On Thursday, Anonymous took down the Department of Justice website, among others, in retaliation to the file-sharing site Megaupload.com being taken offline. DOJ issued an indictment against the site and some of its founders for violating piracy laws and costing copyright holders more than $500 million in lost revenue.
While the attack on DOJ, RIAA (Recording Industry Association of America), Universal Music Group and MPAA (Motion Picture Association of America) was caused by a Distributed Denial of Service (DDoS), Gawker explains that Anonymous is using “an evil new tactic” that tricked some Twitter users and those on Anonymous chat rooms into participating in the attack without their knowledge.
Gawker explains that as part of “Operation Megaupload,” Anonymous distributed an “innocuous” link that when clicked would cause people to unwittingly become participants in the attack. Here’s what happened according to Gawker:
The link is being shared widely on Twitter and in Anonymous chat rooms, often with no context except that it relates to Operation Megaload. I clicked it a few minutes ago because it was being spammed in an Anonymous chatroom and found myself instantly DDoSing Universalmusic.com, my computer rapidly pinging the page with no way to stop except quickly closing the window.
The link is a page on the anonymous web hosting site pastehtml. It link loads a web-based version of the program Anonymous has used for years to DDoS websites: Low Orbit Ion Cannon. (LOIC). When activated, LOIC rapidly reloads a target website, and if enough users point LOIC at a site at once, it can crash from the traffic. Judging from a Twitter search, the link is being shared at a rate of about 4 times a minute, mostly by Spanish-speaking users, for some reason. (Here’s a link to the Twitter search, just don’t click the PasteHTML link.)
This is completely evil and could lead to huge numbers of witless internet users inadvertently attacking, say, the Department of Justice by clicking a random link they stumble across on Twitter.
According to Search Security, a DDoS attack is when many systems attack one target by overloading it with communication requests that it cannot keep up with, forcing it to shut down. Gawker explains in a second article from 2010 that a LOIC can be used by people who “have no idea how to hack” by making it as easy as downloading the LOIC, inserting target information (like a URL) and attacking. LOIC has a feature called “Hivemind,” Gawker reports, which allows one mastermind to control the site to which all LOIC clients are targeting.
According to Gawker, a DDoS attack is a criminal offense with up to 10 years of jail time, should you knowingly participate. Gawker reports that before with LOIC, the user had to consciously click a button called “fire” to become a participant. With Anonymous’ link yesterday, just clicking the link and leaving the window open initiates participation.
Gawker states the safest thing to do at present is to avoid clicking Anonymous-related links.
As of this morning DOJ, RIAA and MPAA were all functional. Universal Music Group displayed a message on its site that it was undergoing maintenance.