updated 3/14/2011 2:14:10 PM ET 2011-03-14T18:14:10

Hey, Anonymous, it looks like your cover's been blown and the feds are after you.

Many of the shadowy so-called hacktivists who launched distributed denial-of-service (DDoS) attacks against PayPal, Amazon and MasterCard during "Operation Payback" last month may have accidentally revealed their identities, according to a report today (Jan. 3) on the security blog Infosec Island.

It seems that the Low Orbit Ion Cannon (LOIC), an easy-to-use open-source tool used by many members of the ad hoc collective Anonymous to conduct DDoS attacks, isn't anonymous at all.

In fact, it sends the user's Internet Protocol (IP) address as it bombards target Web servers with useless requests for information.

Those IP addresses would be preserved as part of routine server log files, provided the server withstood the DDoS attack.

Now the FBI's got that log data, claims a pro-hacker blog called Anti-Forensics, and it's already making arrests.

"Operation Payback," launched in support of Wikileaks and its founder Julian Assange, knocked the MasterCard website offline on Dec. 8 but failed to take down Amazon or PayPal.

The Smoking Gun website posted an affidavit last Wednesday that showed the FBI was tracking websites that hosted Internet Relay Chat (IRC) discussions that coordinated attacks during "Operation Payback."

It mentioned LOIC, but not targeted server log files.

Encyclopedia Dramatica, an online reference for Internet pranksters, lists the IP logging as one of the flaws of LOIC, but tells anyone who gets caught to "just say your PC was infected by a botnet."


© 2012 SecurityNewsDaily. All rights reserved


Discussion comments


Most active discussions

  1. votes comments
  2. votes comments
  3. votes comments
  4. votes comments