Feeds

Muslim vid protest hackers turn web-flood hosepipe away from US banks

But Iran not behind DDoS attacks, say security bods

High performance access to file storage

Islamist hackers busy blasting bank websites with network traffic have suspended their assault after a controversial anti-Muslim video ceased to be available through YouTube.

The Izz ad-Din al-Qassam Cyber Fighters crew launched a series of distributed denial-of-service (DDoS) attacks in September and December, with the stated aim of protesting against extracts of the Innocence of Muslims film appearing on Google's video clip site.

The search giant restricted the availability of the video in some countries following a wave of protests across the Middle East. The footage did not actually violate YouTube policies so it remained available to most, prompting the Izz ad-Din al-Qassam Cyber Fighters to launch packet-flooding attacks against Wells Fargo, Bank of America, Citibank and many other US banking organisations.

The assaults caused partial service disruption in some cases and may have spilled over to affect the website operations of European banks.

Earlier this month, US intelligence types told news reporters that the Iranian government was behind the "sophisticated" attacks.

But information security experts said the theory was unsubstantiated by any technical evidence and probably just hawkish sabre-rattling. The attacks involved hijacking thousands of compromised servers, rather than using a botnet of compromised home PCs, and generating huge volumes of traffic, reaching peaks of 75Gbps at times.

The security boffins said that compromised PHP web applications and insecure Wordpress installations powered the flood, which was directed using a hacker tool called Itsoknoproblembro.

There's no need to introduce a nation state to explain this type of attack, a point explained in some detail by Robert Graham of Errata Security here.

'Clear indication of progress and establishment of logic'

In any case, the Izz ad-Din al-Qassam Cyber Fighters crew suspended its campaign on Tuesday. In a message on Pastebin, the group said the "main copy of the insulting movie was removed from YouTube" describing this as a "clear indication of progress and establishment of logic instead of obstinacy".

The hacktivists said that, in response, they were downing DDoS tools even though copies of the trailer for the film continue to be available from YouTube.

"All of them needed to be removed. Meanwhile, we will control the situation constantly and closely and will adopt the correct decision according to the future circumstances," the group said. "The suspension of Operation Ababil has started today and will continue till further notice."

It's unclear whether or not Google has actually done anything. It's quite possible that the Izz ad-Din al-Qassam Cyber Fighters have decided to call a halt to their DDoS operations for some other reason and the group are trying to spin this as a victorious conclusion to a principled campaign.

From a Western perspective, there's no link between banks and online outlets such as YouTube. However cultural norms in the Middle East, where the state often controls media outlets and sometimes runs the banks, are very different, a factor that goes at least some way to explaining why Muslim activists would target financial institutions rather than the source of their displeasure. ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
OpenSSL Heartbleed: Bloody nose for open-source bleeding hearts
Bloke behind the cockup says not enough people are helping crucial crypto project
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Experian subsidiary faces MEGA-PROBE for 'selling consumer data to fraudster'
US attorneys general roll up sleeves, snap on gloves
Oz bank in comedy Heartbleed blog FAIL
Bank: 'We are now safely patched.' Customers: 'You were using OpenSSL?'
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.