I normally would never link to a website called Malware Database, and if you’re running a vulnerable system, you might want to be careful here.

BUT! Malware Database is mirroring Anonymous’ Operation Payback blog (the original is down due to counter-counter-counter DDoS’in’), and it’s pretty fascinating.

Update โ€” 12/8/2010 โ€” 8:24 AM
Mastercard.com is still selected as the main target and has not came back online since our last report. 7 hours of downtime and counting.

The amount of participants in the attackers chat room have soared to over 2200 people and there are currently over 1,700 computers in the voluntary botnet.

Update โ€” 12/8/2010 โ€” 12:26 PM
Mastercard.com still under attack with 11 hours of downtime and counting, but the target will change to Visa.com at 1 PM PST.

This is the first time that the group officially targets Visa.com, but we have already observed 106 service interruptions and over 12 hours of downtime for Visa since we started monitoring yesterday at 9PM.

I’m not a big fan of DDoS attacks generally. From experience: they suck. But the counter-attack against those who are attacking WikiLeaks is following the same principle that the U.S. and other governments have been using. The governments didn’t like what WikiLeaks was doing, so they used political pressure and threats to corporations doing business with them to try to take the site down. Keep in mind that WikiLeaks has not been charged with any crime. Anonymous (and others) didn’t like what those governments were doing, so they’re using the tools at their disposal to counter-attack.

Anthony Hecht is The Stranger's Chief Technology Officer. He owns no monkeys.

58 replies on “Watching Operation Payback”

  1. if your network engineer can’t stop a 1700 computer botnet in about 5-15 minutes, fire them immediately.

    a real ddos is usually in the hundreds of thousands of computers, if not millions.

  2. Maybe. Just Maybe.

    Maybe we shouldn’t be trying to enforce US laws on citizens of other countries who don’t reside here …

    Ya think?

  5. Trying to strike at the heart of the credit card companies by briefly interrupting their marketing webpages is like vowing to end U.S. military interventions by egging a recruiting office.

  6. @4 – Well, to be fair, many in the U.S. gov’t don’t think what they did is legal, and they’re looking for ways to prosecute them. The point, though, is that they haven’t been charged with anything yet.

    @5 – Absolutely. This isn’t going to hurt these companies too much, but it does get their names in the papers for pulling their services from WikiLeaks. None of it is much direct harm, but businesses don’t like bad press.

  7. @5 you give the american populous far too much credit for knowing the difference…..even after viewing a news report specifying the difference.

  8. Hm. I dunno if you, @1 Swearengen, really understand what a DDoS attack is really all about. Just because a botnet is 1700 and not 10,000 doesn’t mean it’s arithmetically easier to for a website to dodge the digital bullets that are hailing down upon it.

    As to the main point: It is controversial to use extra-legal measures to support your cause. That goes for both the US and the hacktivists taking down Mastercard, et. al.

    But on the other hand, it is pretty traditional to take to the streets, violate laws, and disrupt normal proceedures if violations of justice are taking place. Globally-speaking, when ‘The People’ get fucked over, they typically burn some buses, or buildings, or whatever. Is this “right”? Does it get “results”?

    Are things set up so that doing things “right” (ie. legally) results in no justice and no adequate solutions? Did Ghandi violate laws to get results? His methods were largely peaceful, but they were quite disruptive. In the Mastercard attack, no person is getting physically injured. People are getting inconvenienced, true. http://Whitewhine.com

    Do the people (or in this case, black bloc, or vigilantes) *have* to inflict direct measurable pain on those in power in order to get justice?

    History would suggest ‘yes’.

  9. Anthony @6, good point – though I doubt the companies mind especially, I’m sure you’re right about the attackers enjoying the media play.

  12. @5, 6 — Well, considering that people probably use their main commercial site to log in and check their accounts, move money around, and such… it’s probably affecting Mastercard’s operations directly.

