Anonymity isn’t just using TOR or a VPN and choosing a nickname-it means literally having no name, no identity. This means you DO NOT deface websites mentioning your nickname (or that of your team, I’m looking at YOU, CharrieWong), or in any way associate the name you are using with yourself (watch your identities).
You should credit Anonymous (or give no credit) for your actions, as soon as a name is attached to you, a single slip-up is enough to get you caught. Once the Feds know there’s a group, any form of infiltration (IE having an informant) in your group will be devastating. All of your work, data, rooted boxes, infrastructure, and scraps of personal data will be going directly to the feds. This brings us to some critical suggestions that we pulled together after perusing the criminal Complaints from the alleged LulzSec / Internet Feds / Anonymous arrests.
Please read, reflect and remember them next time you feel the keen need to share a personal detail from your life with your new bff in IRC.
CONVERSATIONS WITH OTHER PEOPLE -
mention any political affiliations directly (don’t say I’m a registered Independent, just talk about your political views)
mention any arrests (of you, or people you know) (WE LOVE YOU JEREMY HAMMOND!)
mention any forms of IRL activism that you have participated in
tell people what you are doing at any given time, or give out specific schedule information (IE, I’m always out of the house between 5 and 7 pm)
mention your age, any previous work (citing your abilities is okay if you don’t provide much proof), height, ethnicity, or medical conditions
mention where you are, if you happen to be on vacation
inform people outside of your trusted group of any changes in IRC nicknames
mention the manufacturer of your computer (or NIC, more specifically) without changing the MAC address! (WE LOVE YOU JEREMY HAMMOND!)
**Quick note from observing Sabu: if someone disappears without prior notice for an extended period of time, and then upon coming back tries to gain access to several more groups, and attempts to build a trust-based relationship with you, said person *might* be an informant.
ADVICE FOR WOULD-BE HACKERS:
ADVICE FOR WOULD-BE HACKERS:
don’t attack any organizations you are in any way affiliated with (don’t DDOS your school, dumbshit! Again, looking at you CharrieWong)
don’t dump any information to a server that you didn’t witness the pwnage of. (Stratfor’s data was copied over to an FBI server)
ALWAYS use TOR/a VPN while haxing! An easy way to run pretty much anything through TOR on linux is by using proxychains or torify (‘cept nmap!)
NEVER listen for reverse shells on your own box (derp)
NEVER connect to anything even remotely related to your target using any IP addresses that are affiliated with you or a small group of people
You can read the full criminal complaints from the alleged LulzSec / Internet Feds / Anonymous arrests HERE