THE dust has barely settled on the recent revelation that the FBI had infiltrated deep into hacktivist collective Anonymous and turned Sabu, one of its most notorious figures, into an informer. Now the group is reorganising and has come out fighting with a different look and a more ethical attitude. Already, a new sub-sect has emerged called Malicious Security, and this time, MalSec says, it is going «for the win» without causing collateral damage.
Anonymous has always described itself as a «leaderless, decentralised organisation», but it appeared to be precisely the opposite in 2011 when a few outspoken and highly skilled hackers with a flair for the dramatic captured the public’s attention. They became de facto mouthpieces for the group, creating and collapsing hacking operations with a single tweet. Since those hackers have been arrested, Anonymous has undergone a total makeover. Now it’s going back to its roots.
«I don’t think Anonymous will go down that cult of personality route again,» says one veteran Anon. The collective is returning to its original concept of loosely associated individuals that temporarily unite for a common cause and disband the moment the mission is complete, making them difficult to pin down and even tougher to identify. «We’ve learned an important lesson,» he says.
Not everyone takes so optimistic a view of the aftermath. Disorganisation, mistrust, infighting and the belief that the original chat network is infested with police has caused some predictable tensions within the ranks. At least one spin-off group has created an independent chat network as an alternative platform for members.
Within this network are the members of MalSec, who are committed to fighting internet censorship without catching innocent people in the crossfire, or interrupting free speech with their own message. «The previous hacker groups were very hypocritical, censoring people in an effort to stop censorship,» says Discordian, who is a member of MalSec. «We fight for the people, not against them.»
This altruistic philosophy is a major departure from the motives of LulzSec, Antisec, and other aggressive hacker cells. In fact, there is evidence that some MalSec members may have arrived at this ethical stance by learning the hard way as former LulzSec operatives themselves.
MalSec has already begun to make its mark. Although their introductory video manifesto «Don’t worry, we’re from the internet» was only released on 11 April, members say the group has been hacking a number of sites since mid-February. They have leaked extracted information from a wide variety of places, including two banks, a New Jersey police department, the European Commission’s Eurofound body and certain Chinese government sites. When MalSec defaced the website of a Cayman Islands security company, they left behind suggestions on how to fix the vulnerabilities. «You can thank us later:),» they wrote.
MalSec is now expanding its ranks to include Chinese, Romanian, Canadian and Swedish branches, and promises more leaks from these locations in the near future.
Whether MalSec sticks to its model of ethical hacktivism remains to be seen: this used to be all about the «lulz», after all.