Attacks/Breaches
1/29/2013
12:43 PM
50%
50%

Bank DDoS Attackers Claim Victory Regarding Film

One copy of widely viewed film that attacks the founder of Islam has been excised from YouTube. But who removed it, and will all copies be pulled?

Who Is Hacking U.S. Banks? 8 Facts
Who Is Hacking U.S. Banks? 8 Facts
(click image for larger view and for slideshow)
The group behind a series of distributed denial of service (DDoS) attacks that have disrupted U.S. banks' websites for four months is claiming a partial victory.

In a Pastebin post uploaded Tuesday, the Izz ad-Din al-Qassam Cyber Fighters said that the main copy of a film that mocks the founder of Islam had been removed from YouTube, where it had racked up 17.1 million views.

"The al-Qassam cyber fighters lauds this positive measure of YouTube and on this basis suspends his operation and plans to give a time to Google and U.S. government to remove the other copies of film as well," according to the post. "During the suspension of Operation Ababil, no attack to U.S. banks would take place by al-Qassam cyber fighters."

[ Want the latest on online bank attacks? Read Bank Attacker Iran Ties Questioned By Security Pros. ]

The group previously promised to continue its attacks pending the "erasing of that nasty movie," or for at least the next year. The movie in question is "Innocence of Muslims," a film that mocks the founder of Islam. A 13-minute clip of the film was uploaded to YouTube in September, and blamed for triggering riots across the Middle East after clips of the film were featured in local newscasts.

The al-Qassam cyber fighters have blamed both the United States and the "Zionist Regime" both for creating the film and then failing to remove it upon being threatened. In reality, many copies of the film have been uploaded to YouTube, which is owned by Google. As a private company, Google is largely free to legally follow any terms of service that it sets, and had previously declined to remove the video on public safety grounds, at least in the United States. But Google did block the film in countries with large Muslim populations -- including Egypt, India and Libya -- to comply with local laws or avoid offending users. "What's OK in one country can be offensive elsewhere," said a statement released by Google in September. "This video -- which is widely available on the Web -- is clearly within our guidelines and so will stay on YouTube."

Other copies of the film, however, now trigger this warning screen: "The following content has been identified by the YouTube community as being potentially offensive or inappropriate. Viewer discretion is advised." Users are given the option to continue to the film, or cancel their request.

But the removal of the main copy of Innocents of the Muslims -- the related link now resolves to a page that says, "This video has been removed by the user" -- begs the question: Who requested its removal? Google, which owns YouTube, declined to verify if the video had been removed by the account holder, who had been listed as "Sam Becile."

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
PJS880
50%
50%
PJS880,
User Rank: Ninja
2/3/2013 | 6:01:51 PM
re: Bank DDoS Attackers Claim Victory Regarding Film
What sort of false victory is the Izz ad-Din al-Qassam Cyber Fighters, which by the way needs to do something about about that mouthful, I donGÇÖt see any victory here? Are they referring to GoogleGÇÖs block in high Muslim populated areas, as to not cause riots amongst those nations? I have not watched the film, but if it was on the web once, it still is there somewhere I am sure. Last time I checked we donGÇÖt follow terrorist advice on what is appropriate and what is not.

Paul Sprague
InformationWeek Contributor
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7421
Published: 2015-03-02
The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a module name in the salg_name field, a different vulnerability than CVE-2014-9644.

CVE-2014-8160
Published: 2015-03-02
net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with disall...

CVE-2014-9644
Published: 2015-03-02
The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a parenthesized module template expression in the salg_name field, as demonstrated by the vfat(aes) expression, a different vulnerability than CVE-201...

CVE-2015-0239
Published: 2015-03-02
The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to gain guest OS privileges or cause a denial of service (guest OS crash) by triggering use of a 16-bit code segment for emulation of a SYS...

CVE-2014-8921
Published: 2015-03-01
The IBM Notes Traveler Companion application 1.0 and 1.1 before 201411010515 for Window Phone, as distributed in IBM Notes Traveler 9.0.1, does not properly restrict the number of executions of the automatic configuration option, which makes it easier for remote attackers to capture credentials by c...

Dark Reading Radio
Archived Dark Reading Radio
How can security professionals better engage with their peers, both in person and online? In this Dark Reading Radio show, we will talk to leaders at some of the security industry’s professional organizations about how security pros can get more involved – with their colleagues in the same industry, with their peers in other industries, and with the IT security community as a whole.