Anonymous recruits Wikileaks 'data army'

The tool through which attacks are carried out against websites perceived to be anti-Wikileaks has now been downloaded more than 31,000 times.
Security experts warned people to avoid joining the voluntary botnet.
Targets of the loose-knit group Anonymous have so far included Visa, Mastercard and Paypal.
Amazon is expected to be among firms targeted next using the Anonymous attack tool known as LOIC. When a person installs the tool on their PC it enrols the machine into a voluntary botnet which then bombards target sites with data.
Motivation Anonymous member Coldblood told the BBC that he did not understand how firms such as Visa and Mastercard have decided that Wikileaks is illegal.
"We feel that they have bowed to government pressure. They say Wikileaks broke their terms and conditions but they accept payments from groups such as the Klu Klux Klan," he told the BBC.
He said that he has not personally taken part in the recent distributed denial-of-service (DDoS) attacks but explained the motives of those who have.
"Everyone is aware that they are illegal but they feel that it is a worthy cause and the possible outcome outweighs the risk," he said.
He said such attacks were only one tactic in its fight to keep the information being distributed by Wikileaks available.

In a twist to the story it has emerged that Amazon, which last week refused to host Wikileaks, is selling a Kindle version of the documents Wikileaks has leaked.

Anonymous have named the online retailer as its next target.
Earlier attacks against Visa and Mastercard knocked the official websites of the two offline for a while and resulted in problems for some credit card holders.
The attacks have been relatively small so far mustering less then 10 gigabits per second of traffic, said Paul Sop, chief technology officer at Prolexic which helps firms to defend themselves against the type of attack being employed by Anonymous.
"What's really wreaking havoc with these enterprises is how often the attackers can rotate the attack vectors," he said. "We see the attack complexity being more devastating as the mitigation technologies enterprises use can't filter out all these permutations."
Defending against an attack typically involves analysis to work out which ones are being employed. A tactic that may not work well in this case, he said.
"These Anonymous attacks are like riding a bull, they can change wildly and at a moment's notice," said Mr Sop.
Carole Thierault, a security researcher at Sophos, warned against getting involved with the Anonymous campaign.
"No-one, no matter how much you want to take part, should do this," she said. "It is very risky, and most probably illegal."
Ms Thierault said downloading and installing the LOIC attack tool was very risky.
"No-one should download unknown code on to their system," she said. "You're giving access to your computer to a complete stranger."

 Coinciding ideals


As well as releasing the attack tool, the Anonymous group has also been active in helping to create mirror sites. To date there are over one thousand sites offering exact copies of the content on Wikileaks.
It is also ensuring the information is available on dark nets, heavily encrypted layers of the internet via which information can be extracted while remaining untraceable.
The DDoS attacks are the latest battle in a wider fight known as Operation Payback, which targets firms Anonymous sees as "misusing the internet".
Past targets include the music industry and law firms associated with the attempt to bring music pirates to book.
The new-found attention on Anonymous has led the group to publish its manifesto.
In it, it denies that it is a group of hackers.
"Anonymous is not an organisation...and it most certainly is not a group of hackers," it said.
"Anonymous is an online living consciousness, comprised of different individuals with, at times, coinciding ideals and goals."
It also keen to distance itself from Coldblood, who it said is not a spokesperson for the group.

Source: BBC

Read More

Anonymous hacktivists say Wikileaks war to continue

Speaking on the BBC's Today programme, Coldblood said that "more and more people are downloading the voluntary botnet tool".
This signs them up to a so-called botnet, an army of machines that can then launch attacks.
Overnight Visa became the latest victim.
Its website experienced problems while Mastercard payments were also disrupted.
Both were victims of so-called distributed denial-of-service attacks, which bombard websites with requests until they are unable to cope, and fall over.
The Operation Payback campaign is targetting firms that have withdrawn services from Wikileaks.
Wikileaks attracted the ire of the US government when it began publishing 250,000 leaked diplomatic cables. The government has written to Wikileaks, saying its actions are illegal but denies putting pressure on firms such as PayPal to withdraw services.
Coldblood, who is not an official spokesperson for Anonymous, told the BBC that "thousands" of people had joined up in what he described as a "war of data".
"We are trying to keep the internet open and free but, in recent years, governments have been trying to limit the freedom we have on the internet," he said.
Entries on the Twitter page of Operation Payback, the Anonymous campaign, said the Visa site had been taken down.
Visa's website was later restored and spokesman Ted Carr said its processing network, which handles cardholder transactions, was working normally.
But in a day of fast-moving developments, the Anonymous Twitter page then went down, replaced by a message from Twitter saying the account had been suspended.
Twitter say they do not comment on "the actions we take on specific user accounts". However, a source told the BBC that the last tweet sent out by Anonymous included a link to a file containing consumer credit card information.

