Feeds

AntiLeaks group claim responsibility for WikiLeaks attacks

DDoS hampers Trapwire surveillance system leaks

Securing Web Applications Made Simple and Scalable

The WikiLeaks website has been under a major DDoS attack over the last few days and a group calling itself AntiLeaks has claimed responsibility.

"We are young adults, citizens of the United States of America and are deeply concerned about the recent developments with Julian Assange and his attempt at asylum in Ecuador," said the group's self-proclaimed leader, who calls himself Diet Pepsi.

"Assange is the head of a new breed of terrorist. We are doing this as a protest against his attempt to escape justice into Ecuador. This would be a catalyst for many more like him to rise up in his place. We will not stop and they will not stop us."

According to the WikiLeaks Twitter feed, the website, and those of its associates and mirrors, have been hit by a massive DDoS attack reaching 10Gbits/s and using a more complex system than a standard bulk UDP or ICMP packet flooding. The range of IP addresses is huge, indicating either thousands of machines taking part or some really good simulation.

The AntiLeaks group hasn't been heard of before and its Twitter feed only started this month. While it's possible they are simply claiming the attacks rather than carrying them out, it's clear the attacks are being taken by WikiLeaks as an attempt to shut down information.

The attack comes as WikiLeaks is trying to distribute more emails from the hacking of private security group Stratfor Global Intelligence. This latest batch, released in the last few days, concern the existence of a US-based monitoring system called Trapwire.

Trapwire was set up by the Abraxis Corporation, a private security operation fun by former intelligence officers and headed by ex-CIA man Richard Helms. The Abraxis CEO said in an interview seven years ago that the system was designed to share threat information and establish patterns of data that could be used to predict attacks.

"It can collect information about people and vehicles that is more accurate than facial recognition, draw patterns, and do threat assessments of areas that may be under observation from terrorists," he said. "The application can do things like 'type' individuals so if people say 'medium build,' you know exactly what that means from that observer."

Helms claimed then that it was the largest source of threat data outside the US government, and the leaked emails show its scope has widened further. According to one from Fred Burton, Stratfor's vice president for intelligence, the Trapwire network is now covering most North American and British high-value targets (HVT.)

"I knew these hacks when they were GS-12's at the CIA. God Bless America. Now they have EVERY major HVT in CONUS, the UK, Canada, Vegas, Los Angeles, NYC as clients," he wrote.

An annual Trapwire license will set the user back $150,000 he said, with a quarter-million dollar signup fee on top.

Meanwhile, the attacks on Wikileaks go on and the organization is appealing for more funds to get extra bandwidth. AntiLeaks might have a few more problems on their hands, however, if Anonymous is to be believed. ®

The smart choice: opportunity from uncertainty

More from The Register

next story
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.