FYI.

This story is over 5 years old.

Tech

This Phony 'Anonymous' Site Was Set Up to Trap Ferguson Hacktivists

As military police forces gather around Ferguson, trying to quell an angry, frustrated and betrayed population, some people are taking their fight online.
Screenshot from OpFerguson.com

As military police forces gather around Ferguson, trying to quell an angry, frustrated, and betrayed population, some people are taking their fight online. 'OpFerguson', being spear-headed by members of the hacktivism collective Anonymous, launched a couple of days ago.

One site popped up that gave those wishing to voice their discontent a helping hand. Opferguson.com allows a user to select a target, including the Ferguson police force and the FBI, and participate in a DDoS attack: a technique that attempts to overwhelm a server by flooding it with traffic.

Advertisement

Opferguson.com, however, is not what it seems. Instead of directing a user's traffic to the intended target, it instead  collects the IP addresses of whoever logs on. This information, according to the creator, a self-avowed Anonymous opponent, is then open for law enforcement to act upon.

Screenshot from OpFerguson.com

"This site is mainly a research project," the creator, who goes by the Twitter handle "ihazcandy," told me over the phone. "It's designed to see how social media can be used to convince people who would otherwise commit a crime, but in the moment of anger or what-have-you, they steer into a direction of going from a random person flipping burgers at Burger King to attacking the United States."

How Not To Get Hacked at the World's Preeminent Hacker Conference

The site has Anonymous style messages blazoned across it. "Today you can help Ferguson," one reads.

"We are launching attacks against our enemies and we want you to not only be involved, but feel like you are making a difference. Because you are!" another says.

(As of 3:10 PM EST today, the site isn't loading, which may have something to do with ihazcandy taunting Anonymous to take the site down.)

Image:  Twitter

After the introduction page, you are presented with a selection of targets. The Pentagon, United States Air Force, United States Army, the FBI, the White House, the Marines, and of course the Ferguson Police. Click the button, and you are apparently participating in a cyber attack.

Advertisement

Experts and members of Anonymous were quick to write it off as a fake though. "This is a honeypot Anonymous website," Gabriella Coleman, author of an upcoming book on the group tweeted. An Anonymous account also tweeted the news:

WARNING RT: http://t.co/IsiKjyoQu8 IS NOT A LEGITIMATE WEBSITE. HONEYPOT DETECTED AND GOVERNMENT WILL TRACE YOUR LOCATION. DO NOT CLICK.

— TheAnonMessage (@TheAnonMessage) August 13, 2014

Despite this, people are still logging on. As ihazcandy told me, "There are hundreds of people saying, 'Hey, this is a honeypot, don't go here!', but I have 147 people on the site at this very moment."

As news of the site is spreading, people are clicking in from Facebook, IRC, and Twitter, he said.

The creator sent me a link to the data he had collected. Reams of pages of IP addresses, which could reveal the physical location of those that decided to click the attack button. (He said the collection only includes people who hit the attack button, not just people who visited the site.)

As you might imagine, the vast majority of them choose to "target" the Ferguson police department, but there are plenty others looking to strike the White House and other high profile institutions. While it seems unlikely that police would use the data, ihazcandy is keen for law enforcement to see this data for themselves.

"This is why I set up the research projects that I do, and allow law enforcement to see the data in real time," he said. "I'm releasing it publicly so law enforcement does not have to say they are receiving it." As for what he thinks of these people, "I think they are complete idiots."

Advertisement

One location in particular that caught ihazcandy's eye was the United Arab Emirates. "This region in the Middle East is trying to influence violence against police officers [in the US]," he said. "These are people who are attacking my country's military and police forces, so I have no shame in opening every byte of data that I can discover from them."

ihazcandy claimed that the site collects a lot more than just your IP address. "I can get into their computer, their phone, emails, I can do anything I want," he said.

As for who ihazcandy is, he has a history of trolling Anonymous. He used to be embedded in the community, before turning against them and passing data over to law enforcement.

Ihazcandy's other site, Consternation Security, details other instances where he has revealed the identities of 'Anonymous' members. The about section reads, "The purpose of this site is to express our repulsive urge to vomit from the lawless acts done by hackers day after day. if there ever was a code of ethics in the world, it has been thrown out the window. Never should private consumer data be made public."

"For a period of time, he was posing as an Anon, a bit like a double agent," Coleman, the Anonymous expert, told me.

Coleman said that this sort of behaviour isn't actually uncommon. "Anon-haters and trolls have a history of trying to entrap participants, either by stalking them or getting their IP addresses, and working with law enforcement after the fact," she said.

His real-world identity was leaked, and he left the group entirely. "It was a surprise when he was outed," Coleman continued. "He seemed legitimate, but he was collecting information on the side."

ihazcandy told me he was also behind the Cyber Hamas Army site, another honeypot. He is also claiming the OpFerguson was his idea all along. "Well, this is actually my operation. I'm not catapulting off anything."

That's not exactly true. OpFerguson has seen members of Anonymous band together to try to uncover the identity of the officer that killed Mike Brown. As the ground battles continue, Anonymous will carry on doing whatever its myriad factions thinks is right—and so will people like ihazcandy.