Anonymous goes after Sony, makes it personal... very personal

The hacker collective Anonymous has attacked Sony websites all week, taking them down intermittently in retaliation for Sony's federal lawsuit against PlayStation 3 hacker George Hotz ("GeoHot"). But in recent days, "Operation Sony" morphed from a standard website attack into something a bit more personal, as some Anons formed a separate "Sony Recon" mission and began tracking down corporate executives, their wives, the schools their children attend, and the shops at which they buy their flowers. And the way they obtain that information can be ingenious—and disquieting.

Gathering this sort of information is referred to as "doxing" or collecting "dox" on targets, and such data is usually collected and distributed so that others can use it "for the lulz"—amusement, legitimate protest, or harassment.

Public information sources, if properly collated, can supply a wealth of detail. For instance, when a Sony exec's address was located, it was the work of a few moments on local government websites to find out what he pays in taxes, how large the house is, and who lives next door.

When public information just won't do, a bit of social engineering can sometimes supply an answer. It was social engineering that played a role in the Anonymous attacks on HBGary, and some Anonymous operatives are quite skilled at exploiting others.


Jack Tretton


For instance, one of Sony Recon's key players decided to find the home address and phone number of Sony Computer Entertainment America head Jack Tretton, and he claims to have succeeded using a clever social hack. Here's how it allegedly happened, over four hours:

sonyrecon335: Indeed Stalin, I can't hack--But I know how to manipulate people
Stalin-chan: hey
Stalin-chan: thats better than hacking
D1sc0n3kt: lol sure it is!
…
sonyrecon335: I'm going to speak to several companies in the Area,
see if he has ever ordered flowers for his wife etc -
that could lead to a home address.
sonyrecon335: [Business name redacted] - Foster City, CA, 94404 -
These people have a record of an order placed on February 11th
by a J. Tretton. That's all I could get.
sonyrecon335: I'll give it time, and i'll get a third party to phone
posing as Tretton.
…
sonyrecon335: Just confirmed the address I have for Tretton with
the previously mentioned Florists - and it matched. We have him
...
sonyrecon335: Just ordered a bunch of Pizza's to be delivered
to Tretton's house under the name Anon Mous
sonyrecon335: That's a little reward to myself for finding the address

With that information shared among channel participants, they could then turn to finding Tretton's home on Google Street View and talking about the car in Tretton's driveway. Within a half hour, sonyrecon335 decided to move beyond the pizza orders and to call the home himself.

sonyrecon335: About to phone Tretton :)
got2b: Haha you're going to actually do it?
irannaked: got his number?
got2b: Yeaa : )
sonyrecon335: for sure
irannaked: NICE!
irannaked: ask him why he wants to press charges against geohot
sonyrecon335: Right, let's see what he has to say.
…
sonyrecon335: ringing him now
...
sonyrecon335: Erm the bitch just hung up on me, I assume it was his wife
…
sonyrecon335: I asked if Jack was there, she asked who it was
        and I said Anonymous

Information collected went far beyond home addresses, though. Anons began collecting much more information on people like overall Sony boss Sir Howard Stringer and his family, with one complaining, "No one found ANY info on Stringers kids?" But they did eventually find information on Stringer, including his height, his addresses, his old fraternity, his corporate security officer, the dates he adopted his son and then his daughter, the schools he attended, his brother's name and year of birth, and the names of his parents.

One Anon even claimed that he had access to information obtained from the garbage outside Stringer's Manhattan apartment.

FresnoNews: might have some new info on their execs to add to the pp
FresnoNews: waiting a few mins
FresnoNews: couple ssn's
FresnoNews: should know in 3-5 mins
FresnoNews: someone garbagebinned stringer and is going through it
FresnoNews: got a few statements but no ssn yet
FresnoNews: lots of papers
FresnoNews: NONE shredded
…
FresnoNews: NYC residence
narc0synthesis: thats fucking pro

Did this really happen? It's almost impossible to know. I later asked sonyrecon335, one of the more active members of the op, if it was real. He told me that it wasn't real, just a bit of channel chatter; we can't be sure either way.

