Whoops! Online Mob Wannabes Getting Busted for Running LOIC
When Anonymous recruited minions to act as dupes to run a simple script to send oversized packets and pings against Paypal as retaliation for dropping the ability to contribute to Wikileaks and their ongoing criminal activity, those dupes had no idea that the payloads of those packets acted as a fingerprint. PayPal turned over logs to the FBI and they are simply going to round up the top 1000 participants. And they are doing it for the lulz.
From Wired here:
It turns out there’s a method behind the FBI’s raids of suspected Anonymous members around the country. The bureau is working from list, provided by PayPal, of the 1,000 internet IP addresses responsible for the most protest traffic during Anonymous’ DDoS attacks against PayPal last December.
FBI agents served 40 search warrants in January on people suspected of hosing down PayPal during ”Operation Payback” — Anonymous’ retaliatory attack against companies who blacklisted WikiLeaks. On July 19, the feds charged the first 14 defendants under the Computer Fraud and Abuse Act, and raided an additional 35 suspects for evidence.
PayPal collected traffic logs on a Radware intrusion prevention system installed on its network.
On December 15, the company turned over a USB thumb drive containing the Radware reports, which documented “approximately 1,000 IP addresses that sent malicious network packets to PayPal during the DDoS attacks.” The list represented the “IP addresses that sent the largest number of packets.”
It was easy to distinguish the packets coming from the’ “Low Orbit Ion Cannon” — Anonymous’ fire-and-forget DDoS tool — because they contained strings like “wikileaks,” “goof,” and “goodnight,” the affidavit notes.
There are many other characteristics of the LOIC traffic that can easily make the attacks distinguishable as opposed to simply hitting the refresh button over and over again. Any decent IDS can detect such traffic, and if these idiots were using their home computers, they are up shit’s creek about now.
Sites like Paypal and Ebay are built to withstand most DDoS’es anyways, and the entire online mob attack only resulted in a few spotty outages. But the righteous fury of the script kiddies that wanted to participate in online “protests” will likely earn them some real time in jail, which is okay with me for supporting a criminal like Assange and his leaks of secret information. So these mob participants wanted to mete out some justice? Seems like things are getting even more justicey now.
