Release Feedback: Bank of America
- Dell Cameron: Anonymous Hacked Bank of America (Vice, Feb 28, 2013)
- Dave Smith: Bank of America Hacked By Anonymous: Hackers Leak ‘Secrets’ About Executives, Salaries, And Spy Activities (International Business Times, Feb 28, 2013)
- Jeff Goldman: Anonymous Hackers Hit Bank of America (eSecurity Planet, Feb 28, 2013)
- MSN Now: Anonymous claims Bank of America spied on Dr. Seuss fans (MSN Now, Feb 28, 2013)
- Jeremy Kirk: Bank of America says data breach occured at third party (Computerworld, Feb 28, 2013)
- The Voice of Russia: Anonymous group claims Bank of America monitored activists (Voice of Russia, Feb 28, 2013)
- Zeljka Zorz: Bank of America says leaked data did not come from their systems (Help Net Security, Feb 28, 2013)
- Info security: Par:AnoIA leaks 14 GB of data from Bank of America (Info Security, Feb 28, 2013)
- Michael Kelley and Geoffrey Ingersoll: Leaked Info Allegedly Shows The Absurd Lengths BofA Goes To Spy On Hackers (Business Insider, Feb 27, 2013)
- Pete Swabey: Data leaked by Anonymous appears to reveal Bank of America's hacker profiling operation (Information Age, Feb 27, 2013)
- Michael Stone: Anonymous exposes Bank of America spy program, dumps data and code (Examiner, Feb 27, 2013)
- John Leyden: Anonymous leaks 'Bank of America secrets' in spy revenge hack (The Register, feb 27, 2013)
- Matthew L. Brown: Hacker group says emails show how BofA tracked Occupy Wall Street (Biz Journals, Feb 27, 2013)
- Natasha Lennard: Anonymous group claims to show BofA monitored hackers, activists (Salon.com, Feb 27, 2013)
Updated Feb 27, 2013
Press Release 02/27/2013 (PDF Version)
- It contains detailed data about hundred of thousands of executives and employees from various corporations around the world, including salary information.
- It shows that Bank of America and others are contracting other companies to spy and collect information on private citizens.
- The overall quality of the research is poor and potentially false.
- The collected data was stored insecurely and could have been retrieved by anyone.
- Main release site: http://par-anoia.net/releases2013.html#bofa
- Main file directory: http://par-anoia.net/assessment/us/bofa/
- OneCalais software: http://par-anoia.net/assessment/us/bofa/OneCalais
- Bank of America source code: http://par-anoia.net/assessment/us/bofa/lior/
- Executive/Employee data: http://par-anoia.net/assessment/us/bofa/officers.zip
Par:AnoIA has released a total of 14 Gigabyte data, code and software that is related to Bank of America, Bloomberg, Thomson Reuters, TEKSystems and ClearForest. You can find all details about the release and the data at the following address: http://par-anoia.net/releases2013.html#bofa.
We consider this release noteworthy for several reasons:
Especially the last point is critical. The source of this release has confirmed that the data was not acquired by a hack but because it was stored on a misconfigured server and basically open for grabs. Even more alarming, the data was retrieved from an Israeli server in Tel Aviv – neither the source nor we have any idea what the data was doing there in the first place.
Looking at the data it becomes clear that Bank of America, TEKSystems and others (see origins of reports) gathered information on Anonymous and other activists' movement on various social media platforms and public Internet Relay Chat (IRC) channels.
The data clearly shows that the research was sloppy, random and valueless. Apparently a keyword list1 was used to match for items of interest on IRC, Twitter and other social media. While the list has over 10.000 entries only 1125 keywords seem to be genuine, the rest are simply Wikipedia references.
Along with this data we also received a full version of ClearForest's text analyzing software OneCalais – the software was stored on the same server and as openly accessible as the data. Additionally we found source code that seems to be a specific version or module of the software for Bank of America (going by the naming convention). The code has not been analyzed so far but is open to anyone interested for assessment and analysis.
