WikiLeaks Hacktivists Likely Left Internet Trail for Feds
Hey, Anonymous, it looks like your cover's been blown and the feds are after you.
Many of the shadowy so-called hacktivists who launched distributed denial-of-service (DDoS) attacks against PayPal, Amazon and MasterCard during "Operation Payback" last month may have accidentally revealed their identities, according to a report today (Jan. 3) on the security blog Infosec Island.
It seems that the Low Orbit Ion Cannon (LOIC), an easy-to-use open-source tool used by many members of the ad hoc collective Anonymous to conduct DDoS attacks, isn't anonymous at all.
In fact, it sends the user's Internet Protocol (IP) address as it bombards target Web servers with useless requests for information.
Those IP addresses would be preserved as part of routine server log files, provided the server withstood the DDoS attack.
"Operation Payback," launched in support of Wikileaks and its founder Julian Assange, knocked the MasterCard website offline on Dec. 8 but failed to take down Amazon or PayPal.
The Smoking Gun website posted an affidavit last Wednesday that showed the FBI was tracking websites that hosted Internet Relay Chat (IRC) discussions that coordinated attacks during "Operation Payback."
It mentioned LOIC, but not targeted server log files.
Encyclopedia Dramatica, an online reference for Internet pranksters, lists the IP logging as one of the flaws of LOIC, but tells anyone who gets caught to "just say your PC was infected by a botnet."
- WikiLeaks Censorship â??Virtually Impossibleâ?? Researcher Says
- Security and Privacy Software Reviews
- From Mitnick to Conficker: Cybercrime and Malware on the Loose