FBI executes search warrants on 40 "anonymous" WikiLeaks defenders

Filed Under: Denial of Service, Law & order

FBI badge and gunThe FBI announced today that they executed more than 40 search warrants in conjunction with the UK's Metropolitan Police against participants in the DDoS'ing of WikiLeaks "enemies".

Unlike the Met Police, the FBI did not release many details as to who they may have executed the warrants against, or specifically what they were looking for. It is likely they were intending on seizing the computers used during the attacks to look for logs related to the planning and execution of the attacks.

The FBI's press release implies that the attackers created the tools to attack Mastercard, Visa and others.
Highlight from FBI press release
I believe most attackers were using an "off the shelf" DDoS tool called LOIC which is unrelated to "Anonymous". LOIC is developed by Alexander M. Batishchev, which by definition makes him not anonymous...

Suggesting that creating a multi-purpose tool is the reason they are executing these warrants strikes a chill in me. That would be like going after Stanley Tools for making the box cutters that the 9-11 hijackers used. I hope it is an honest mistake.

While we took a lot of criticism from some readers about our warnings about the criminality of participating in DDoS attacks, the FBI clearly states that:

"The FBI also is reminding the public that facilitating or conducting a DDoS attack is illegal, punishable by up to 10 years in prison, as well as exposing participants to significant civil liability."

If you are a Sophos administrator and want to be sure your organization doesn't have a free spirit who wishes to use company assets to assist in these types of attacks you can simply block LOIC under PUAs (Potentially Unwanted Applications).

Additionally by properly configuring your client firewall not to allow outbound internet access from unknown applications you can even stop unknown and not yet invented malicious tools.

, , , , , ,

You might like

12 Responses to FBI executes search warrants on 40 "anonymous" WikiLeaks defenders

  1. Phil Champ · 1299 days ago

    "The attacks were facilitated by the software tools the group *makes available* for free download on the Internet."

    No implication there that the attackers created the tools, Chet.

  2. Gibbo · 1299 days ago

    Phil , Its clear that Sophos needs to do a bit of checking here, as the orginal tool is subverted by another programmer who claims to be part of these "pimply faced adolescent overlords"

    That subverted tool is what they are flogging on the net and not the orginal "loic"

  3. WorBlux · 1299 days ago

    The FBI isn't a court, and as such isn't qualified to make statements about legality/illegality.

    Weather a person directing their own machines for a DoS attack hasn't ever been ruled on.

    • Vladimir · 1297 days ago

      So destroying other peoples property by yourself is not illegal, but cooperating in doing that is? lol.

      • mushhead · 1296 days ago

        I don't see the connection between Worblux's statement and yours. Firstly, where is the damage to someones property in a DoS attack? Secondly, he states that no-one has been prosecuted as an individual for cooperating in a DDoS attack. I think that he believes only the organisers have. I'm not sure whether that is true so am not going to comment but I will state that I don't believe that you could prosecute any one person for trying to access a website and that it would be difficult to prove that it wasn't either down to a hack or a genuine desire to access the site. Even so, there is no damage to property and it seems from this article that the sites which have been targeted are the ones of credit card companies who make a fortune from others misfortunes. To hell with them and I support any action which reduces profits to big businesses like these.

  4. guy · 1296 days ago

    Why didn't the FBI go after the people who DDOS wikileaks? Why was there no investigation into that?

    This is not comparable to massive bot networks of infected computers, it was more like a campus sit in. Every person volunteered their computer and internet to show mastercard they felt strongly about wikileaks.

    Infact mastercard was still allowing donations to the KKK when they stopped payments to wikileaks.

    So I think these issues need to be addressed.

  5. The Observer · 1289 days ago

    For explanations on why it was not DDoS (or alike) read R. Stallman's on FSF site
    http://www.defectivebydesign.org/wikileaks and draw your own conclusions.

  6. Guest · 1272 days ago

    You know, all these law enforcement efforts against Anonymous could be put to a better use ferreting out the criminal scammers bilking unsuspecting internet users. Really makes you wonder !

  7. Frank · 1272 days ago

    Its called 'security theatre'. All drama, all the time.

  8. Paul Winkler · 1258 days ago

    Hopefully Anonymous will keep up the good work despite the legal shenanigans.

  9. I am a supporter of AnonOps however I am not happy that I was hacked and my personal information was stolen.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Chester Wisniewski is a Senior Security Advisor at Sophos Canada. He provides advice and insight into the latest threats for security and IT professionals with the goal of providing clear guidance on complex topics. You can follow Chester on Twitter as @chetwisniewski, on App.net as Chester, Chester Wisniewski on Google Plus or send him an email at chesterw@sophos.com.