Wikileaks DOS Attack Tool: Not Anonymous

276
Technology • Views: 26,882

The software used by the pro-Wikileaks group “Anonymous” to attack visa.com and other websites is known as “Low Orbit Ion Cannon” or LOIC; it was originally a stress-testing program designed to test how websites perform under high traffic loads. LOIC has since morphed into a DDOS attack tool that can form a “botnet” with other systems running the software.

Yesterday researchers at the University of Twente in the Netherlands released an analysis of the LOIC software used by Anonymous, showing that it’s anything but anonymous. In fact, they compare using LOIC to sending hate mail with a real return address on the envelope.

For a number of days the websites of MasterCard, Visa, PayPal and others are attacked by a group of WikiLeaks supporters (hacktivist). Although the group calls itself “Anonymous”, researchers at the DACS group of the University of Twente (UT), the Netherlands, discovered that these hacktivists are easily traceable, and therefore anything but anonymous.

In this report we present an analysis of the two versions of the tool named LOIC (Low Orbit Ion Cannon), which is used by the hacktivists to perform their attacks. The main conclusion is that the attacks generated by the tool are relatively simple and unveil the identity of the attacker. Therefore, the name of this hacktivists group, “Anonymous Operation”, is misleading: the hacktivists’ original IP address is shown in clear.

If hacktivists use this tool directly from their own computers, instead of via anonymization networks such as Tor, the real Internet address of the attacker is included in every Internet message being transmitted, therefore making it easy to be traced back. We also found that these tools do not employ sophisticated techniques, such as IP-spoofing, in which the source address of others is used, or reflected attacks, in which attacks go via third party systems. The current attack technique can therefore be compared to overwhelming someone with letters, but putting your real home address at the back of the envelop.

In addition, hacktivists may not be aware that international data retention laws require that commercial Internet providers store data regarding Internet usage for at least 6 months. This means that hacktivists can still be traced easily after the attacks are over.

Here’s the full report (PDF).

Jump to top

Create a PageThis is the LGF Pages posting bookmarklet. To use it, drag this button to your browser's bookmark bar, and title it 'LGF Pages' (or whatever you like). Then browse to a site you want to post, select some text on the page to use for a quote, click the bookmarklet, and the Pages posting window will appear with the title, text, and any embedded video or audio files already filled in, ready to go.
Or... you can just click this button to open the Pages posting window right away.
Last updated: 2023-04-04 11:11 am PDT LGF User's Guide RSS Feeds

Help support Little Green Footballs!

Subscribe now for ad-free access!Register and sign in to a free LGF account before subscribing, and your ad-free access will be automatically enabled.

Donate with
PayPal Cash.app
Recent PagesClick to refresh
Texas County at Center of Border Fight Is Overwhelmed by Migrant Deaths EAGLE PASS, Tex. - The undertaker lighted a cigarette and held it between his latex-gloved fingers as he stood over the bloated body bag lying in the bed of his battered pickup truck. The woman had been fished out ...
Cheechako
Yesterday
Views: 109 • Comments: 0 • Rating: 0