|Right now, as you read this, there is a random group of about 5,000 people talking and plotting on how to exact revenge on various corporations that have been less than helpful with the operations of WikiLeaks. They call this “OperationPayback” and it has been broken down into several specific attacks to corporations like MasterCard, Visa, Amazon, Paypal, Swiss Postal Finance, and more. The group itself is called Anonymous, but they are operating under the online infrastructure called “anonops” (which is a tech term for anonymous operations).|
So, what is Anonymous? Well, it could be you. The general concept is simple, there are people that want to send a message that the Internet is a sovereign territory and they are grouping together on a specific cluster of Internet Relay Chat (IRC) servers. The active server right now is irc.anonops.net. When you join the server it suggests several channels for you to join (channels are like chat rooms): #vhost, #target, #WikiLeaks, #propaganda, #recruit, #setup, #lounge, and #anonops
So what you do is join #setup and it tells you to go to a specific URL to get the DDoS attack software. There’s a really nice helpful FAQ and help page, which will show you want to do.
|Their DDoS tool is called LOIC or “Low Orbit Ion Cannon”, which was originally a web site load testing utility that was open sourced. These guys hacked in a new feature called HIVEMIND, which allows you to start LOIC and have it connect back to anonops for instructions. Once they get your computer to join their botnet, your computer joins the attack, at your will.
“<snape:#Setup> TARGET: www.mastercard.com IP: 18.104.22.168 – 0 REQUESTS MEANS TARGET DOWN!”
Support page/FAQ on how to attack Anonymous targets
What is amazing is that these people are having success, they are operating a full PR campaign that has created logos, Wikipedia pages, web sites, operations infastructure, and attack software. Now, they are getting angry people all over the world to join in on their cause and start attacking whatever they choose. It’s hacktivism at its best.
Their botnet is also rather unusual. Unlike botnets in the past (which take advantage of holes in operating systems to install the bot software) this botnet is made up of volunteers. It’s opt-in and if you follow their instructions, once it is up and running, you are to, “Sit back and watch the show”.
Right now they are a bit disorganized and they don’t have much polish to what they are doing. For example, their IRC servers are not tuned for high amounts of users and often crash (which is when Mastercard’s web site comes back online). They are also heavily dependent on the domain anonops.net and anonops.info so if those sites go down it will take some work to get reorganized. Yet, over time, this could really become something resembling Flight Club where the group creates better attack software, better processes, has heightened security, membership vetting, and eventually their own governmental structure.
Despite all of their rough edges — they do currently have a streaming radio station (which is quite good) radio.anonops.net and they did take down Mastercard and VISA.
Welcome to the age of the Digital Native