How Anonymous spied on FBI / UK Police hacking investigation conference call

Conference call spy image from ShutterstockLast month, we reported how a conference call, between the FBI and Scotland Yard, discussing their investigation into Anonymous hackers had been secretly recorded by the hacking collective and published on the net.

We surmised at the time that the unknown hackers might have secretly accessed the call by compromising a police investigator’s email account, as the call-in details and passcode were posted by Anonymous on their usual dumping ground – the PasteBin website.

Conference call email, republished by Anonymous

Yesterday’s announcement by the FBI about the prominent LulzSec hacker Sabu, and other alleged hacktivists, has revealed more details about what actually happened.

Sign up to our free newsletter.
Security news, advice, and tips.

According to an FBI press release, a Garda (Irish police) officer who was invited to attend the conference call about ongoing hacking investigations forwarded the message to a personal email account.

Unfortunately, that personal email account was compromised by a hacker.

FBI press release, mentioning conference call hack

The Irish police officer didn’t participate in the snooped-upon conference call, but because a hacker had lifted the login details from the officer’s account it made no difference. The call was secretly recorded.

19-year-old Donncha O’Cearrbhail, from Birr, was arrested by Irish police yesterday. He is charged with intentionally disclosing an unlawfully intercepted wire communication, as well as conspiring to hack the likes of Fox Broadcasting, Sony Pictures and PBS.

Are you careful with your conference call details?
The “hack” of the FBI / Scotland Yard’s secret conference call raises some important questions for all of us. Not only about the risks of forwarding work emails to private accounts, but also how careful are we with our conference call details?

You may think that you can afford to be lackadaisical with the call-in numbers and passcodes, but if they fell into unauthorised hands they could be used to secretly spy on your confidential business discussions.

After all, all someone has to do is dial in at the right time, and ensure that their “mute” button is enabled. Would you even notice there is one more person than there is supposed to be listening in on the line?

Image credit: Headset man from Shutterstock.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.