Attacks by "Anonymous" WikiLeaks proponents not anonymous
For a number of days the websites of MasterCard, Visa, PayPal and others are attacked by a group of WikiLeaks supporters (hacktivist). Although the group calls itself "Anonymous", researchers at the DACS group of the University of Twente (UT), the Netherlands, discovered that these hacktivists are easy traceable, and therefore anything but anonymous. The LOIC (Low Orbit Ion Cannon) software, which is used by the hacktivists, was analyzed by UT researchers, who concluded that the attacks generated by this tool are relatively simple and unveil the identity of the attacker. If hacktivists use this tool directly from their own machines, instead of via anonymization networks such as Tor, the Internet address of the attacker is included in every Internet message being transmitted. In the tools no sophisticated techniques are used, such as IP-spoofing, in which the source address of others is used, or reflected attacks, in which attacks go via third party systems. The current attack technique can therefore be compared to overwhelming someone with letters, but putting your address at the back of the envelop. In addition, hacktivists may not be aware that international data retention laws require that commercial Internet providers store data regarding Internet usage for at least 6 months. This means that hacktivists can still be traced easily after the attacks are over.
A complete report can be downloaded from this link.
The study received attention at several websites (selection):
The New York Times: http://gadgetwise.blogs.nytimes.com/2010/12/13/how-anonymous-shut-down-sites/?src=busln (reference to DACS website)
Le Monde Informatique: http://www.lemondeinformatique.fr/actualites/lire-wikileaks-les-attaquants-utilisants-loic-pourraient-etre-facilement-traces-32417.html
PC World: http://www.pcworld.com/businesscenter/article/213395/website_attackers _could_be_easily_traced_researchers_say.html
Wikipedia: LOIC: http://en.wikipedia.org/wiki/LOIC
The Sydney Morning Herald: http://www.smh.com.au/technology/security/wikileaks-cyber-war-proassange-anonymous-v-us-nationalists-20101213-18uuo.html
NOS headlines: http://headlines.nos.nl/forum.php/list_message/146455
The Tech Herald: http://www.thetechherald.com/article.php/201049/6543/A-week-with-Anonymous-Roundup
RTV-Oost: http://www.rtvoost.nl/nieuws/default.aspx?nid=119242 (video)
Nucia Forum: http://www.nucia.eu/forum/showthread.php?p=577860
American News Now: http://www.boingboing.net/2010/12/11/anonymous-isnt-loic.html
Gamers needs.net: http://www.gamerzneeds.net/news/701/ut-twente-anonymousddosers-not-anonymous/
Nieuwsblog België: http://www.nieuwsblog.be/nieuws/2010/12/11239/ut-twente--anonymous-ddos-ers-helemaal-niet-anoniem