As an unexpected bonus 4.8 Gigabyte of data containing detailed career and salary information of hundred of thousands of executives and employees from various corporations all around the world was found on the same server. The folder was named Bloomberg which could indicate that this data belongs to Bloomberg L.P. On the otherhand the entries are tagged with “reuterscompanycontent” which would point to Thomson Reuters. In any case: What it was doing on the Israeli server is up to anyone's guess.
This incident shows how irresponsible companies handle the data of more than dubious projects. Even more alarmingly, the findings indicate that corporations like Bank of America are funding these operations. We release the received files in full to raise awareness to this issue and to send a signal to corporations and Governments that this is unacceptable.URL Shortlist:
Updated Feb 27, 2013
Release Feedback: OSCE Vienna
- Lorraine Murphy: Anonymous attacks top European security organization—twice (Dailydot, Nov 13, 2012
- Jeffrey Carr: OSCE's Cyber Security Confidence Building Measures Revealed by Anonymous (Digital Dao, Nov 13, 2012)
- Steve Ragan: Anonymous Raids European Organization Over Ukrainian Elections (Securityweek, Nov 12, 2012)
- Jeffrey Carr: OSCE Breached; Internal Documents Posted by Anonymous (Digitial Dao, Nov 9, 2012)
Updated Nov 13, 2012
Release Feedback: Associated Whistle Press releases two analysis articles
The independent media organization Associated Whistle Press (whistle.is) have published two articles taking a closer look at two recent documents from Par:AnoIA releases:
- ITALY: Documents reveal Italian National Police plans for October 15th 2011 demonstration (whistle.is)
- SOUTH AFRICA: Leaked report proves negligence in South African mines (whistle.is)
Posted Nov 6, 2012
The Daily Dot chats with Par:AnoIA volunteers
Some time ago Lorraine Murphy from dailydot.com visited us for a chat about Par:AnoIA, its mission and goals. The article was published today. We have enjoyed reading it and encourage interested visitors to do so as well, as it might give some insights on how we "tick" and what we are trying to accomplish.
Posted Nov 5, 2012
A word about DMCA Removal Requests
So we keep on receiving DMCA Removal Requests from obscure companies for various material. On a general note, you don't need to bother sending us those as we certainly will not remove any content. There is a simple reason for this: We do not believe in DMCA.
On a more specific note, before considering sending a DMCA you should learn how the Internet works. We recently received this email:
*** Sent via Email - DMCA Notice of Copyright Infringement ***
I certify under penalty of perjury, that I am an agent authorized to act on behalf of the owner of the intellectual property rights and that the information contained in this notice is accurate.
I have a good faith belief that the page or material listed below is not authorized by law for use by the individual(s) associated with the identified page listed below or their agents and therefore infringes the copyright owner's rights.
I HEREBY DEMAND THAT YOU ACT EXPEDITIOUSLY TO REMOVE OR DISABLE ACCESS TO THE PAGE OR MATERIAL CLAIMED TO BE INFRINGING.
This notice is sent pursuant to the Digital Millennium Copyright Act (DMCA), the European Union's Directive on the Harmonisation of Certain Aspects of Copyright and Related Rights in the Information Society (2001/29/EC), and/or other laws and regulations relevant in European Union member states or other jurisdictions.
My contact information is as follows:
Organization name: Attributor Corporation as agent for Rights Holders listed below
Email: [email protected]
119 South B Street
San Mateo, CA 94401
My electronic signature follows:
*** INFRINGING PAGE OR MATERIAL ***
Infringing page/material that I demand be disabled or removed in consideration of the above:
Rights Holder: ABDR
Original Work: Cecil Medicina
Infringing URL: http://tpb.par-anoia.net/torrent/7438070/Livros_de_Medicina_
As explained above, we usually ignore such idiotic requests. But since we're reasonable guys we will add some information that you might find helpful as it seems you have no idea of how a proxy or even torrent works.
