According to reports in the Internet security community and chatter from Operation: Payback participants, denial-of-service attacks mounted against the likes of PayPal, Visa, MasterCard, and the Web site of Senator Joe Lieberman are being carried out using an interesting mechanism: a voluntary botnet. Internet users who are interested in using their computers to support the cyber-activitst group Anonymous’s retaliatory DDOS attacks can download a tool (dubbed LOIC, or Low Orbit Ion Cannon) that lets Anonymous use their computer as part of their denial-of-service attacks. The tool connects to a command-and-control system enabling Anonymous to coordinate its attacks.
The LOIC software wasn’t created specifically for the battle in support of WikiLeaks. For some time, the same group of cyber-activists have been targeting organizations that bring litigation in cases of unlicensed music and video distribution, like the Recording Industry Association of America (RIAA) and the Motion Picture Association of America (MPAA).
Participating in the voluntary botnet is likely a violation of any ISP terms of service, and could be illegal in many jurisdictions.
According to security firms like Panda Security—which has itself been subjected to DDOS Attacks —as many as 3,000 computers have been participating in the voluntary botnet. Panda says it’s still trying to set hands on the botnet code, but says it is being spread by Windows Messenger, P2P networks, and USB sticks.
Operation PayBack has also been dealt some payback itself: Twitter suspended the groups account. Operation: Payback has also been subjected to DDOS attacks, apparently as retaliation for its actions. Operation: PayBack has attempted to insulate itself from attack by locating its service in Russia on “bulletproof” systems.
Posts
