The news of the latest attacks comes on the second day of the DefCon hacker conference here, where attendees have been playing a digital hacker version of "Where's Waldo" to try to spot one of the more notorious hackers associated with the group, who goes by the handle "Sabu." Using the Twitter profile @AnonymouSabu, the hacker has been taunting others who are trying to unmask him and teasing about showing up at the conference.
The data dump, dubbed "Shooting Sheriffs Saturday Release," was done to "embarrass, discredit and incriminate police officers across the U.S.," the group said in a statement on Pastebin that estimated that there was more than 10GB of data. A sampling of the domains listed as defaced or otherwise attacked were inaccessible this morning.
A Twitter profile belonging to the hackers also said that the Web site of Italy's largest police association had been attacked. The hackers said the U.S. attack was done in response to the arrest 10 days ago of one of their associates, whose hacker handle is "Topiary."
"We are doing this in solidarity with Topiary and the Anonymous PayPal LOIC defendants as well as all other political prisoners who are facing the gun of the crooked court system...," the hackers said in the statement. "You may bust a few of us, but we greatly outnumber you, and you can never stop us from continuing to destroy your systems and leak your data."
Government and law enforcement agencies have been prime targets for the hackers. "We hope that not only will dropping this info demonstrate the inherently corrupt nature of law enforcement using their own words, as well as result in possibly humiliation, firings, and possible charges against several officers, but that it will also disrupt and sabotage their ability to communicate and terrorize communities," the statement said.
"We have no sympathy for any of the officers or informants who may be endangered by the release of their personal information," the hackers said. "For too long they have been using and abusing our personal information, spying on us, arresting us, beating us, and thinking that they can get away with oppressing us in secrecy."
The initial compromise was done about two weeks ago on Mountain Home, Arkansas-based Brooks-Jeffrey Marketing, which hosts sheriff association sites. Someone who answered the phone for Brooks-Jeffrey this morning said he would ask a representative for comment.
The hackers say they were easily able to get back into the compromised servers after they were taken offline and then put back online by the law enforcement agencies.
"It took less than 24 hours to root BJM's server and copy all their data to our private servers. Soon after, their servers were taken down and a news article came out suggesting they received advance FBI 'credible threat' notice of a 'hacking plot,'" the statement says.
"We were surprised and delighted to see that not only did they relaunch a few sites less than a week later, but that their 'bigger, faster server that offers more security' carried over our backdoors from their original box. This time we were not going to hesitate to pull the trigger: in less than an hour we rooted their new server and defaced all 70+ domains while their root user was still logged in and active."
The hackers used the stolen credit card details to make donations to the ACLU, the Electronic Frontier Foundation, and the Bradley Manning Support Network, according to the statement. The hackers are strong supporters of whistle-blower site WikiLeaks and Manning, the Army soldier arrested last year for leaking classified data to the site.
Some of the data stolen during the attack, involving Missouri sheriffs, was released a few days ago.
The hackers have been on a rampage for months (see list of recent attacks), and arrests of suspected members of their operations haven't stopped their activities. Ten days ago Scotland Yard arrested a 19-year-old who it identified as Topiary, a key member of the LulzSec hacking group. That arrest came on the heels of arrests of 16 people in the U.S., four in the Netherlands, and a 16-year-old in London as part of a global investigation into denial-of-service attacks on PayPal late last year in support of WikiLeaks, and other attacks.