GNAA / Goatse Security

Submission 41,870

About

GNAA ^[1] (Gay Nigger Association of America) is an online trolling collective known for attacking bloggers, Internet celebrities and prominent websites. Several members of the group later founded the hacker collective Goatse Security which gained notoriety for its involvement in an AT&T data breach that exposed personally identifiable information of 114,000 iPad users.

Online History

The Wikipedia entry^[2] claims that the GNAA was founded in 2002 and was named after the 1992 Danish satirical blaxploitation film Gayniggers from Outer Space. The organization was founded with the intention to “sow disruption on the Internet,” according to the book Blog Theory: Feedback and Capture in the Circuits of Drive^[3] by Jodi Dean.

On June 26th, 2004, the Apple product news blog MacRumors^[11] published a post including faked screenshots of the upcoming Mac OS X 10.4 (Tiger) operating system, which were submitted by two members of the GNAA identifying themselves as "Gary Niger" and "Ron Delsner." On August 12th, 2005, Wired^[12] published an article titled "Max Hacks Allow OS X on PCs," reporting that hackers had managed to create a version of Mac OS X for PC processors. The following month, the GNAA released an ISO image claiming to be a version of the operating system and on June 15th, the tech news blog Gizmodo^[13] published an article revealing the file caused a machine to boot to a picture from the Goatse.cx shock site.

Goatse Security

The Goatse Security, sometimes known as GoatSec, is a hacker group that specializes in publicizing security flaws discovered by its members, including Andrew "Weev" Auernheimer. The group, which derived its name from the Goatse.cx shock site, gained much notoriety in June 2010 for its involvement in a high profile AT&T data breach in which they obtained personal ID information of 114,000 iPad users.

Highlights

Tumblr Dashboard Hack

On December 3rd, 2012, GNAA reportedly discovered a way to spam its worm-ridden blog post targeting Tumblr users and "emo kids" across the microblogging service Tumblr, infecting thousands of accounts for individual bloggers as well as news publications. According to the Daily Dot's exchange with a member of the group who identified himself as “Leon Kaiser” and the group’s “head of public relations," the malicious post may have affected as many as 6,000 unique accounts on the site in the span of few hours since its launch in the morning.

Targeting the site's prominent youth and teenage userbase, the lengthy message spawned a copy of the post on any user's dashboard when clicked upon and warned the reader against removing the post. As the post continued to spread on the site, many users began advising those with infected accounts that they can easily remove the worm by ignoring the warning and deleting the said post from the dashboard.

Goatse Security Hacks

Web Browser Exploits

On January 30th, 2010, the tech news blog Softpedia^[4] published a post titled "Firefox Bug Used to Harass Entire IRC Network," which reported that the GNAA had written a script exploiting a vulnerability in the Firefox web browser which would cause visitors to spam the Freenode Internet Relay Chat (IRC) server. On March 23rd, Goatse Security member Andrew Auernheimer posted information on how to perform a Safari browser exploit to the Internet culture database Encyclopedia Dramatica,^[6] which would allow the user to access blocked ports by adding the number 65,536 to the port number. Apple patched the glitch in the desktop version of the browser but did not update mobile versions, which could allow hackers to cause harm to Apple's mobile devices according to Goatse Security.^[7]

2010: AT&T Data Breach

On June 9th, 2010, Gawker^[5] published an article titled "Apple's Worst Security Breach: 114,000 iPad Owners Exposed," which reported that the information of CEOs, military officials and politicians had been leaked due to a vulnerability in the AT&T network. The article went on to reveal that iPad subscriber data had been obtained by Goatse Security on AT&T's website, which was accessible to anyone on the Internet prior to the group's exploit. To obtain the emails, Goatse Security used a PHP-based "brute force" script to send HTTP requests with a valid subscriber identity module to the AT&T website, which would in turn reveal the email address associated with the ID. The leak sparked a debate about the proper way to disclose security flaws, which was reported by The Wall Street Journal^[8] in an article titled "Computer Experts Face Backlash" on June 14th. The article quoted former Electronic Frontier Foundation Civil Liberties Director Jennifer Granick, who defended Goatse Securities tactics:

"I don't have a problem with what they did. No one was put at a risk as a result of it"

The same day, Tech Crunch^[9] founder Michael Arrington announced that the tech news blog would be giving the group a Crunchie award for public service for exposing that AT&T security flaw. On June 15th, Cnet^[10] announced that Goatse Security member Andrew Auernheimer had been detained after the FBI invaded his home and found illegal drugs. On November 20th, 2012, Auernheimer was found guilty of conspiracy to access a computer without authorization and identity fraud.