美國黑客“劫富濟貧”竊百萬美金捐贈

The loose-knit hacking movement 'Anonymous' claimed Sunday to have stolen thousands of credit card numbers and other personal information belonging to clients of US-based security think tank Stratfor.

One hacker said the goal was to pilfer funds from individuals' accounts to give away as Christmas donations, and some victims confirmed unauthorized transactions linked to their credit cards.

Anonymous boasted of stealing Stratfor's confidential client list, which includes entities ranging from Apple Inc. to the US Air Force to the Miami Police Department, and mining it for more than 4,000 credit card numbers, passwords and home addresses.

Austin, Texas-based Stratfor provides political, economic and military analysis to help clients reduce risk, according to a description on its YouTube page.

It charges subscribers for its reports and analysis, delivered through the web, emails and videos.

The company's main website was down, with a banner saying the 'site is currently undergoing maintenance.'

Proprietary information about the companies and government agencies that subscribe to Stratfor's newsletters did not apear to be at any significant risk, however, with the main threat posed to individual employees who had subscribed.

'Not so private and secret anymore?' Anonymous taunted in a message on Twitter, promising that the attack on Stratfor was just the beginning of a Christmas-inspired assault on a long list of targets.

Anonymous said the client list it had already posted was a small slice of the 200 gigabytes worth of plunder it stole from Stratfor and promised more leaks.

It said it was able to get the credit card details in part because Stratfor didn't bother encrypting them — an easy-to-avoid blunder which, if true, would be a major embarrassment for any security-related company.

Fred Burton, Stratfor's vice president of intelligence, said the company had reported the intrusion to law enforcement and was working with them on the investigation.

Stratfor has protections in place meant to prevent such attacks, he said.

'But I think the hackers live in this kind of world where once they fixate on you or try to attack you it's extraordinarily difficult to defend against,' Burton said.組織鬆散的黑客團體“匿名者”上週日宣稱成功侵入美國安全智庫戰略預測公司數據庫，竊取數千份信用卡號碼及其他個人信息。

一名黑客説，此舉是為了偷竊客户賬户中的資金，用作聖誕節捐贈。一些受害人證實信用卡賬户出現不明轉賬。

“匿名者”宣稱獲取了戰略預測公司的保密客户清單，所列客户包括蘋果公司、美國空軍、邁阿密警察局，失竊資料包括信用卡賬號、密碼和住址，總共超過四千份。

根據其在YouTube視頻網站主頁上的描述，戰略預測公司總部位於得克薩斯州奧斯汀，提供政治、經濟和軍事分析，幫助客户減小風險。

該公司經互聯網、電子郵件和視頻向客户傳遞報告和分析，收取費用。

這家機構的網站癱瘓，首頁橫幅解釋是“網站正在維護”。

但訂閲該公司郵件的公司和政府機構的專有信息似乎沒有受到嚴重威脅，主要風險集中在訂閲了郵件的個人員工客户。

“匿名者”在一條推文中嘲諷地説道：“再也沒那麼私人和祕密了吧？”“匿名者”宣稱針對“戰略預測”公司的這次以聖誕節為靈感的襲擊只是開始，公佈的也只是部分客户名單。

“匿名者”表示，已經公佈的客户名單只是該團體從戰略預測公司竊取的2000億字節數據資料的冰山一角，這些資料非常值得偷竊，而且還宣稱會繼續泄漏資料。

“匿名者”稱，他們能獲取客户信用卡信息部分是因為戰略預測公司沒有對信息加密。如果這一説法屬實，對任何一家與安全相關的公司而言，這都會非常尷尬，因為這是最容易避免的疏漏。

戰略預測公司副總裁弗雷德•伯頓説，公司已經報告了這起違法案件，將與執法部門聯手開展調查。

他表示，戰略預測公司有旨在預防類似攻擊的適當的保護措施。

伯頓説：“但我認為，在當今世界，只要被黑客盯上，或者只要他們想要攻擊你，防護就異常艱難。”