First of all, a torrent does not contain any copyrighted material. it is simply a file with directions on where to connect to receive files.
Secondly, tpb.par-anoia.net does not even host the torrent file. What we do is offering a proxy server that redirects to the original The Pirate Bay site (thepiratebay.se). So everything you see on tpb.par-anoia.net is actually on thepiratebay.se and never stored on our servers. So you may want to contact them, but be aware that they are usually far more direct than we are.
Tl;dr: Stop sending us DMCA Removal Requests as we do not care about them. And if you choose to do so anyway, don't be ridiculous as we will simply publish your nonsense.
Posted Oct 24, 2012
We have moved to a new design which fixes two problems: Copy and Paste should now be working everywhere without problems and Google will properly index all sites. If you have any suggestions about the website or want to help, please visit us in our Chat.
Posted Oct 21, 2012
Greetings, we are Par:AnoIA
Gentlemen, we art an association of the voluntary kind who hath the belief information is a free good. One should especially ponder if this shouldn't be the case for information of peasantish interests which thine government and thine industrial bosses shalt withhold gasted by the consequences for their positions.
We see thee this; we art not deceived: thine aristocrats shalt use every and all means to get information deemed important. To make thine matters worse they art not bound by laws or restrictions for they make thine laws and restrictions. Laws and restrictions which shan't think of thine privacy.
To an end this must come. We, the people, abhor these mad concepts and shan't stand silent anymore. Thine deception and lies of the worst kind are strengthening our ranks. Voices are joining in our choir. For thou might think the Web of many webs hath borders of thine countries but it hath not. Thou cannot claim ownership of thine web. Thine laws and restrictions shan't stop the gentlemen on the Web of many webs, even when thou prayeth it would.
Citizens, with every Sun that passes it is clear thine rulers hath abandoned thee. We daresay they consider thee their enemy. Denying that shall henceforth be a foolish deed and hear us; this shalt be the case for all landmasses between borders. Thine States of the United kind steals gold coins from thine business with no legal grounds whatsoever, even a business which hath more than a million gold pieces can be eradicated by it and the vast richdoms stored in the aristocrat's cargo hold. And thine Newly Zealand obliges without hesitating. Thine gentleman sir Assange hath been restricted in his movements without a charge of any kind while thine gentleman sir Manning hath been abuseth and tortureth for a sustained period. Peasants participating in peaceful protests get beaten and abuseth by the local militia of the police kind. In the landmass of Constantinople thine young ones who hath changed the face of thine website art terrorists, or so thine aristocrats claim. Though thou shall not fear when we sayeth this is only the start of a list of long proportions.
Thou hath interrupted our tea moment and hath made us stand up with our backs against thine wall. But hear us; we shall fight back for it is the only choice we hath left. With our whole hearts we shall support this cause. We shan't enjoy the fight but it is our only option to protect the ones that are not protected, the ones we love and for thine fairness. It is known to us thou doth not fear damage of the collateral kind and thou loveth to contain and restrict innocent peasants.
Though let us say thee this: we shan't break! The faster thou run, the quicker we shalt become. When thou increases thine violence we shalt increase our toughness. When thou hurt more of us we shalt become stronger. Not only shalt thou strengthen our angry emotions, nor shall only our numbers rise, we shalt be strengthened by every of thine actions. Evading thou is no secretive skill, it is a skill we shalt teach any who asks.
This association of gentlemen shalt educate and protect our fellow peasants against thine tyranny, for thou art a tyrant. Thou secrets shalt be revealed to every farmer thee knoweth. Every piece of parchment with thine filthy lies written on it shalt make us more angry and stronger. We shalt stand in the honour of our fallen sailors and this idea shan't be lost. Thou shan't stop us because thou cannot. Expect us.
Posted Jun 21, 2012