Oops. Looks like the #anon member in charge of developing the BoA leak site may have outed himself through the Facebook App ID. Pull up the source from bankofamericasuck.com and you’ll find this:
<script>
window.fbAsyncInit = function() {
FB.init({appId: '174193262621648', status: true, cookie: true,
xfbml: true});
};
(function() {
var e = document.createElement('script');
e.type = 'text/javascript';
e.src = document.location.protocol +
'//connect.facebook.net/en_US/all.js';
e.async = true;
document.getElementById('fb-root').appendChild(e);
}());
</script>
Copy-paste that appID, 174193262621648, into Google and you’ll find this Facebook App page. Guess who’s listed as the developer? Someone named Elo Pro with this Facebook page. Oops. Again, for a group that the media continues to idolize as so sophisticated, their attacks seem to only amount to building web pages and getting bored teenagers on freenet to download LOIC.
Edit: As discussed on the HN comments, I should probably clarify that last paragraph a bit. Clearly there are some capable "members" of #anon, but by design, its membership is fluid, and for the most part, far from capable of doing anything but following the instructions of others. I just don’t understand why the media really continues to characterize scriptkiddies as "hackers" in the year 2011.
Edit 2: And yes, it could be a fake account, but Facebook logs IP and gelocation info and has no problem readily cooperating with authorities, so somebody better not have been lazy when they logged into the account.
Of course they are going to use an anonymized location or probably a series of comprimised pc’s to post that, hell even if a hacked facebook account, ever try doing stats on that?
Also, just fyi. ELO is the rating system used in online games. Pro is short for professional… Pretty sure that’s not a real name.
You’re right; after researching this more, I later realized. However, as I mentioned, FB is more than willing to cooperate with authorities, so they could be traced through account logins even if the account name is fake.
even if they can trace IP or geolocation, it’s pretty common for anon members to use several proxies and TOR and various other anonymizing techniques to become untraceable or extremely difficult/time consuming to legally trace