In its highest-publicity move to date, the supposed reincarnation of hacker collective LulzSec has leaked 10,000 Twitter account names, passwords, and other details for users of third-party app TweetGif.
Dubbed LulzSec Reborn, the group gave no explanation as to why it targeted TweetGif in the attack, which also included the release of locations, real names, and biographies.
With about 75,000 visitors, TweetGif, a streamlined tool for tweeting out animated GIFs, is a relatively small fish in Twitter’s ocean of 500 million users. Like many third-party apps, users have to log-in to the service through Twitter.
After reforming in March, Lulzsec Reborn laid relatively low, boasting only two minor attacks—one against a military dating website and the other against San Jose IT company CSS Corp.
There’s no evidence LulzSec Reborn has any connection to its eponymous predecessor, however, and the group has made no announcements via LulzSec’s long-inactive Twitter account or website. LulzSec’s former leader, Hector Xavier Monsegur, AKA Sabu, secretly pleaded guilty to 12 counts related to his hacking activities in Aug. 2011. Shortly after his arrest, Monsegur turned informant, helping put five of his former colleagues behind bars.
TweetGif has yet to comment on the attack. The company’s Twitter account has been inactive since April 18.
Photo by goblinbox