, at the rate LulzSec is currently going my assumption is that we will have the answer to this little mystery in short order.
Possibly Related Articles:
21499
Network->General
FBI Headlines Anonymous Hacktivist hackers HBGary Federal Ligatt Gregory Evans Lulzsec InfraGard Doxing
Post Rating I Like this!
Default-avatar
Robert MacEwan Guess LIGATT Security will file suit against me if I comment but since this isn't Yahoo! message boards let's roll. I call bullfrak on LIGATT Security's part.
1307477692
Default-avatar
LIgatt security You are soooo full of it. LIGATT did not release this press release. We just got of the phone with the Free Press and their attorney will contact our Attorney in the morning to give us your contact info on including phone number and IP who posted it. If you want to try to hack do call for back up.
1307479652
Default-avatar
Robert MacEwan why so serious
1307479964
Af2769c2480db78c589b811b428782b0
Lee Mangold Whoa! Infosec Island is now on the map! A comment from Ligatt!
1307493197
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.