Paul Mutton at the security firm Netcraft, who is monitoring the attacks, said Visa is considered a more difficult target and the attack on it required a much larger number of "hacktivists" - politically motivated hackers - 2,000 compared with 400 for Mastercard.
Earlier the BBC was contacted by a payment firm linked to Mastercard that said its customers had "a complete loss of service".
In particular, it said that an authentication service for online payments known as Mastercard's SecureCode, had been disrupted.
Other readers have also said that they have had problems with online payments. The scale of the problems is still unclear.
Mastercard acknowledged there had been "a service disruption" involving its SecureCode system, but it added: "Our core processing capabilities have not been compromised and cardholder account data has not been placed at risk.
"While we have seen limited interruption in some web-based services, cardholders can continue to use their cards for secure transactions globally."
False account Anonymous, which claimed to have carried out the attack, is a loose-knit group of hacktivists, with links to the notorious message board 4chan.
It said that it has hit several targets, including the website of the prosecutors who are acting in a legal case against Wikileaks founder Julian Assange.

An Anonymous member told AFP news agency the group would extend their campaign to anyone with "an anti-Wikileaks agenda".

PayPal, which has stopped processing donations to Wikileaks, has also been targeted.
The firm said Wikileaks' account had violated its terms of services.
"On 27 November the State Department, the US government, basically wrote a letter [to Wikileaks] saying that [its] activities were deemed illegal in the United States," PayPal's Osama Bedier told the Le Web conference in France.
"And as a result our policy group had to make the decision of suspending their account.
"It's honestly, just pretty straightforward from our perspective and there's not much more to it than that," he said.
Other firms that have distanced themselves from the site have also been hit in the recent spate of attacks including the Swiss bank, PostFinance, which closed the account of Wikileaks founder Julian Assange.
The bank said Mr Assange had provided false information when opening his account.
Swamp site Security experts said the sites had been targeted by a so-called distributed denial-of-service attack (DDoS), which swamp a site with so many page requests that it becomes overwhelmed and drops offline.
Noa Bar Yosef, a senior analyst at Imperva said the attacks were "very focused".


"It is recruiting people from within their own network. They are actually asking supporters to download a piece of code, the DDoSing malware, and upon a wake-up call the computer engages in the denial of service," he said.
Before the Mastercard attack, Coldblood, told the BBC that "multiple things" were being done to target companies that had stopped working with Wikileaks or which were perceived to have attacked the site.
"Websites that are bowing down to government pressure have become targets," he said.
"As an organisation we have always taken a strong stance on censorship and freedom of expression on the internet and come out against those who seek to destroy it by any means."
"We feel that Wikileaks has become more than just about leaking of documents, it has become a war ground, the people vs. the government," he said.
Some of the early DDoS hits failed to take sites offline, although that was not the point of the attacks, according to Coldblood.
"The idea is not to wipe them off but to give the companies a wake-up call," he said. "Companies will notice the increase in traffic and an increase in traffic means increase in costs associated with running a website."
DDoS attacks are illegal in many countries, including the UK.
Coldblood admitted that such attacks "may hurt people trying to get to these sites" but said it was "the only effective way to tell these companies that us, the people, are displeased".
Anonymous is also helping to create hundreds of mirror sites for Wikileaks, after its US domain name provider withdrew its services.
Coldblood told the BBC that the group was beginning to wind down the DDoS attacks so that it could concentrate on using "other methods which are more focused on supporting Wikileaks and making sure the Internet stays a free and open place".

