HideMyAss didn't HideHisAss!

[LazyLion]

http://nakedsecurity.sophos.com/2012/10/15/lulzsec-hacker-sony-pictures/

LulzSec hacker pleads guilty to Sony Pictures attack, faces prison sentence

Raynaldo Rivera, from Tempe, Arizona, has admitted hacking into computer systems belonging to Sony Pictures, and stealing the personal information and passwords of thousands of innocent internet users

The attack, which took place in May last year, was part of a concerted attack against Sony websites by LulzSec and Anonymous hackers during 2011.

Rivera, who was arrested by the FBI in August, admitted his guilt in the form of a plea agreement filed with Los Angeles Federal Court.

Rivera - who used online nicknames including "neuron", "royal", and "wildicv" - admitted launching an SQL injection attack against the Sony Pictures website, extracting confidential and personal user information - such as the names, birth dates, addresses, emails, phone numbers and passwords of people who had entered Sony contests.

The stolen information was subsequently published online by the LulzSec hacking gang, compounding the risk to innocent users.

The hack is said to have cost Sony more than $605,000 in losses.

HideMyAss logoIn an attempt to hide his true identity during the attack, Rivera used the HideMyAss anonymising proxy service to disguise his IP address as he probed the Sony Pictures' website for vulnerabilities.

However, Rivera had not been careful enough in disguising his tracks - and HideMyAss co-operated with the authorities when a court order was received by the anonymising proxy service.

Others considering committing crimes on the net might be wise to stop believing that using an anonymising proxy service will necessarily keep them out of the clutches of the law.

Under the plea agremement, Rivera will pay restitution to his victims. He also faces a maximum five year prison sentence, and a fine of at least $250,000.

So much for Anonymising Proxy Services!

 

[AstroTurf]

Pretty sure they help when you are not attacking giants (as opposed from just scurrying around the woodwork like a mouse).

 

[STS]

Somebody is always responsible or has their ass on the line

 

[gregmcc]

Don't you know nothing is really anonymous - there is always a trail.

 

[guest2013-1]

lol, idiot. Script kiddie figured out how to do SQL Injection attacks and used a paid-for "anonymous" proxy service for it?

You do realize they *KEEP LOGS* right? (Well, now he does)

He could have used TOR who never keeps logs, then use HMA! to help cover his tracks even further. Plus route through 3-4 TOR proxies world wide which would have taken authorities AGES to track down through court-orders just to be told there's no logs point to IP's that might be directly connected.

 

[ponder]

He could have used TOR who never keeps logs, then use HMA! to help cover his tracks even further. Plus route through 3-4 TOR proxies world wide which would have taken authorities AGES to track down through court-orders just to be told there's no logs point to IP's that might be directly connected.

Tor user here!

 

[ShaunSA]

Tor user here!

Waits for headline "Tor Didn't Hide Ponders Ass"

 

[Shake&Bake]

Paid proxy? Even a "Know-it-nothing" like me knows better than to think that'd be enough.
Douche SMH

 

[The_Assimilator]

He could have used TOR who never keeps logs

Wrong. Nothing's stopping law enforcement, or me for that matter, from setting up their own Tor relay that logs everything that passes through it. See http://www.theregister.co.uk/2007/11/23/tor_abuse/

 

[ponder]

Wrong. Nothing's stopping law enforcement, or me for that matter, from setting up their own Tor relay that logs everything that passes through it. See http://www.theregister.co.uk/2007/11/23/tor_abuse/

I doubt a tor relay will yield anything, I think you need to be a exit node for them to capture anything. One can also manually specify exit nodes.

They are welcome to my email details I use on tor as it does not point back to me and there's nothing illegal in it.

 

[Picard]

They are welcome to my email details I use on tor as it does not point back to me and there's nothing illegal in it.

Nothing illegal maybe ... except I don't think people will see your interest on the insemination procedures of sheep in the same light as you do.

 

[Grep]

So many other ways, oh dear, such a facepalm!

 

[Picard]

So many other ways, oh dear, such a facepalm!

Pray, do tell.

 

[ponder]

Nothing illegal maybe ... except I don't think people will see your interest on the insemination procedures of sheep in the same light as you do.

 

[Picard]

Don't give me that confused look. You know exactly what I'm talking about.

 

[ponder]

Don't give me that confused look. You know exactly what I'm talking about.

Oh yes now I remember, those pictures of your mom in a compromising position with some ozzie jackaroo

PS I never mentioned it to anybody before you brought it up.