Islamist Bank Attackers Back in Business
CREDIT: Trudy Wilkerson/Shutterstock.com
The group of Islamist online attackers who disabled the websites of nearly a dozen American banks in September and October has announced the resumption of its campaign.
"In new phase, the wideness and the number of attacks will increase explicitly," say the Izz al-Din al-Qassam Cyber Brigades, "and offenders and subsequently their governmental supporters will not be able to imagine and forecast the widespread and greatness of these attacks."
In a statement posted to Pastebin on Monday (Dec. 10), the Qassam Cyber Brigades named five banks to be attacked this week: Bank of America, JP Morgan Chase, PNC Bank, SunTrust and U.S. Bancorp. None of the banks' websites were having trouble loading this afternoon (Dec. 12).
All of those banks were among those hit in the original wave of attacks, which began Sept. 18. Others hit included BB&T, Capital One, Citigroup, Regions Bank and Wells Fargo.
The Qassam Cyber Brigades, who have taken an extended vacation since the Islamic holiday of Eid al-Adha at the end of October, claim their only goal is to have YouTube entirely remove the "Innocence of Muslims" movie and trailer that sparked riots across the Islamic world in September.
(The original video has been taken down, but it has been reposted many times.)
"The implementing of these attacks is because of widespread and organized offends to Islamic spirituals and holy issues, especially the great prophet Mohammad (PBUH)," states the posting. "If this offended film is going to be eliminated from the Internet, the belonging attacks, also will be stopped."
Two other banks that were attacked in September and October didn't fit the mold: HSBC, which is a British bank, and Ally Financial, which is American but which the Qassam Cyber Brigades never listed as a target and insist they never hit.
"We chose [HSBC] as an American bank," the Qassam Cyber Fighters say in the latest posting, reproducing an email exchange with Eduard Kovacs of the Romanian tech blog Softpedia. "We focused on their U.S. website, but it had also affected other sites in some degrees."
"We did not attack Ally institute," the responder to the Kovacs questions adds. "Our attacked targets previously have been announced in the corresponding statements."
An Anonymous-related group calling itself Fawkes Security also took credit for the Oct. 18 HSBC attack, and promised attacks on other British banks that never materialized. The Qassam Cyber Brigades spokesman considered that a coincidence.
"Our group doesn't have any connection to Fawkes Security," he said. "Our attack's simultaneity with their operation has been completely by chance."
On the surface, the attacks seemed to be classic distributed denial-of-service (DDoS) attacks, in which many computers use networking software to flood specific Web servers with millions of useless requests for data. The servers and their data are not harmed, but are cut off from the rest of the Internet.
There have been rumors that the Qassam attacks used new, especially powerful DDoS methods that leveraged the Internet's underlying infrastructure, but no one's been willing to specify exactly how.
In his answers to questioners, the Qassam Cyber Fighters' spokesman denies anything special is going on.
"We program our needs partially and use work of other programmers in the software world when we need it," he said. "We are not reliant on any specific utility for our operations, and we particularly didn't use [the underground DDoS service] multiboot.me in our attacks."
Nor is his group connected to Iran, the Qassam spokesman says, despite the assertions of Sen. Joe Lieberman, I-Conn., and other U.S. government figures.
"We are not dependent on any government," he said. "We don't have connection with any fractional or political structure."