  13. If you go on /b/ (I suggest you DON’T), you’ll notice that all the oldfags are staying out of this one.
    Why?
    Because all they’re doing is drawing negative attention to themselves. They’re not actually doing more than mildly inconveniencing Mastercard and Visa, and they’re really just reinforcing the impression that WikiLeaks is terrorist to a degree. It’s just a bunch of newfags trying to be all “HERP DERP ANONYMOUSE ARE LEGION! I DDOS W/LOIC I ARE HAXX0R NAO, AMIRITE”. Any Anon with a brain is keeping their LOIC powered down for this one; that includes me.

  14. What a sophmoric notion of moral equivilency. I suppose Maurice Celmons was just using “the tools at his disposal” to strike back at his oppressors, too?

    Wikileaks may not have broken any laws, but there is no evidence that the U.S. government has broken any laws in its treatment of WikiLeaks, either. It has not pursued prior restraint. It is perfectly legal for government actors to indicate to companies that they are unhapy with those companies’ relationships with WikiLeaks. There is no reason to beleive that Amazon, Visa, Mastercard, and Paypal were threatened with anything more than bad publicity. Unlike those who inhabit the Slog’s “stick it to the man” tought bubble, most Americans take a dim view of those who threaten U.S. interests, and it would be perfectly rational for those companies to decide that it would be bad for business to be associated with Wikileaks in the non-Slog public mind.

    Denial of service attacks, on the other hand, are most definitely illegal.

  16. @12, no, they really don’t. The sites are purely marketing. Cardholders do personal account stuff through their issuing financial institution. The sites are working just fine now, you can go check it out if you’re wondering.

  17. I wonder what existential mental battle is going on in the minds of the IT staff at mastercard and visa – having to justify the defense of these attacks in light of that whole free speech thing..

  19. @16: verified by visa had problems, according to boingboing.
    @1: armchair IT experts on the Internet are as common as dumbasses. you draw the connection.

  20. Does it really matter if the hackers are in point of fact disrupting MC/VISA’s ability to perform financial transactions so far as the general public is concerned?

    The “general public” that, for the most part, can’t program their DVR’s, let alone tell the difference between a primarily symbolic DDOS attack and an actual incursion into their personal financial accounts?

    It’s all about perception: if the public sees the MSM throwing up headlines every few hours about “Hackers Attacking Major Credit Card Web Sites” or whatever, many of them are probably going to start getting nervous, whether the attacks directly affect them or not.

    It’s exactly like what happens whenever the government issues an “Orange Alert” or a new set of ridiculous TSA directives: if the masses THINK it might inconvenience them, they’re going to start going ape-shit out of pure reptile-brain induced fear response, even if it has no direct affect on them whatsoever.

    After all, it’s only how they’ve been trained to respond; the hackers are simply turning the tables, is all…

  21. @19, thanks for the update. I feel glad they attacked the awful and Verified by Visa option – I saw it pop up once online shopping and thought WTF. Shoppers avoid it like the plague already, so here’s hoping Visa lets it DIE.

  22. @David Wright

    Sen. Lieberman has been investigating companies tied to Wikileaks and has been placing pressure on the DOJ to investigate them even though they are withing the 1st amendment.

    This isn’t sticking it to the man, it’s showing the US and world what our government has been doing without our permission. So far it’s been allot of wasted money classifying gossip.

    This is an article showing that Amazon dropped Wikileaks after a conversation with Sen. Lieberman.
    http://www.huffingtonpost.com/2010/12/01…

  25. @1 WTF? You’re talking about DDOSs on the size of massive botnets. Most DDOSs are on the scale we’re seeing. What you’re describing is the US invasion of Iraq with shock and awe.

  26. Svensken @ 22: There is nothing wrong with a senator calling up to express his displeasure with a company. I have, on several occasions in my life, when I’ve had trouble with a company, called up a congressional office and asked them to intervene.

    You are welcome to appreciate what WikiLeaks has done. (I’ve found the cables so far mostly amusing, occasionaly insightful, and not once scandalous.) But that doesn’t mean that a senator who tells them to doesn’t is acting illegally or unethicaly. People engaging in DOS attacks against a business because it has chosen to exercise its right not to do business with an entity they like are acting neither legally nor ethicaly.

