About | ACP | Buy | Forum | Industry Watch | Learning Curve | Search | Twitter | Xnews
Home » Industry Watch » The Technological

@AnonymousIRC

One more reason Daddy should password-protect the family computer.


Buy It

Try It

NOWHERE (Rixstep) — It could be a fifth column op but it's more likely a few script kiddies trying on shoes that are way too big for them.

The Twitter account @AnonymousIRC went haywire the other night, revealing an astounding lack of tact and an astonishing lack of fundamental IT skills.

You're in serious trouble when tweens equipped with LOIC don't know how to read HTML or adjust browser settings.

WikiLeaks Donation Campaign

WikiLeaks have a donation campaign going. The campaign's had a popup appearing on a number of sections of the site but it also has its own dedicated URL.

http://wikileaks.org/donate2012

The old donation page remains as well.

http://shop.wikileaks.org/donate

WikiLeaks have been enduring a debilitating banking blockade since December 2010. Only recently were they able to break through the blockade. But the organisation is bleeding, as evidenced from the financial statement they've put online.

http://wauland.de/files/2011_Transparenzbericht-Projekt04_en.pdf

WikiLeaks bled over two thirds of a million USD ($673,000) last year year. Time and money are both running out.

The Source Code

The source code to the popup reveals all.

<!DOCTYPE html>
<html>
    <head>
        <link rel="stylesheet" href="/static/css/2012.css" type="text/css" />
        <link rel="stylesheet" href="/static/vjs/video-js.css" type="text/css" />
        <script type="text/javascript" src="/static/vjs/jquery.js"></script>
        <script type="text/javascript" src="/static/vjs/cookie.js"></script>
        <script type="text/javascript" src="/static/vjs/video.js"></script>
        <script type="text/javascript">

            var popup = function( url, name, width, height ) {
                    var left = ( $( window ).width( ) - width ) / 2;
                    var top = ( $( window ).height( ) - height ) / 2;
                    var opts = 'status=0,width=' + width + ',height=' + height + ',top=' + top + ',left=' + left;
                    window.open( url, name, opts );
            }

            var popup_close = function( timeout ) {
                var ts = Math.round( ( new Date( ) ).getTime( ) / 1000 );
                $.cookie( 'vp1_valid', ts + timeout, { expires: 1, path: '/' } );
            }

            $(document).ready( function( ) {
                _V_.options.flash.swf = "/static/vjs/video-js.swf";

                $("#submit").click( function( ) {
                    popup_close( 300 );
                    $("#othersum").val( ( parseInt( $("#othersum_f").val( ) ) / 1.29 ).toFixed( 2 ) );
                } );

                $("#othersum_f").click( function( ) {
                    $("#sum1").attr( 'checked', true );
                    $("#othersum_f").focus( );
                } );

                $("#b_share").click( function( ) {
                    popup_close( 600 );
                    popup( "http://www.facebook.com/sharer.php?u=http://bit.ly/donate2012FBSPL&t=Cast the only vote that counts - vote for WikiLeaks this election!", "facebook", 626, 436 );
                } );

                $("#b_donate").click( function( ) {
                    popup_close( 300 );
                } );

                $("#b_tweet").click( function( ) {
                    popup_close( 600 );
                    popup( "https://twitter.com/intent/tweet?url=http://bit.ly/donate2012TWSPL&text=Cast the only vote that counts - vote for WikiLeaks this election! %23voteWL", "twitter", 550, 450 );
                } );
            } );

        </script>
    </head>
    <body>
        <div id="splash">
            <div class="grid gtop">
                &nbsp;
            </div>

            <div class="grid gleft">
                &nbsp;
            </div>

            <div class="grid gcenter">
                <iframe width="640" height="360" src="https://www.youtube-nocookie.com/embed/fH5hPlMfksQ" frameborder="0" allowfullscreen></iframe>
            </div>

            <div class="grid gright">
                &nbsp;
            </div>

            <div class="grid gdonate">
                <form method="post" action="https://shop.wikileaks.org/donate/3" target="_blank">
                    <div class="grid form details">
                            <input type="hidden" name="othersum" id="othersum" value="" />

                            <input type="radio" name="sum" value="11.6" id="sum15" /><label for="sum15">$15</label>

                            <input type="radio" name="sum" value="19.37" id="sum25" /><label for="sum25">$25</label>

                            <input type="radio" name="sum" value="38.75" id="sum50" checked="checked" /><label for="sum50">$50</label>

                            <input type="radio" name="sum" value="77.51" id="sum100" class="predef" /><label for="sum100">$100</label>

                            <input type="radio" name="sum" value="-1" id="sum1" />$<input type="text" name="othersum_f" id="othersum_f" class="other" placeholder="Other" /><label for="sum1" style="display: inline-block"></label>
                            <br />
                            <input type="text" name="email" value="" class="email" placeholder="For a receipt please enter your email address" />
                            <br /><span class="via">(via FDNN/CreditMutuel.fr)</span>
                    </div>
                    <div class="grid form">
                        <input type="submit" class="button" value="" id="submit" />
                    </div>
                </form>
            </div>

            <div class="grid gbottom">
                <a href="#" id="b_share"><img src="/static/gfx/d-share.png" /></a>
                <a href="http://shop.wikileaks.org/donate" target="_blank" id="b_donate"><img src="/static/gfx/d-donate.png" /></a>
                <a href="#" id="b_tweet"><img src="/static/gfx/d-tweet.png" /></a>
            </div>
        </div>
    </body>
</html>

The JavaScript is fairly straightforward. Or should be for almost anyone, even Andy Greenburg of Forbes (or a colleague if he really gets stuck) and especially for a fearsome hacker claiming to be a member of Anonymous.

There are timers that are set. Look for 'popup_close' in the source above. The arguments are of course in seconds. So two user actions close the popup in ten minutes, the other in five. Cookies are set most likely so the popup never returns.

And as it's JavaScript, even your grandma can turn it off.

Script Kiddies Gone Wild!

Now look what a mess @AnonymousIRC made. Parents? Password-protect your computers! Now!

They later tried in a 'formal statement' to claim they themselves weren't fooled, they were only looking out for ordinary clueless users, but you be the judge. Those are their tweets right above. And as they claim they never remove their tweets, you should be able to see if they're good for their word.

It's either a well staged fifth column attack or parents have to password-protect their XP boxen better. The same @AnonymousIRC were trying not long ago to dictate policy at The Pirate Bay.

Someone's trying to walk around in big shoes. Someone with very small feet.

About | ACP | Buy | Forum | Industry Watch | Learning Curve | Search | Twitter | Xnews
Copyright © Rixstep. All rights reserved.
s