Goatse Security logo
|
|
Formation | December 2009 |
---|---|
Purpose | Hacking |
Membership
|
weev Sam Hocevar Daniel Spitler Leon Kaiser Nick "Rucas" Price |
Products
|
Clench |
Slogan | Gaping Holes Exposed |
Website | security |
Goatse Security (GoatSec) is a loose-knit, nine-persongrey hat hacker group that specializes in uncovering security flaws. It is a division of the anti-blogging Internet trolling organization known as the Gay Nigger Association of America (GNAA). The group derives its name from the Goatse.cx shock site, and it chose "Gaping Holes Exposed" as its slogan.
In June 2010, Goatse Security obtained the email addresses of approximately 114,000 Apple iPad users. This led to an FBI investigation and the filing of criminal charges against two of the group's members.
The GNAA had several security researchers within its membership. According to Goatse Security spokesperson Leon Kaiser, the GNAA could not fully utilize their talents since the group believed that there would not be anyone who would take security data published by the GNAA seriously. In order to create a medium through which GNAA members can publish their security findings, the GNAA created Goatse Security in December 2009.
In order to protect its web browser from , Mozilla blocked several ports that HTML forms would not normally have access to. In January 2010, the GNAA discovered that Mozilla's blocks did not cover port 6667, which left Mozilla browsers vulnerable to cross-protocol scripts. The GNAA crafted a JavaScript-based exploit in order to flood IRC channels. Although EFnet and OFTC were able to block the attacks, Freenode struggled to counteract the attacks. Goatse Security exposed the vulnerability, and one of its members, Andrew Auernheimer, aka "weev," posted information about the exploit on Encyclopedia Dramatica.