  27. The point is that preventing donations to Wikileaks is, at first blush, the only safe business decision. Because only one side can hurt you. So if you want Visa and MasterCard to not take sides, you have to show them that the other side can hurt them too. Maybe next time they’ll stay out of it.

  28. @23: I’ve not seen that, and I shut it off as soon as I saw the guy giving an interview under his own name and in person. No true Anon has anything close to a face, and no one Anon can properly speak for the collective. Since Anonymous functions by groupthink, nothing any Anon says matters at all unless a lot of other Anons start saying it too.
    But yeah, there’s a few wise oldfags, bona fide haxx0rs, and neckbeards in Anonymous, but there’s also a lot of newfags and scriptkiddies. If the latter groups decide to go off half-cocked and the former groups don’t shout them down, there can be a lot of useless onanistic bullshit inflicted upon the internets.
    Project Chanology was a flawless victory for great justice; it drew much-needed attention to the sleazy ways of the so-called “Sci-lons”. This is just bullshit; the more attention WikiLeaks gets, the worse it looks to people. Frankly, I’m no fan of WikiLeaks myself. I wonder if they’d have released the cables so flippantly if they HAD contained vital information that would have endangered people.

    @24: CHANGE IT BACK YOU COCKMONGLER.

  29. “The United States Senate Committee on Homeland Security and Governmental Affairs” is Liebermans committee and with that committee he has power to direct the DOJ in certain affairs. He said in this interview that he is seeking prosecution for papers that contain the leaks. His call was an investigation into the relationship between Wikileaks and Amazon on the behalf of his committee.

    http://www.huffingtonpost.com/2010/12/07…

    The leaks so far have been amusing and on many cases they have censored content the government has shown would be life threatening. The recent political pressure shows that maybe something is coming that shows corruption and that we Americans don’t have the power we think.

  30. @28, I’ve chosen to sit this out out mostly, though I have sat in on some of the IRC chat rooms and followed what’s happening with a little bit of interest.

    I personally think that if the feds had chosen to leave well enough alone, most people would have reached the conclusion that Julian Assange is an asshole and by now the world would have moved on to the next critically important DWTS update or whatever.

    But it’s the way that they have gone after him, freezing his personal accounts, cutting off donations to the website for no real reason, all the BS cries of “traitor,” etc., etc. that have to some extent turned Assange and Wikileaks into martyrs and victims.

    Nobody likes a bully.

  31. @5, there are rumors that Mastercard’s payment processing may have been impacted and that there may have been a security breach involving some credit cards.

    PayPal’s ability to process payments may also have been affected. They’ve apparently already backed down to some extent by promising to release all the funds they had previously frozen to Wikileaks, although they’re still not accepting new donations.

    That’s not an insignificant attack on a mere marketing site or two.

  32. i would totally donate to assagananblarphengarhwatever’s legal fund if i, like, wouldn’t get on some terrible government “list” or something. (how many “lists” can one little fagboy be on? honestly? i ask you.)

  33. @28 – I don’t know how WikiLeaks has released the cables “flippantly.” They’ve so far released 1193 of over 250,000 cables. It seems that they’re being pretty careful with the releases, and working with larger news organizations to make sure that stuff that should be redacted is redacted.

  35. @31, thanks for the news. I guess if the attack were insignificant we couldn’t hear rumors of possible damage it might have done.

  37. http://www.collateralmurder.com/

    It’s good to see so many comments supporting WikiLeaks. It gives me hope that this country can survive the knuckle-dragging onslaught of conservatives and their drooling, lap-dog devotion to the elitist oligarchs and plutocrats who are out to turn the U.S. into a $1/hour slave-labor camp where 99% of the population licks out the toilet bowls of the other 1%.