A bit of Sir Howard Stringer's collected "dox"


One eye on the feds

It's clear that the Anons participating in these operations are well aware that their open discussions are being monitored, and they have therefore taken pains to avoid admitting illegal activity in public fora. Despite the tough talk, jail is on people's minds, especially after the FBI executed 40 search warrants against the group early this year. A representative sample is this discussion of hammering Sony's New Jersey-based nameservers:

Takai: All of sony would be on its knees
ev0: that would fucking rape those n-----s hard
Takai: lol
Takai: Just about every sony site falls back to those name servers
Takai: You take those down, and EVERYTHING drops
Takai: and for the eff bee eye [FBI], we're talking hypothetically here =D


Participants warn newcomers, "obviously don't name names in channel." Even the jokes turn on getting arrested, or more commonly "v&" ("vanned") by the FBI.

Though it's clear that key players retreat to private chat rooms for much of the discussion and coordination, the public chat rooms remain full of suggestions that might generate interest from law enforcement—interest that goes beyond the constant discussions about taking down websites, that is.

"Call child services and make complaints about child abuse or is that too far lol?" asked someone after getting access to a Sony exec's data. Another posted the alleged address of the school Tretton's children attend, which led yet another chat room member to suggest: "Ring the kids' school and pull a prank like he's been rushed in hospital."

The sense of power from this information, and from the DDoS attacks on Sony's infrastructure, can be heady. One participant exclaimed, "This is like, a never ending party… theanonman: best thing in my life." Others talked about being up 36 hours straight working on the operation. "Sony will bow down to us," added another.



"Childish pranks"

But not everyone was pleased by the direction the operation has taken. Is sending condoms to a top Sony executive really going to strike a blow for freedom and for GeoHot? "Why don't you guys stop doing childish pranks and leave these people alone?" asked someone. Others were appalled by the collection of information about children.

coredump: i hope there arent plans to dox kids through opsony
coredump: I just read a post on in-game that is claiming the intent
              to dox sony exec kids...
coredump: if it is true it will be a damaging move to the Anonymous image
coredump: some folks to rein in the young guns if they are planning this.
             Anon has come very far since the boxxy days and should
             distance itself from targetting children

But when someone else asked "why are we collecting info about kids?", another Anon argued that it wasn't really about the kids—it was about using the kids to get to the execs. "When gathering dox, sometimes it is useful to not only search the target but everyone with in 1 degree of separation," said innocent_whistler. "Maybe the daughter of a person of interest left a phone number on her twitter or 'is going to {random place} with target.' People around the targets often have information by assisting with the target."

But if a few people were upset about these Anonymous tactics, the broad mass of gamers was probably more irritated by Sony's PlayStation Network going up and down this week. This might lead to a backlash from the very people Anonymous said it was working to help. Yesterday, an Anon issued a new "press release" (none of these are "official" or "canonical") making clear that Anonymous was going after Sony, not gamers.

"Anonymous is not attacking the PSN at this time," said the document. "Sony's official position is that the PSN is undergoing maintenance. We realize that targeting the PSN is not a good idea. We have therefore temporarily suspended our action, until a method is found that will not severely impact Sony customers. Anonymous is on your side, standing up for your rights. We are not aiming to attack customers of Sony. This attack is aimed solely at Sony, and we will try our best to not affect the gamers, as this would defeat the purpose of our actions. If we did inconvenience users, please know that this was not our goal."

This page has been a recurring sight this week

But with little real leadership, it's impossible to say who speaks for Anonymous. Even the press release admits this: "Anonymous Operations are generally independent efforts, and it would be a mistake to assume that the same individuals are responsible for every action taken. Anonymous is comprised of people with diverse points of view, of which not all coincide with one another."

Anonymous chat rooms are largely open, and they are filled with corporate security, law enforcement, and journalists. When someone says something outrageous, are they suggesting a serious course of action? Or are they just blowing off steam? Or are they "fake Anons" trying to make Anonymous look ridiculous and/or horrific? Hard to say. Consider this:

NightSkies: lets kill sonys families
whirrior: it would be more effective to go down to
          sony headquarters and start the building on fire
D1sc0n3kt: whirrior cut the dope
NightSkies: why dont we just head down o sony and say fuck u
NightSkies: and smash their faces in
whirrior: now that is a protest

Takai: Freedom of speech is a double edged sword
Takai: You are free to say and think what you like
Takai: I may not like it
Takai: but i'll fight to defend it