Original URL: http://www.theregister.co.uk/2010/12/09/operation_payback_anonymous_wikileaks_infowar_latest/

Anonymous hackers' Wikileaks 'infowar' LATEST ROUNDUP

DDoS bombardment spreads: Op Payback to spare Twitter

By Lewis Page

Posted in Government, 9th December 2010 14:08 GMT

Online "warfare" between the friends and enemies of Wikileaks continues, with an increasing number of organisations involved.

The hacktivist collective Anonymous, operating under the banner Operation:Payback, has continued to mount various types of hacking attacks including DDoS strikes – supplemented by the use of illegal botnets – against targets assessed as being anti-Wikileaks. The anarchic hacker group has itself been subject to online interference from still-shadowier adversaries, perhaps self-styled American "patriots" who consider that Wikileaks' ongoing public drip-feed of classified US files allegedly passed to it by US soldier Bradley Manning (now in military custody) must be suppressed.

Payment organisations such as MasterCard, Visa and PayPal are being consistently hit by Operation:Payback, with ongoing website outages and some interference with payment operations reported by multiple sources. Anonymous members are angry with the payment firms for refusing to process contributions to Wikileaks, which can be presumed to be hurting Assange's organisation as Wikileaks' Icelandic payment processor is now threatening legal action against MasterCard and Visa.

Apart from the money movers, Anonymous has also attacked US Senator Joe Lieberman's official government site, causing outages, and that of erstwhile vice-presidential candidate Sarah Palin – in both cases for making public statements critical of Wikileaks or its spokesman Julian Assange.

There are also suggestions that as the online "infowar" escalates, outside observers are being targeted by one side or the other. A blog run by security firm Panda Labs, which has followed the DDoS battle closely and is one of the best sources of information, has itself come under DDoS attack - though it's not clear from which side.

Similarly there has been much discussion among the anarchic Anonymous collective on attacking Twitter – it being suggested that Twitter has purposely prevented the "infowar" becoming a trending topic under various tags. Meanwhile the @anon_operation Twitter account purporting to be a channel for Anonymous announcements has been suspended: but there is now a new one, Op_Payback. (Various media have quoted an individual using the alias "Coldblood" as an Anonymous spokesman, and it's entirely possible that this person is participating in the Op Payback effort, but Anonymous purists despise the use of individual handles in public – we're told that the term among the inner circle for one indulging in such antics is "namefag"*).

Anonymous will spare the 'Twitosphere'

Our sources*, however, suggest that the Anonymous consensus does not favour attacking Twitter. We're told:

Many news outlets reporting Twitter as potential target, this is not the case and never will be. There were some poorly informed calls to target the Twitosphere yesterday but we got their facts straight.

Anonymous also insists that it is on top in the online fight:

Your claim that this is somehow a two sided fight with patriotic dos-ers is flawed, counter-attacks have been minimal in effectiveness.

Panda Labs' analyst begs to differ, stating that anonops.net – the internet headquarters of Operation:Payback – has suffered many outages, though mostly brief in duration. As this piece is written, the hacktivist portal was showing 504 gateway time-out errors from London. Panda Labs has had little success in identifying who could be behind the DDoSing of Op Payback, but it is presumably a subset of those who have been mounting attacks against Wikileaks itself for some time.

Enter the contras

These possible contra-hacktivista "patriots" seem to be even less publicly chatty or identifiable than Anonymous, so far lacking even a visible badge or slogan, though they have apparently taken to using bots to flood the Anonymous chatrooms with jabber ("You have failed your people", "Cooperation is worthless" etc).

Panda Labs has managed to identify how Operation:Payback's apparently limited resources – the LOIC Hivemind volunteer botnet typically has only a few hundred machines attached – achieve their results. Some members of Anonymous are apparently muscling up the collective's DDoS using illegal, non-voluntary botnets they have created by infecting other people's machines with malware.

The security analysts have an interview with one such cowboy, who is herding a claimed 1,300-machine botnet, who added that a friend of his also contributes a 30,000-strong zombie herd. This individual said he had built up his net by distributing malware via torrents, and that thus far he had not profited personally from it – but that he intended to make money from botnets in future. He (we're guessing probably he, but we don't know) claimed to be 19 years old.

The online battles have focused principally on Wikileaks and its spokesman Assange (now jailed in London facing an extradition request from Sweden, which wants to speak to him in connection with alleged sexual offences against two women). However it isn't always remembered that in fact the principal actor against US government secrecy was not Wikileaks but Bradley Manning, the American soldier who allegedly supplied almost all Wikileaks' interesting information.

The channel Manning allegedly chose to use to distribute his vast caches of information lifted from the US government's classified networks is, in fact, relatively unimportant. He might have chosen simply to place it all on a server himself: suitable advertising in the right fora would probably have ensured that it would soon be downloaded and mirrored way beyond the US authorities' ability to suppress. Alternatively he might have chosen an established channel such as Cryptome.

Instead, the rogue army private allegedly chose Wikileaks, which has propelled the organisation and Assange to global fame – while Manning has become almost forgotten by everyone except the US military police. But not entirely: the city council of Berkeley in California is to vote next Tuesday on a resolution which would declare him a hero and call for his release, the AP reports.

Councillor Bob Meola, who drafted the resolution, told the San Francisco Chronicle that Manning is a patriot and deserves a medal. ®

Bootnotes

*Needless to say our source on this and other such matters remains Anonymous. Apparently your correspondent's flagging-up of a spelling mistake by this individual is, perhaps fairly, regarded as a low blow – it was the only typo in the email, putting the missive well up in the top bracket of those we've received from more or less any source.

We are also asked whether el Reg has a strong editorial policy "against this [Anonymous] movement". As to the rights and wrongs of the matter the Reg takes no stance - but as a news outfit we have to admit that we're quite pleased to have such a splendid and colourful online scrap to report on.

Register management, having witnessed the disasters befalling other online organisations which have angered Anonymous, would like to point out that Lewis Page is an unimportant, low-paid employee who is in no way representative of the Reg as a whole. Only a certain misguided sympathy for his cripplingly expensive alcoholism and many other personal problems has led to his continued employment, and they would ask that this charitable impulse not be punished too harshly.