[xtypo_dropcap]T[/xtypo_dropcap]he group behind the Wikileaks revenge attacks, “Anonymous Operation” is actually not anonymous, as the LOIC cyber attack software used in the attacks reveals their IP addresses, according to a report from Design and Analysis of Communication Systems Group (DACS), University of Twente, Enschede, in The Netherlands.
“Anonymous Operation” played a hand in the cyber attacks on company websites including MasterCard, Visa, and PayPal.The attacks took the form of DDoS (Distributed Denial of Service) attacks that overload websites with queries.
Although the members of Anonymous were dubbed hackers, they were simply using a free online tool to launch their attacks. They’re running under the banner of “Operation Payback,” which was originally started in response to crackdowns on online piracy.
The group’s tool of choice is the LOIC (Low Orbit Ion Cannon) that is available for free in both a Web-based and downloadable version.
According to the report, use of the tool has made members of Anonymous “easily traceable, and therefore anything but anonymous.” It adds, “The main conclusion is that the attacks generated by the tool are relatively simple and unveil the identity of the attacker.”
“We also found that these tools do not employ sophisticated techniques,” the report says, comparing the attack to “overwhelming someone with letters, but putting your real home address at the back of the envelop.”
According to the report, the original LOIC tool was built by Praetox Technologies and “performs a simple DoS attack...” and “allows the user to select a target host, a method of attack (TCP, UDP or HTTP), and some other parameters to customise the requests that will be sent.”
The version currently being used is slightly different, as it “allows the tool to be remotely controlled” and makes the user’s machine part of the “botnet” used in the attack. A botnet, also called a “zombie army” is a collection of infected computers that a hacker can use to launch large-scale cyber attacks while using small amounts of power from each machine.
The report concludes that members of Anonymous who launched the attacks “may not be aware that international data retention laws require that commercial Internet providers store data regarding Internet usage for at least 6 months. This means that hacktivists can still be traced easily after the attacks are over.”
“Anonymous Operation” played a hand in the cyber attacks on company websites including MasterCard, Visa, and PayPal.The attacks took the form of DDoS (Distributed Denial of Service) attacks that overload websites with queries.
Although the members of Anonymous were dubbed hackers, they were simply using a free online tool to launch their attacks. They’re running under the banner of “Operation Payback,” which was originally started in response to crackdowns on online piracy.
The group’s tool of choice is the LOIC (Low Orbit Ion Cannon) that is available for free in both a Web-based and downloadable version.
According to the report, use of the tool has made members of Anonymous “easily traceable, and therefore anything but anonymous.” It adds, “The main conclusion is that the attacks generated by the tool are relatively simple and unveil the identity of the attacker.”
“We also found that these tools do not employ sophisticated techniques,” the report says, comparing the attack to “overwhelming someone with letters, but putting your real home address at the back of the envelop.”
According to the report, the original LOIC tool was built by Praetox Technologies and “performs a simple DoS attack...” and “allows the user to select a target host, a method of attack (TCP, UDP or HTTP), and some other parameters to customise the requests that will be sent.”
The version currently being used is slightly different, as it “allows the tool to be remotely controlled” and makes the user’s machine part of the “botnet” used in the attack. A botnet, also called a “zombie army” is a collection of infected computers that a hacker can use to launch large-scale cyber attacks while using small amounts of power from each machine.
The report concludes that members of Anonymous who launched the attacks “may not be aware that international data retention laws require that commercial Internet providers store data regarding Internet usage for at least 6 months. This means that hacktivists can still be traced easily after the attacks are over.”
