Tuesday, December 7, 2010

WikiLeaks Defenders Taking Down Paypal and PostFinance - Operation Defend Assange in Progress! Updated with Mirror Site For Wikileaks

There is an "Operation Defend Assange"  in progress right now.  Hackers are attacking companies who have gone against Wikileaks - Julian Assange by not allowing money for his defense, including the Swiss Bank that has frozen Julian Assange's defense bank account with $41,000 in it.

UPDATE - A Mirror Site of Wikileaks

UPDATE - 12/7/10 - 12:55pm est - Mastercard and Visa are refusing to take payments of Julian Assange and Wikileaks, to help him with his defense.

Article:


As WikiLeaks supporters and hackers hit PayPal and PostFinance with Denial-of-Service attacks for anti-WikiLeaks behavior, the group is also targeted in a DoS counterattack.

 

 

The anonymous group of hackers who launch DoS attacks against the entertainment industry refocused their campaign to target companies perceived to be anti-WikiLeaks. In response, the same group is also currently under a DoS attack for supporting the whistle-blowing site. 

“We fight for the same reasons,” such as more transparency and stopping censorship, and will “attack those against” WikiLeaks, the group said in a statement on its Web site on Dec. 5. The group plans to do several things, including organizing distributed DoS attacks on “various targets related to censorship,” according to the statement. 

Dubbed Anonymous, the group has an ongoing “Operation Payback” campaign against “anti-piracy groups,” and have targeted Motion Picture Association of America and the Recording Industry Association of America in the past. 

The group’s first victim was PayPal, knocking the payment service’s blog offline by early morning on Dec. 4, according to the cyber-security researchers at Panda Labs. PayPal had posted a statement on the blog that it had restricted the whistle-blowing site’s account for violating the Acceptable Use Policy with “activities that encourage, promote, facilitate or instruct others to engage in illegal activity.” Supporters had been using the PayPal account to make donations to keep the site going. 

After the blog went down, there was an announcement on Twitter: “TANGO DOWN — thepaypalblog.com—Blog of Paypal, company that has restricted Wikileaks’ access to funding.” 
PayPal got the blog back online after 8 hours and 15 minutes of total downtime and 75 service interruptions, according to the Panda Labs researchers. It wasn’t over, as the second attack hit the main PayPal site on Dec. 6. Shortly after, Anonymous’ Web site became unavailable, “presumably under counter DDoS attack,” said Panda Labs. The site currently has a note up confirming that it was under “heavy” DoS attack, more than six hours after it began. 

Despite being hit, Anonymous targeted PostFinance, the Swiss bank that froze $41,000 in an account set up as a legal defense fund for WikiLeaks founder Julian Assange, on Monday afternoon. PostFinance’s Web site went offline around 12 p.m. Eastern Standard Time, according to Panda Labs. It is still inaccessible, more than ten hours later. 

DoS attacks are becoming the tool of choice for making a statement to protest “hacker injustice,” according to Noa Bar Yossef, a senior security strategist at Imperva. In a classic example, hackers are trying to make money, but Operation Payback’s supporters are using the attacks to “cripple a service, disrupt services, protest their cause and cause humiliation,” said Yossef. 

In the classical scenario, the DoS attacks are carried out by botnets comprised of zombies, computers belonging to innocent individuals who’d been tricked into downloading bot malware, he said. In Operation Payback, however, participants are “knowingly” downloading the “DDoSing malware itself,” and there is “no victimized machine” in this “act of defiance,” he said. 

WikiLeaks was hit by a DoS attack hours before the whistle-blowing site was set to post more than 250,000 diplomatic documents. The attack was to punish WikiLeaks for “attempting to endanger the lives of our troops, ‘other assets’ & foreign relations,” according to “th3ef35t3r,” who claimed responsibility on Twitter. 

The WikiLeaks.org Web site was down for “1 day 3 hours and 50 minutes,” according to Panda Labs. After a second DoS attack by an unknown attacker, Amazon terminated its hosting services. On Dec. 3, the site’s DNS provider stopped service after yet another DoS attack hit everyDNS

The first attack was a “simple DoS,” as he doesn’t use “intermediaries or botnets,” according to th3ef35t3r’s Twitter account. The attack was carried out by the XerXeS tool, which can produce an automated DoS attack from a single low-spec computer, according to Anthony M. Freed, of security site Infosec Island.  

An Anonymous member posted on Twitter, “I’m not anti-government, anti-establishment, or anything of that sort. I’m just anti-…anti-WikiLeaks.” 

Anonymous is also circulating a statement titled “Operation Avenge Assange,” asking for supporters to join in the DoS attacks and mirror WikiLeaks, among other actions. According to the WikiLeaks site, there are already over 350 mirror sites helping to keep the site’s content online. 

Anonymous has not said who the next targets will be or whether the list will include Amazon and everyDNS. There is some speculation that the group will somehow target the French government for pressuring OVH to stop hosting the site.  

“Whoever tries to silence or discourage WikiLeaks, favors world domination rather than freedom and democracy,” the group said.

3 comments:

  1. Maybe a good thing ....

    We NEED transparency as part of a proper steering mechanism to survive the global society we created with technology.
    At this moment our society has an obsolete 200 years old steering mechanism with to many crisses. How can a few wise people understand these complex global issues pending ?

    Would we have gone to Iraq over Weapons of mass destruction is we were part of the diplomatic cable discussion ?
    Better of with more transparency ? Credit Crises / Cable gate shows governments are not so much in control of the global society.
    Wasn't it work of the press to tell us the truth ?

    At least the cork out of the bottle. Fact is that secrets are harder to keep anno 2010.
    Shutting down is naive. Discuss it is the only option.. Come on free press, have vision ..take the lead.

    ReplyDelete
  2. I think we need more transparency, yes. But is this the best way to achieve it? By compromising US diplomacy? Publishing cable mentioning that some leader described another leader as "stupid" is not going to promote transparency, it's just going to make diplomat's work tougher.

    Still, no big harm done, US government is overreacting.

    ReplyDelete
  3. No matter what you think of Wikileaks and what has happened, for Mastercard,Visa,Paypal & Amazon.com to assume they are guilty and suspend donations without a trial and proof of guilt violates the US Constitution. Besides why isn't the Private Manning of the military being prosecuted for leaking much of this?

    Since the government had knowledge of the document “theft” for several months, had time to investigate and identify digital fingerprints of those involved as well as the documents themselves, it is reasonable to question why no direct governmental action was taken when there was ample opportunity to do so.

    When all of the factors behind the WikiLeaks data dump are analyzed, I suspect that it this event will serve as a catalyst for this administration to advance their known objectives to regulate the internet.

    With Cass Sunstein as the head of the White House Office of Information and Regulatory Affairs , the organized chaos created by WikiLeaks will certainly provide the requisite fodder to control the type of information available through the internet.

    ReplyDelete