Operation Payback
December 10th, 2010 I don't pretend to be a computer geek so some of this is over my head. But I find that this information can come in handy if you are planning on joining Operation Payback or if you have some other large corporate entity in mind that might need some attention from the mouse that roared.
This was posted on one of the sites I go to and now I am passing it on. Have fun and use this information responsibly.
"How Operation Payback Executes Its Attacks
Over the last few days, companies like Visa
,
Mastercard
,
PayPal and Amazon.com
have found
themselves targets of coordinated distributed denial-of-service attacks,
designed to force their websites and other infrastructure elements offline.
The campaign, which is called "Operation Payback" (and is reportedly
headed up by Anonymous), is targeting companies that have denied service
to WikiLeaks and its founder, Julian
Assange.
In essence, what is happening is that lots and lots of individuals are
hammering specific websites with TCP or UDP packets or HTTP requests.
There are only so many resources to go around, which means that with
enough individuals involved, even large websites can be taken down very
quickly.
Most of the participants in Operation Payback are not hackers — at least
not in the true sense of the word. Instead, these users are using
computer programs — or more recently, simply visiting websites — in
order to stage their attack.
The tool being used to power these attacks is called LOIC (Low Orbit Ion
Canon) . This tool, which was
purportedly originally created to stress test networks, is written in C#
and can be downloaded off open source code repositories like Github and
Sourceforge.
LOIC can be used to target a website the user inputs, or using an option
called Hive Mind, to connect to IRC or even Twitter
, and grab information for
a targeted web attack.
Sophos's /Naked Security/ blog
and Mark Hofman at the /Internet Storm Center/
have more technical
write-ups on how the program actually works.
Because C# will only work on Windows(Windows)
computers out of the box
(Mac and Linux(Linux) users
have to install additional libraries and do extra configuration), a Java
port of LOIC also exists.
————————————————————————
One-Click DDoS Attack
————————————————————————
The most recent variant of LOIC is a new proof of concept that is
floating around called JS LOIC. The "JS" in the title stands for JavaScript.
This proof of concept, which doesn't appear to have as many features as
LOIC or Java LOIC — and may also be easier to stop — is actually pretty
clever.
Rather than requiring a user download program to run, someone can just
visit a web page with a single HTML file and press a button to carry out
their part of an attack.
On the one hand, the trick of using JavaScript to carry out this kind of
flooding attack is pretty clever. On the other hand, it's also pretty scary.
From what we can gather, the majority of the attacks on Operation
Payback targets are /not/ coming from web clients. However, that could
change.
We would caution users against clicking on any links claiming to aid in
this series of attacks. Not only is willfully participating in a DDoS
illegal in many countries, you never know what is behind the file you
download or what action clicking on that web button could trigger.
As with many other aspects of the WikiLeaks(Wikileaks)
saga, the distributed and
de-centralized nature of the Internet(Internet)
means that shutting down
all mirrors for documents — or even for attack tools — is an exercise in
futility."
No comments:
Post a Comment