Source: BBC

Read More

Open Threat By Anonymous Paypal in Few Hour, Twitter is Next!!! (Via Online)

Read More

Wikileaks defended by Anonymous hacktivists

nternet hacktivists have fired the latest salvo in the Wikileaks infowar.

A group called Anonymous has hit sites that have refused to do business with the controversial whistle-blowing site with a series of distributed denial-of-service attacks.

It mirrors similar attacks aimed at the Wikileaks site.

Targets include the Swiss bank that froze founder Julian Assange's assets and PayPal which has stopped processing donations to Wikileaks.

Anonymous is a loose-knit group of hacktivists, with links to the notorious message board 4chan.

Increased traffic

A member of Anonymous who calls himself Coldblood told the BBC that "multiple things are being done".

"Websites that are bowing down to government pressure have become targets," he said.

"As an organisation we have always taken a strong stance on censorship and freedom of expression on the internet and come out against those who seek to destroy it by any means."

"We feel that Wikileaks has become more than just about leaking of documents, it has become a war ground, the people vs. the government," he said.

So far the denial-of-service attacks (DDoS), which swamp a site with so many requests that it becomes overwhelmed, have failed to take any sites offline although that is not the point of the attack, according to Coldblood.

"The idea is not to wipe them off but to give the companies a wake-up call," he said. "Companies will notice the increase in traffic and an increase in traffic means increase in costs associated with running a website."

DDoS attacks are illegal in many countries, including the UK.

Coldblood admitted that such attacks "may hurt people trying to get to these sites" but said it was "the only effective way to tell these companies that us, the people, are displeased".

Anonymous is also helping to create hundreds of mirror sites for Wikileaks, after its US domain name provider withdrew its services.

"At the last count there were 507 mirrors of Wikileaks," said Coldblood.

Ending contracts

Wikileaks has been hit by a series of denial-of-service attacks, following the release of a quarter of a million US embassy cables.

It is unclear who is behind the attacks but it seems that Wikileaks is getting too hot to handle as many of the businesses that work with the site, distance themselves from it.

On 3 December, domain name provider EveryDNS cut off service, citing the denial-of-service attacks as the reason.

Amazon also ended an agreement to host the site, saying Wikileaks failed to adhere to its terms of service.

It said that Wikileaks was unable to ensure that it "wasn't putting innocent people in jeopardy" by leaking classified documents.

Online payment company, PayPal, has permanently restricted Wikileaks' account, making it harder for supporters to make donations.

MasterCard Worldwide is also choking payments to the site.

The Swiss bank, PostFinance has closed the account of Wikileaks founder Julian Assange.

In all cases, the companies have insisted their decisions are not politically motivated.

PayPal said Wikileaks' account had violated its terms of services.

PostFinance, meanwhile, claimed Assange had provided false information when opening his account.

BitTorrent file

But some have taken a different view.

French internet service provider OVH said it had no plans to end the service it provides to Wikileaks.

"OVH is neither for nor against this site. We neither asked to host this site nor not to host it. Now it's with us, we will fulfil the contract," said OVH managing director Octave Klaba.

"It's neither for the political world nor for OVH to call for or to decide on a site's closure," he added.

French industry minister Eric Besson had called for the site to be shut down, saying France could not host internet sites that "violate the confidentiality of diplomatic relations and put in danger people protected by diplomatic secrecy".

But on 6 December, a French judge declined to force OVH to shut Wikileaks down, saying the case needed further argument.

Wikileaks has amassed some high-profile enemies including Senator Joe Lieberman, who chairs the US Homeland Security Committee.

He has urged the US government to "use all legal means necessary to shut down Wikileaks before it can do more damage by releasing additional cables".

Dr Joss Wright, a research fellow at the Oxford Internet Institute thinks it could be too late to legislate Wikileaks offline.

"Wikileaks has released an encrypted file containing all of the embassy cables," says Dr Wright. "The information is already out there."

Dozens of copies of that encrypted file have been shared using peer-to-peer networks, such as BitTorrent. "Once the information is there, it's virtually impossible to stop people sharing it," said Dr Wright.

Founder of Wikileaks Julian Assange has been arrested and is due to appear at City of Westminster Magistrates' Court later.

He is accused by the Swedish authorities of sexual assault.

Source: BBC

Read More