I have been closely tracking the Anonymous Hacker Group and its attacks against various Web sites and have found that the tool to initiate a denial of service attack has been downloaded over 40,000 times with the majority of downloads occurring in the US.
The tool was originally developed as an open-source network stress-testing tool. It was recently tweaked to include a central command-and-control module. Operation Payback’s ability to challenge serious sites and do that simultaneously is very much coupled to the introduction of the new version with its [command-and-control] capabilities. My speculation is that due to the substantial increase in downloads, it is highly likely this is no longer just a social movement, but also a technical movement like a botnet.
“The “voluntary” botnet is illegal. These attackers are downloading code which is performing an attack. Although they did not write the code, and although they are hiding behind the mask of so-called ideology, they are engaging in activity to disrupt a service. Which is illegal. Now with the rate of machines engaging in this activity, we are speculating that the hacktivists are now operating using involuntary botnets – infecting unaware victims to involve them in this campaign. And operating a botnet, is of course, an illegal activity.
The hacker group is in the process of coordinating botnets with over 100,000 computers capable of generating 800MGBPS traffic to increase the attack horsepower. An attack of that magnitude is likely to better test Amazon’s ability to deal with DDoS attacks.
Since yesterday alone the number of downloads for the Operation Payback Denial of Service tool has increased by 5,000:
This morning (GMT):
Last night (GMT):
To see how many downloads are occurring you can visit: https://github.com/NewEraCracker/LOIC/downloads for the command and control version or http://sourceforge.net/projects/loic/files/loic/stats/timeline for the manual download (you can change the date to get analysis on a different period).