Attacks/Breaches
10/24/2012
11:53 AM
50%
50%

U.S. Bank Hackers Promise DDoS Pause

In the sixth week since the launch of "Operation Ababil" attacks against Wall Street banks, online post says hacktivists are taking time off for a Muslim holiday.

Muslim Hacktivists Target U.S. Banks: 8 Facts
Muslim Hacktivists Target U.S. Banks: 8 Facts
(click image for larger view and for slideshow)
After six weeks of attacks, the Muslim hacktivist group that's knocked the websites of some of Wall Street's biggest banks offline announced that it's taking a holiday.

A Tuesday Pastebin post from the Izz ad-Din al-Qassam Cyber Fighters hacktivist group said that in honor of the Muslim Eid al-Adha holiday, which in 2012 runs from the evening of Oct. 25 to the evening of Oct. 26, they're planning a break. "To commemorate this breezy and blessing day, we will stop our attack operations during the next days," according to the group's statement. "Instead, we are going to have an interview with one of the American media and press about our ideas and positions." The group then solicited offers via a provided email address ([email protected]).

Last week, as part of what they've dubbed "Operation Ababil," the attackers launched distributed denial of service (DDoS) attacks that disrupted the websites of BB&T, HSBC, and Capital One--the lattermost site for the second time. Before that, previous attacks by the group had disrupted the websites of many of Wall Street's biggest financial institutions, including Bank of America, JPMorgan Chase, New York Stock Exchange, Regions Financial, SunTrust, U.S. Bank, and Wells Fargo.

[ The feds are looking for new ways to keep diplomatic employees safe. See After Benghazi, State Dept. Seeks Diplomat Tracking Technologies. ]

The hacktivists reiterated that their DDoS attacks have been launched in retaliation for the "organized insulting to the Prophet of Islam done by some arrogant western governments," by which the group was referring to the YouTube release of a clip of Innocence of Muslims, a film that attacks the founder of Islam, and which has been attributed to an Egyptian-born U.S. resident who is Christian. The hacktivist group has continually called for western governments to excise the film from the Internet.

The group also repeated that it's had no part in recent wire-transfer fraud campaigns. U.S. government officials, in anonymous media interviews, have accused Iran of orchestrating the attacks, and also said they've traced the Izz ad-Din al-Qassam Cyber Fighters attacks to a group of fewer than 100 information security specialists based at Iranian universities and technology companies.

"We have already stressed that the attacks launch only to prevent banking services temporarily throughout the day & there is no stealing or handling of money in our agenda," said the Izz ad-Din al-Qassam Cyber Fighters in their Pastebin post. "So if others have done such actions we don't assume any responsibility for it. Every day we are giving a compulsive break to all employees of one of the banks & its customers."

The group also disparaged a recent speech made by Defense Secretary Leon Panetta, in which he referred to the ongoing bank website disruptions, and warned that such attacks could become the norm or easily be extended to disrupt critical infrastructure systems in the United States. In response, the Izz ad-Din al-Qassam Cyber Fighters said that "Mr. Panetta has noted in his remarks to the potential cyber threats such as attacking on Power & Water Infrastructures, running off trains from the tracks & etc. On our opinion, these Panetta's remarks are for distracting the public opinion & in support of the owners of the bank's capital."

"So please stop these nonsense and just order the officials to remove the insulting video from Internet," the group said.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
PJS880
50%
50%
PJS880,
User Rank: Ninja
10/30/2012 | 5:17:20 PM
re: U.S. Bank Hackers Promise DDoS Pause
What? Are you serious? This is absolutist the funniest thing I have read today. The hackers are taking a holiday break and not going to work for a day? Here is an idea why don't we have our cyber defense team reverse attack this group? Why are they day after day attacking sites and getting away with it? Stop this group and make a statement out of them. As far as the rest of the world is concerned how does this look toward our financial security if a group is knowingly attacking financial sites and getting away with day after day? I thought we were good let's see why we have all these security officials in place can really do anything about it. This day off would be a great day to start!

Paul Sprague
InformationWeek Contributor
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "Why else would HR ask me if I have a handicap?"
Current Issue
The Changing Face of Identity Management
Mobility and cloud services are altering the concept of user identity. Here are some ways to keep up.
Flash Poll
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio

The cybersecurity profession struggles to retain women (figures range from 10 to 20 percent). It's particularly worrisome for an industry with a rapidly growing number of vacant positions.

So why does the shortage of women continue to be worse in security than in other IT sectors? How can men in infosec be better allies for women; and how can women be better allies for one another? What is the industry doing to fix the problem -- what's working, and what isn't?

Is this really a problem at all? Are the low numbers simply an indication that women do not want to be in cybersecurity, and is it possible that more women will never want to be in cybersecurity? How many women would we need to see in the industry to declare success?

Join Dark Reading senior editor Sara Peters and guests Angela Knox of Cloudmark, Barrett Sellers of Arbor Networks, Regina Wallace-Jones of Facebook, Steve Christey Coley of MITRE, and Chris Roosenraad of M3AAWG on Wednesday, July 13 at 1 p.m. Eastern Time to discuss all this and more.