Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Amazon.com appears to repel Anonymous DDoS attack

Pro-Wikileaks hacktivists fail to take down Amazon, focus on PayPal

Article comments

A planned distributed denial of service (DDoS) attack against Amazon.com by Anonymous, a hacker group that has launched similar attacks against organisations it sees attempting to censor Wikileaks, appears to have failed.

Anonymous started attacking Amazon's website at 11am EST, but quickly appeared to abandon the effort after realising how little impact it was having, said Paul Mutton, a security analyst with UK-based Internet monitoring firm Netcraft.

"The attack didn't seem to make a dent on Amazon.com," which is not surprising considering Amazon's network infrastructure, he said. "The size of [the Anonymous] botnet was not large enough to have any impact."

Instead, the group now appears to be focusing its attention on api.Paypal.com, a secure payment transaction handling website, Mutton said.

The site is not currently accessible, which could be due to the attacks or because of defensive measures PayPal is taking to protect the site, he said. An Anonymous attack earlier today knocked http://paypal.com offline for about an hour, he said.

The planned attack on Amazon.com was announced in an Anonymous tweet posted by Netcraft.

The provocation for attacking Amazon.com appears to be due to the online retailer's decision to start selling a Kindle ebook version of the leaked US State Department cables after it had earlier booted WikiLeaks from its hosted cloud service.

The ebook includes the first 5,000 leaked State Department cables posted by Wikileaks in tagged, searchable format. Amazon is offering the ebook on its UK site for £7.37 ($11.62).

Anonymous has begun using Internet Relay Chat (IRC) and a newly established Twitter account to announce new DDoS targets. The group's main website anonops.net has been hit with numerous DDoS attacks over the past few days, and yesterday was suspended by its ISP.

Nonetheless, support for Anonymous appears to be growing as has the sophistication and use of its DDoS tools, according to security researchers.

Up to now, the loosely-affiliated group of Internet vigilantes had been more known DDoS attacks on various entertainment industry websites over copyright enforcement issues, in an effort called Operation Payback.

Earlier this month, Anonymous' organisers announced plans to extend Operation Payback by attacking any organisation perceived as attempting to censor Wikileaks.

Over the past few days, support for the Anonymous group appears to have grown substantially, according to Sean-Paul Correll a security researcher from PandaLabs. Correll has been chronicling the attacks in a blog that is now under a DDoS attack.

The Anonymous group has made available a DDoS tool called LOIC, or Low Orbit Ion Canon, that anyone can use to link their computer into a voluntary botnet for launching DDoS attacks against specific targets.

Security firm Imperva's Hacker Intelligence Initiative, which has been closely tracking the Anonymous Group and its attacks against various Web sites, said that LOIC was originally developed as an open source network stress testing tool. It was recently tweaked to include a central command and control module, Imperva added.

LOIC host GitHub shows more than 37,000 downloads of of the tool set so far. In addition to the downloadable version of LOIC, users can install a JavaScript version of the program that does not require a download, according to Imperva.

"Operation Payback's ability to challenge serious sites and do that simultaneously is very much coupled to the introduction of the new version with its C&C capabilities," said Amichai Schulman, chief technology officer at Imperva in an email. "My speculation is that due to the substantial increase in downloads, it is highly likely this is no longer just a social movement, but also a technical movement like a botnet."

According to Imperva, the hacker group is in the process of coordinating botnets with over 100,000 computers capable of generating 800 MGBPS traffic to increase the attack horsepower. An attack of this scope is likely to better test Amazon's ability to deal with DDoS attacks.

Anonymous has so far claimed responsibility for DDoS attacks against MasterCard, Visa, PayPal, EveryDNS and Swiss payment transaction firm PostFinance. Each of these organisations terminated their services to Wikileaks after the whistleblower website began posting thousands of leaked classified cables from the US State Department earlier this month.

Anonymous has also launched attacks on the Web sites of US Sen. Joseph Lieberman (I-Conn.), former Alaska Governor Sarah Palin and the websites of the Swedish prosecutors who are pursuing rape charges against Wikileaks founder Julian Assange.

The attacks resulted in each of the websites becoming unavailable for varying lengths of time. PostFinance's website, for instance, was knocked offline for more than 33 hours, while MasterCard's main website was down for much of Wednesday. A note posted on MasterCard's site suggested that service is still not yet fully restored.

Visa initially appeared to fend off the Anonymous DDoS attacks before it was finally knocked offline yesterday. The site appeared to be working normally this morning.



Share:

More from Techworld

More relevant IT news

Comments



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *