How Operation Payback Hacked into Mastercard and PayPal Using DDOS in Defense of WikiLeaks Project
Over the last few days, companies like Visa, Mastercard, PayPal and Amazon.com have found themselves targets of coordinated distributed denial-of-service attacks, designed to force their websites and other infrastructure elements offline.
In essence, what is happening is that lots and lots of individuals are hammering specific websites with TCP or UDP packets or HTTP requests. There are only so many resources to go around, which means that with enough individuals involved, even large websites can be taken down very quickly.
Most of the participants in Operation Payback are not hackers — at least not in the true sense of the word. Instead, these users are using computer programs — or more recently, simply visiting websites — in order to stage their attack.
The tool being used to power these attacks is called LOIC (Low Orbit Ion Canon). This tool, which was purportedly originally created to stress test networks, is written in C# and can be downloaded off open source code repositories like Github and Sourceforge.
LOIC can be used to target a website the user inputs, or using an option called Hive Mind, to connect to IRC or even Twitter, and grab information for a targeted web attack.
One-Click DDoS Attack
This proof of concept, which doesn’t appear to have as many features as LOIC or Java LOIC — and may also be easier to stop — is actually pretty clever.
Rather than requiring a user download program to run, someone can just visit a web page with a single HTML file and press a button to carry out their part of an attack.
From what we can gather, the majority of the attacks on Operation Payback targets are not coming from web clients. However, that could change.
We would caution users against clicking on any links claiming to aid in this series of attacks. Not only is willfully participating in a DDoS illegal in many countries, you never know what is behind the file you download or what action clicking on that web button could trigger.
As with many other aspects of the WikiLeaks () saga, the distributed and de-centralized nature of the Internet () means that shutting down all mirrors for documents — or even for attack tools — is an exercise in futility.