Attacks/Breaches
1/29/2013
12:43 PM
50%
50%

Bank DDoS Attackers Claim Victory Regarding Film

One copy of widely viewed film that attacks the founder of Islam has been excised from YouTube. But who removed it, and will all copies be pulled?

Who Is Hacking U.S. Banks? 8 Facts
Who Is Hacking U.S. Banks? 8 Facts
(click image for larger view and for slideshow)
The group behind a series of distributed denial of service (DDoS) attacks that have disrupted U.S. banks' websites for four months is claiming a partial victory.

In a Pastebin post uploaded Tuesday, the Izz ad-Din al-Qassam Cyber Fighters said that the main copy of a film that mocks the founder of Islam had been removed from YouTube, where it had racked up 17.1 million views.

"The al-Qassam cyber fighters lauds this positive measure of YouTube and on this basis suspends his operation and plans to give a time to Google and U.S. government to remove the other copies of film as well," according to the post. "During the suspension of Operation Ababil, no attack to U.S. banks would take place by al-Qassam cyber fighters."

[ Want the latest on online bank attacks? Read Bank Attacker Iran Ties Questioned By Security Pros. ]

The group previously promised to continue its attacks pending the "erasing of that nasty movie," or for at least the next year. The movie in question is "Innocence of Muslims," a film that mocks the founder of Islam. A 13-minute clip of the film was uploaded to YouTube in September, and blamed for triggering riots across the Middle East after clips of the film were featured in local newscasts.

The al-Qassam cyber fighters have blamed both the United States and the "Zionist Regime" both for creating the film and then failing to remove it upon being threatened. In reality, many copies of the film have been uploaded to YouTube, which is owned by Google. As a private company, Google is largely free to legally follow any terms of service that it sets, and had previously declined to remove the video on public safety grounds, at least in the United States. But Google did block the film in countries with large Muslim populations -- including Egypt, India and Libya -- to comply with local laws or avoid offending users. "What's OK in one country can be offensive elsewhere," said a statement released by Google in September. "This video -- which is widely available on the Web -- is clearly within our guidelines and so will stay on YouTube."

Other copies of the film, however, now trigger this warning screen: "The following content has been identified by the YouTube community as being potentially offensive or inappropriate. Viewer discretion is advised." Users are given the option to continue to the film, or cancel their request.

But the removal of the main copy of Innocents of the Muslims -- the related link now resolves to a page that says, "This video has been removed by the user" -- begs the question: Who requested its removal? Google, which owns YouTube, declined to verify if the video had been removed by the account holder, who had been listed as "Sam Becile."

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
PJS880
50%
50%
PJS880,
User Rank: Ninja
2/3/2013 | 6:01:51 PM
re: Bank DDoS Attackers Claim Victory Regarding Film
What sort of false victory is the Izz ad-Din al-Qassam Cyber Fighters, which by the way needs to do something about about that mouthful, I donGÇÖt see any victory here? Are they referring to GoogleGÇÖs block in high Muslim populated areas, as to not cause riots amongst those nations? I have not watched the film, but if it was on the web once, it still is there somewhere I am sure. Last time I checked we donGÇÖt follow terrorist advice on what is appropriate and what is not.

Paul Sprague
InformationWeek Contributor
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-8891
Published: 2015-03-06
Unspecified vulnerability in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 5.0 before SR16-FP9, 6 before SR16-FP3, 6R1 before SR8-FP3, 7 before SR8-FP10, and 7R1 before SR2-FP10 allows remote attackers to escape the Java sandbox and execute arbitrary code via unspecified vectors...

CVE-2014-8892
Published: 2015-03-06
Unspecified vulnerability in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 5.0 before SR16-FP9, 6 before SR16-FP3, 6R1 before SR8-FP3, 7 before SR8-FP10, and 7R1 before SR2-FP10 allows remote attackers to bypass intended access permissions and obtain sensitive information via un...

CVE-2015-1170
Published: 2015-03-06
The NVIDIA Display Driver R304 before 309.08, R340 before 341.44, R343 before 345.20, and R346 before 347.52 does not properly validate local client impersonation levels when performing a "kernel administrator check," which allows local users to gain administrator privileges via unspecified API call...

CVE-2015-1637
Published: 2015-03-06
Schannel (aka Secure Channel) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly restrict TLS state transitions, which makes it easier for r...

CVE-2014-2130
Published: 2015-03-05
Cisco Secure Access Control Server (ACS) provides an unintentional administration web interface based on Apache Tomcat, which allows remote authenticated users to modify application files and configuration files, and consequently execute arbitrary code, by leveraging administrative privileges, aka B...

Dark Reading Radio
Archived Dark Reading Radio
How can security professionals better engage with their peers, both in person and online? In this Dark Reading Radio show, we will talk to leaders at some of the security industry’s professional organizations about how security pros can get more involved – with their colleagues in the same industry, with their peers in other industries, and with the IT security community as a whole.