#OpSideCar – What it was really used for, and why you never saw it coming.

k0n (pronounced Kay-Zer-On) Apr 22, 2022
|AnonFU|Donation Leak|Leak Sample|

You have all seen it in the news at some point in your life. Headlines of ‘Anonymous’ hackers shutting down websites, seizing databases, leaking sensitive information or uncovering shady things going on behind the scenes that the general public would never know about otherwise.

We aren’t here to talk about the motives that drive certain operations since we can definitely agree that when Anonymous crawls out of the woodwork it is going to be for good reason and most definitely in the interest of the majority. Just take a look at what is happening right now with on-going attacks by Anonymous against Russian Banks, Infrastructure, Services, News & Social Media, etc – things are continuing to go upside down over there and it will only continue to get worse.

While I support these on-going operations and have donated much of my personal time to the best of my ability, I am not seeing much love for the clownvoy freedumb idiots in North America…sadly. While these morons are not nearly on the same level as the Russian Army nor should they get the same attention, they are quickly regrouping and making repeated threats to resurface soon to ‘take back their country’ and this time it appears to be with physical threats. Now if those threats actually hold any water is a discussion for another time and another place.

I have been quietly working with a small group of people to unravel the spaghetti in order to find the meatballs on this giant plate of freedumb. We have tried some good old-fashioned honest approaches which has seen some success. Some webhosting platforms would see the removal of convoy websites (canhost.ca seen the removal of nomorelockdowns.ca) only to have these websites resurface on other hosting platforms. We expected this, and at first glance someone might think it was a complete waste of time…….or was it?

Hacking isn’t always what some people think it is, it is not always technical and done completely with computers. Hacking websites does not provide a consistent result because the targets vary wildly, the degree of difficulty is too high and let’s face it – there are smart people on the dark side ensuring that people like me aren’t breaking in to the systems. This is where they all miss the biggest aspect of it all and leave the most consistently and repeatedly exploited security hole which is YOU, the person.

Adept hackers are one thing, but adept hackers that are also adept social engineers are downright fucking dangerous and they know how to manipulate people in to getting what they need to complete a mission. It may not be obvious at first what the purpose of #OpSideCar was, so I am going to tell you.

The expectation was that one of two things would happen when hosting platforms were asked to take down these websites. Either they (hosting provider) would cancel the services of the client forcing them to move the site, or the client would get nervous and move the site to another platform. Sounds pretty harmless either way doesn’t it? Think again.

When most people move a website between platforms they create a bunch of temporary holes on both the old platform and the new platform. These holes are usually in the form of uploaded files that are not protected which contain sensitive information (site backups or db exports), or the use of very weak passwords temporarily to aid in the movement of site files. Folder structures and security are not set up correctly and need to be repaired and or adjusted to work on the new platform, the list goes on. In any case the result is a PRIME TIME to get in there and snag up the data quietly without them noticing.

This is precisely what happened with two websites which resulted in the leaks of their databases and their credentials. The databases provided lists of users and all of their information. The passwords were stored poorly and required little to no effort to crack and things just spaghetti from there. This has resulted in an email account being compromised which was used for donations. Further work continues.

With all of the recon taking place within a small group of people, we know who is tied to who and from there we can make very well educated guesses on which targets to attack next. We know who the freedumb roadies are, and nobody cares about them.

NOTE – If you never caught what #OpSideCar was all about (and people are still lodging complaints, which is great!), you can see the original information located here – https://rentry.co/OpSideCar


These people are fucking stupid, there is no other way to put it. Expect us.

k0n (pronounced Kay-Zer-On)

Cyber Security Expert. Hat colours are subjective and I don't wear hats. Humanitarianism is a way of life and I try to do my part as much as I can. I am also old-school Anonymous and adhere to the principles to this day.

Related stories