You are hereSwitched: How Aaron Barr Infiltrated Anonymous, and Why He Decided to Do It

Switched: How Aaron Barr Infiltrated Anonymous, and Why He Decided to Do It

February 11, 2011- Ars Technica's Nate Anderson has put together a long and fascinating report on the tumultuous recent history of Aaron Barr -- the security expert who successfully infiltrated Anonymous, and then got burned, after running to the FBI with his findings.

Based on e-mails he sent before beginning his mission, it's clear that Barr's motives, from the very beginning, were profit-driven. A social media fanatic, Barr firmly believed that he could use data from sites like Facebook and LinkedIn to identify any hacker in the world, including members of Anonymous. "Hackers may not list the data, but hackers are people too so they associate with friends and family," Barr wrote in an e-mail to a colleague at HBGary Federal. "Those friends and family can provide key indicators on the hacker without them releasing it...." He even wanted to give a talk at this year's Bside security conference, titled "Who Needs NSA when we have Social Media?" But, long-term security implications aside, Barr knew exactly what he would do once he obtained data on Anonymous' members. "I will sell it," he wrote.

Using several aliases, Barr began regularly dropping in on Anonymous' instant relay chat (IRC) forums, and, after setting up fake Facebook and Twitter accounts, attempted to unearth the members' true identities via social media. Putting real names to screennames, however, wasn't easy. Barr's techniques included matching timecodes; when someone shared something in the Anonymous IRC, he would check a suspected Twitter handle for any follow-up activity in the next few seconds. More matches lessened the likelihood of coincidence. By the time he concluded his research, he believed he had successfully identified 80 to 90-percent of Anonymous' leaders -- all thanks to information that was publicly available.

Some of his colleagues at HBGary, however, soon became uneasy with the direction that Barr was taking his investigation. In exchanges with his coder, he insisted that he was not aiming to get anyone arrested, but simply wanted to prove the efficacy of his statistical analysis. In an e-mail to another colleague, though, the coder complained that Barr made many of his claims based not on statistics, but on his "best gut feeling." Others, meanwhile, feared retribution from Anonymous, and with good reason.

Though Barr insisted that he wouldn't reveal the names of Anonymous' leaders at a meeting with the FBI, the group didn't take any chances, and launched a devastating counter-offensive against both Barr and his company. Barr's e-mails were leaked, his Twitter account hijacked, and his iPad, apparently, wiped clean. HBGary, meanwhile, suffered a DDoS attack that crippled its site.



Backbone Campaign
Liberty Tree
Progressive Democrats of America
Peoples Email Network
Justice Through Music
Locust Fork Journal
Berkeley Fellowship UU\'s Social Justice Committee
The Smirking Chimp
Progressive Democrats Sonoma County
Center for Media and Democracy
Chelsea Neighbors United
Atlanta Progressive News
Yes Men
No Nukes North