美国黑客“劫富济贫”窃百万美金捐赠

The loose-knit hacking movement 'Anonymous' claimed Sunday to have stolen thousands of credit card numbers and other personal information belonging to clients of US-based security think tank Stratfor.

One hacker said the goal was to pilfer funds from individuals' accounts to give away as Christmas donations, and some victims confirmed unauthorized transactions linked to their credit cards.

Anonymous boasted of stealing Stratfor's confidential client list, which includes entities ranging from Apple Inc. to the US Air Force to the Miami Police Department, and mining it for more than 4,000 credit card numbers, passwords and home addresses.

Austin, Texas-based Stratfor provides political, economic and military analysis to help clients reduce risk, according to a description on its YouTube page.

It charges subscribers for its reports and analysis, delivered through the web, emails and videos.

The company's main website was down, with a banner saying the 'site is currently undergoing maintenance.'

Proprietary information about the companies and government agencies that subscribe to Stratfor's newsletters did not apear to be at any significant risk, however, with the main threat posed to individual employees who had subscribed.

'Not so private and secret anymore?' Anonymous taunted in a message on Twitter, promising that the attack on Stratfor was just the beginning of a Christmas-inspired assault on a long list of targets.

Anonymous said the client list it had already posted was a small slice of the 200 gigabytes worth of plunder it stole from Stratfor and promised more leaks.

It said it was able to get the credit card details in part because Stratfor didn't bother encrypting them — an easy-to-avoid blunder which, if true, would be a major embarrassment for any security-related company.

Fred Burton, Stratfor's vice president of intelligence, said the company had reported the intrusion to law enforcement and was working with them on the investigation.

Stratfor has protections in place meant to prevent such attacks, he said.

'But I think the hackers live in this kind of world where once they fixate on you or try to attack you it's extraordinarily difficult to defend against,' Burton said.

组织松散的黑客团体“匿名者”上周日宣称成功侵入美国安全智库战略预测公司数据库，窃取数千份信用卡号码及其他个人信息。

一名黑客说，此举是为了偷窃客户账户中的资金，用作圣诞节捐赠。一些受害人证实信用卡账户出现不明转账。

“匿名者”宣称获取了战略预测公司的保密客户清单，所列客户包括苹果公司、美国空军、迈阿密警察局，失窃资料包括信用卡账号、密码和住址，总共超过四千份。

根据其在YouTube视频网站主页上的描述，战略预测公司总部位于得克萨斯州奥斯汀，提供政治、经济和军事分析，帮助客户减小风险。

该公司经互联网、电子邮件和视频向客户传递报告和分析，收取费用。

这家机构的网站瘫痪，首页横幅解释是“网站正在维护”。

但订阅该公司邮件的公司和政府机构的专有信息似乎没有受到严重威胁，主要风险集中在订阅了邮件的个人员工客户。

“匿名者”在一条推文中嘲讽地说道：“再也没那么私人和秘密了吧？”“匿名者”宣称针对“战略预测”公司的这次以圣诞节为灵感的袭击只是开始，公布的也只是部分客户名单。

“匿名者”表示，已经公布的客户名单只是该团体从战略预测公司窃取的2000亿字节数据资料的冰山一角，这些资料非常值得偷窃，而且还宣称会继续泄漏资料。

“匿名者”称，他们能获取客户信用卡信息部分是因为战略预测公司没有对信息加密。如果这一说法属实，对任何一家与安全相关的公司而言，这都会非常尴尬，因为这是最容易避免的疏漏。

战略预测公司副总裁弗雷德•伯顿说，公司已经报告了这起违法案件，将与执法部门联手开展调查。

他表示，战略预测公司有旨在预防类似攻击的适当的保护措施。

伯顿说：“但我认为，在当今世界，只要被黑客盯上，或者只要他们想要攻击你，防护就异常艰难。”