  38. I’ll tell all of you that if somebody wants to crack a credit card company’s connections, it’s the easiest thing in the world to do. The NYT Magazine had an informative article about the prince of hackers a couple of weeks ago and it was revelatory.

    Nothing — nothing — is safe from hacking.

  39. Anonymous’s entire strategy is just childish and does nothing to help WIkileak’s cause. Mastercard and Visa’s names are already in the news for pulling Wikileaks; the people who already care about them are already angry with MC/Visa, and the people who can be swayed aren’t going to be swayed by a bunch of dipshit “hackers” from 4chan DDoSing a marketing site and possibly impacting peoples service, if anything it’ll make people more upset with Wikileaks.
    Not to mention that, as you said yourself, it was government pressure that made these companies cave. They didn’t like what the GOVERNMENT was doing. How does DDoSing the very same companies that the government pressured in any way get back at the government? It pisses off customers and makes them think Wikileaks is just a bunch of asshole “hackers” trying to cause trouble.
    It’s good to see people trying to do something about these companies pulling service, but 4chan and the like should stay out of the fight. If they want to actually do something then they should contact the companies to air their disapproval, not further make them hate us.

  40. @38, I remember that article. The hacker was a true card-fraud innovator up to 2007 or so. But remember, none of that money he stole came from Visa or Mastercard. It came from merchants who had way more bank card data to handle than they knew how to then. Mostly big national chains, but lots of smaller ones we’ll never know about too.

    You can take all the card data you want, but Visa and Mastercard aren’t affected financially. Just banks, merchants, card-payment processors, all their insurers…

    You had to admire that guy, though. From rising star hacker thief to informant for the Secret Service, then got back into stealing on the side. It interested him.

    Last March he was sentenced. He’s serving 20 years in federal prison. He’s still under thirty, though. He’ll still have some life left to live when he gets out.

  44. @44: My guess is that Anonymous is fine with going after corporations that they see as collaborators to a corrupt agenda, but figure that going after the government itself will bring reprisals against 4chan, whether from the Fed or from Moot. (Moot has been known to shut down sections of his site when he thinks that Anons have gone too far, most recently to stop the 4chumblr war. And every now and again, he’ll just do something really annoyiPUDDI PUDDI PUDDI PUDDI PUDDI PUDDI PUDDI PUDDI PUDDI PUDDI PUDDI PUDDI PUDDI PUDDI PUDDI PUDDI PUDDI PUDDI PUDDI PUDDI PUDDI PUDDI PUDDI

  45. Reality is that wikileaks is being regarded as persecuted by the US government, which means they must be on the side of Truth and Justice.

  46. Well, now they’re going after Visa. Visa’s LP division is largely former FBI. So we’ll definitely be seeing a very visible, media bait series of arrests. Count on it. The dudes in the LP departments of MC and Visa are well paid but money doesn’t motivate them. It’s the War on Terror that gets their engines going and it’s been that way since before there was such a thing as the War on Terror.

    PayPal has conceded to release funds to Wikileaks, which is impressive but they might as well crank their attacks into high gear at this point. They’ve awakened the beast by now and DDoS attacks are half measures compared to what they’ll be charged with.

    Rendition awaits them.

    The greatest contribution of transparency this whole affair has given us is the unabashed, overt fascism the U.S. is exhibiting right now by pressuring corporations to do their bidding.

    Are we sick of the motherfuckers yet? Every 4 years we accept their invitation to decide whether the corporations or the state will have the most dominion over our nation’s wealth.

    The switch or the belt? Always and forever.

  47. I thought this was an interesting paragraph:

    PayPal’s vice-president of platform, Osama Bedier, told an internet conference the site had decided to freeze WikiLeaks’ account on 4 December after government representatives said it was engaged in illegal activity. “On November 27th, the state department, the US government basically, wrote a letter saying that the WikiLeaks’ activities were deemed illegal in the United States and as a result our policy group had to make the decision of suspending the account,” Bedier said. He added: “We … comply with regulations around the world, making sure that we protect our brand.”

