Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Anonymous uses 30,000 PC strong botnet in Wikileaks campaign

Volunteers joined by malware controlled systems to take down payment sites

Article comments

PayPal's website was hit late Wednesday by two botnets as online activists continued their web attacks on companies that have severed their relationships with Wikileaks.

The activists have recruited volunteers, who have banded their computers into a distributed denial of service (DDoS) botnet, but they are also using hacked machines to carry out these attacks, said Sean-Paul Correll of threat researcher Panda Security.

"Today we observed over 3,000 computers in the voluntary botnet, but we also have knowledge of a 30k node botnet," he said.

This botnet infects computers via peer to peer filesharing systems, but it can spread via Microsoft Messenger and USB sticks as well, he said. Panda is trying to get a sample of the botnet code to analyze.

PayPal main site hit

PayPal was hit late Wednesday afternoon, Pacific time, and the Paypal.com address was unresponsive into early Thursday morning. "There have been attempted DDoS attacks on paypal.com this week," said company spokesman Anuj Nayar. "The attacks slowed the website itself down for a short while, but did not significantly impact payments."

PayPal's blog had been hit earlier in the week, but the main Paypal.com website was down for at least several hours Wednesday, and www.paypal.com was affected too, although less seriously. Unlike Visa and MasterCard, the website is critical to PayPal's business. Customers need the website to send money to other PayPal users.

Paypal wasn't the only company to have some payments affected, however. MasterCard's SecureCode service, used to add a security code for use in online transactions, similar to a PIN (personal identification number), also suffered a disruption Wednesday, said MasterCard spokesman James Issokson. "There were some operational issues and they have been resolved," he said.

Representatives of the Anonymous group's Operation Payback said that they were responsible for this disruption. They believe that MasterCard's web servers may have shared resources with the SecureCode system. In a MasterCard advisory, published on the Securetrading blog, MasterCard said that a directory server had failed.

Both MasterCard and Visa also had their public websites knocked offline by a "hive" of as many as 3,000 activists who had downloaded web-attacking software, which was then turned on different websites.

Operation Payback

For several months now, Operation Payback has gone after websites belonging to organisations that have cracked down on unlicensed music and movie copying, the Motion Picture Association of America (MPAA) and the Recording Industry Association of America (RIAA).

This week, the project took up cyber arms against companies that have cut business ties with Wikileaks, making it harder for the website to raise money and continue operations. They have also hit websites belonging to Wikileaks critics such as US Senator Joseph Lieberman and former Alaska Governor Sarah Palin.

For Operation Payback, attacks on Wikileaks are attacks on free speech.

"We are really just a collection of people from all walks of life, all over the world who are sick of watching people being exploited by outdated and vague copyright/freedom laws," said one group member who used the name Emily in an online chat. The attacks will continue until those laws are reformed, Emily said.

But the operation has had some trouble of its own. Facebook and Twitter have closed accounts used by the group, and its website was offline Wednesday as well. Replacement accounts such as this Twitter page soon sprang up, however.



Share:

More from Techworld

More relevant IT news

Comments



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *