The FBI is investigating on IP addresses released by the Anonymous collective in a wake of the hijacking of the US CENTCOM social media accounts. Anonymous members have collected the IP addresses of the alleged hackers who breached the accounts. Members of Anonymous operating from TheAnonMessage Twitter account, informed the FBI that they were in possess of the IP addresses of the alleged attackers.
While Anonymous started the #OpCharlieHebdo campaign against jihadist websites to avenge the attack against the Charlie Hebdo, hackers of the CyberCaliphate group, claiming to support the terrorist group ISIS, have compromised the official Twitter account for the U.S. Central Command (US CENTCOM).
The responsible for the CENTCOM account hijacking claimed to have compromised officials’ mobile devices and as proof of the hack disclosed a series of images and documents. Further investigation allowed the experts to verify that the documents disclosed were already publicly available.
The US Army confirmed that hackers have had access only to social media account by that haven’t had access to internal system neither have used the accounts to spread malicious code or to conduct other malicious activities.
“CENTCOM’s operational military networks were not compromised and there was no operational impact to U.S. Central Command. CENTCOM will restore service to its Twitter and YouTube accounts as quickly as possible. We are viewing this purely as a case of cyber vandalism,” reads the statement issued by the CENTCOM.
The US CENTCOM confirmed that classified information was not disclosed and that law enforcement are investigating on the incident.
“In the meantime, our initial assessment is that no classified information was posted and that none of the information posted came from CENTCOM’s server or social media sites. Additionally, we are notifying appropriate DoD and law enforcement authorities about the potential release of personally identifiable information and will take appropriate steps to ensure any individuals potentially affected are notified as quickly as possible.” continues the statement.
Anonymous has shared information on the attackers through the Twitter account @TheAnonMessage.
“We’re scanning to see if any proxies were used but we’re certain the source is from Maryland.” states one of the tweets.
On Friday, a memo from the FBI forwarded the IP address information to several security experts, the document includes data provided by Anonymous. The intent of the FBI is to verify is to verify the reliability of the information with the help of the data that is in possession of the experts.
“On 12 January 2015, at 2:01PM CST, @TheAnonMessage, a Twitter account associated with the Anonymous hacking group, tweeted 11 IP addresses involved with the CENTCOM hack with the message,” reads the memo explains. “The FBI is providing a list of IPs obtained from @TheAnonMessage Twitter Account, and encourages recipients to examine their networks for any activity related to these IP addresses.”
There is also another strange circumstance that occurred just after the release of a list of IP addresses, it seems that the alleged responsible for the CENTCOM incident also took control of the @TheAnonMessage twitter account, that was any way recovered by Anonymous in a short period.
The IP addresses are:
220.127.116.11 18.104.22.168 22.214.171.124 126.96.36.199 188.8.131.52 184.108.40.206 220.127.116.11 18.104.22.168 22.214.171.124 126.96.36.199 188.8.131.52
Stays Tuned for further information ….
(Security Affairs – Anonymous, US CENTCOM)