The end of LulzSec? Hacking group says it is disbanding, after 50 days of attacks

LulzSecThe LulzSec hacking group has claimed it is disbanding, in a statement marking its 50th day of activity.

The hacking gang became notorious following a series of hacks and denial-of-service attacks in recent weeks against the likes of Sony, PBS, Infragard, SOCA, gaming websites, the CIA, the US Senate, and others.

LulzSec managed to amass a staggering 275,000+ followers on Twitter as it took the unusual approach of courting publicity for its strikes against companies and organisations.

In the run-up to the announcement, LulzSec said that it had a surprise in store:

Sign up to our free newsletter.
Security news, advice, and tips.

https://twitter.com/LulzSec/status/84746936275582976

Part of its apparent farewell statement, written in its typical jaunty nautical style, reads:

“Our planned 50 day cruise has expired, and we must now sail into the distance, leaving behind – we hope – inspiration, fear, denial, happiness, approval, disapproval, mockery, embarrassment, thoughtfulness, jealousy, hate, even love”

“Thank you for sailing with us. The breeze is fresh and the sun is setting, so now we head for the horizon.”

Accompanying the statement was a link to a downloadable torrent of what, LulzSec claimed, was their final haul of stolen data: hundreds of thousands of usernames and passwords for a variety of websites, including login details of players of the Battlefield Heroes game.

Files leaked by LulzSec

Once again, it appears that websites are not taking enough care over protecting users’ passwords. If you haven’t yet woken up to the risks associated with using the same password on different websites, now is the time to do so.

LulzSecInevitably there will be speculation that the reason for LulzSec’s apparent disbandment could be that they are worried that they have brought too much attention to themselves, and there are simply too many people (including rival hackers) attempting to uncover their true identities.

The temptation for someone connected with the group to blab about their involvement may be too great, and the chances of a member of LulzSec being careless and unwittingly failing to cover their tracks could be too big a risk to take.

Maybe, quite simply, LulzSec was worried that the heat was intensifying – and it was time for them to get out of the kitchen before the computer crime authorities caught up with them.

Earlier this week we saw one man, who may or may not be connected with the LulzSec group, charged by UK police in connection with the attack against SOCA.

If LulzSec’s demise can be taken at face value, some organisations around the world may be breathing a deep sigh of relief that they are no longer at risk of being the focus of the group’s unwanted attention.

However, LulzSec is just one – particularly vocal – group of hackers. Just because one of the most notorious hacking gangs may have gone the way of the dodo, does not mean you can afford to be complacent about your company’s computer security.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.