    From http://www.guardian.co.uk/media/2010/dec…

    That is indeed pressure from the US State Department (it’s not ironic at all that the Paypal guy who pulled the plug is named “Osama”).

    This is also the article that confirms payment processing at Mastercard was disrupted, though it doesn’t say how.

    From my perspective, the biggest thing that can come from this is maybe a little attention being paid by law enforcement to the botnet problem, the millions of infected PCs. These botnets are inescapably linked to organized crime and to spammers (which is a form of organized crime), and also rogue governments, including our own. I’ve been watching these things grow for several years, to the seeming uninterest of the people who should care the most, and I’ve been wondering when they would become widescale weapons in an infowar. There have been flashes before (Estonia, for instance) but now, with LOIC, the power to harness the bots is within reach of every pinhead /b/tard. I think that’s a problem.

    You can’t attack the botnets directly; there are too many of them, and they’re untraceable. But you can go after the people who put them together. If the end result of this is some very unfriendly visits from the FBI to people like Alan Ralsky I will be quite pleased. It’s not just spam anymore, and it’s time for it to stop.

  49. @48, 49: I don’t know about that, 5280. Fnarf, I respect you and everything, but you’re wrong about the botnet bit. LOIC isn’t a tool for controlling hijacked computers; it’s just an auto-DDoS program. It was originally intended as a stress-testing tool, but, naturally, was quickly repurposed to “stress-test” websites that Anonymous doesn’t like. One characteristic of Anonymous’s attacks, as opposed to those of many actual hackers, is that they rarely if ever involve involuntary participation. Botnets are used to extort money; LOIC attacks are generally used to make political statements, as in the case of Project Chanology.

  50. Twitter is the next target for their censoring of #wikileaks and related hashtags.

    Also, you can bet that Assange is not going to wait to be assasinated to activate Reston 5. He’s a hair’s breadth from it right now.

    Next charge filed on him or next attack on wikileaks might be enough to push him over the edge.

    The U.S. response to this mess has done nothing but confirm every suspicion the cables elicit. The response feels like Sarah Palin is already president. It’s so ignorant.

  52. Thanks for that link, Joe. Interesting that Lieberman’s site was hit too.

    Truly, this is becoming the “shot heard ’round the world.”

  54. @40 – Sure, I’m not saying this is going to be particularly effective, or that it won’t make more people view WikiLeaks in a bad light. But that was already happeningโ€”not because of these attacks, but because most of the media is taking that position. These companies didn’t have to bow to gov’t pressure. They chose to take the government’s side in this argument, before any charges have been filed, etc.

    Protests of any kind always drum up support for both sides, and can help portray the company being protested as the victim.

    This is an interesting form of protest in a new kind of battle, regardless of what we think of the people who are doing it.

  55. @55 Interesting, sure, but I wouldn’t call hacking corporate sites a “form of protest”. It’s an attack from one self-interested party (hackers) against another self-interested party (companies). If “protest” is going to be used for such actions at all, I would save it for attacks on the government. And even that’s a stretch for such a loaded, righteous word; this is more of an aggressive action (an attack in the “battle”) than a declaration of opinion.

  56. @55 The calculation on the part of MC/VISA was government can investigate us and make life hard vs Wikileaks can’t do anything, therefore we will dump our customer like the government asks. Anon is showing the world that the other side of that equation is not nothing, that in fact customers and the wider community can also make life hard if they don’t like what you do.

    The biggest problem is that there is no viable way to legally register protest with the credit card companies that they will actually take notice of. MC and VISA are pretty much the ONLY options if you are a part of the modern day economy. As the leaked documents show they have used the US government to ensure that they are ubiquitous throughout the world, and kept competition to a minimum.

  58. @57,

    Right. That’s why they’re also attacking the Swedish government and Assange’s accusers.

    These hackers are bunch of childish fucktards, full stop.

    Before all this started, I didn’t give much of a shit one way or another. Now I’m firmly opposed to Wikileaks and its “defenders.”

Comments are closed.