07:06 PM
Connect Directly

'Anonymous' Back With A Vengeance: Downs DoJ, MPAA, RIAA, Universal Music Websites

White House also being targeted as federal anti-piracy moves fuel widespread online attacks

In apparent retaliation for the federal takedown of online storage and file transfer site Megaupload announced by the Department of Justice today, the Anonymous hacktivist collective went to work waging mass distributed denial-of-service (DDoS) attacks that knocked offline the websites of the DoJ, Motion Picture Association of America, the Recording Industry Association of America, and Universal Music.

Also in the crosshairs of the hacktivists: the White House website, which as of this posting remained online, although Anonymous members were calling for targeting it as well. And security experts say this latest -- and possibly biggest -- DDoS campaign by Anonymous is far from over, with more targets to come. According to one tweet from AnonDaily, this is the largest attack by the hacktivist group, with more than 5,600 people using the Low Orbit Ion Cannon (LOIC) DDoS tool.

Barrett Brown, a former member of Anonymous who now runs an online activists entity called Project PM, tweeted today about another Anonymous campaign focused on Democratic members of Congress who remain in support of anti-piracy bills before Congress, the House’s Stop Online Piracy Act (SOPA), and the Senate’s Protect Intellectual Property Act (PIPA).

The wave of DDoS attacks came in reaction to DoJ’s announcement today that it had issued 20 search warrants in nine countries, including the U.S., and had seized $50 million in assets from Megaupload. Seven people were charged with copyright infringement and operation of a global criminal organization, including site founder Kim Dotcom (a.k.a. Kim Schmitz), who was arrested in New Zealand with three other suspects. The individuals are accused of supporting illegal downloads of music, movies, and other copyrighted content.

[Online protests blur anti-piracy legislation future. See The Day (Some Of) The Web Went Dark.]

An unsealed grand jury indictment said Megaupload made $175 million in subscriptions and advertising, and cost copyright owners some $500 million in lost revenues. While the company was based in Hong Kong, U.S. officials were able to take action because the company allegedly hosted some pirated content on servers in Ashburn, Va.

The timing couldn’t be more striking: The case hit the news one day after a high-profile online protest of SOPA and PIPA. Federal officials, however, told The Washington Post that the timing of the indictment announcement was a coincidence.

Megaupload posted a statement on its site prior to its takedown, stating that the allegations were “grotesquely overblown,” according to the AP.

"The fact is that the vast majority of Mega's Internet traffic is legitimate, and we are here to stay. If the content industry would like to take advantage of our popularity, we are happy to enter into a dialogue. We have some good ideas. Please get in touch," the statement said.

Meanwhile, Anonymous’ "OpMegaUpload" campaign is far from over, industry experts say. Look for other victims to face DDoS firepower as well. Yesterday’s online protest ferver, coupled with today’s indictment, merely fanned the flames for Anonymous and attracted more participants, one source said.

Among the tweets from accounts claiming to be from Anonymous was one that said: "Megaupload was taken down w/out SOPA being law. Now imagine what will happen if it passes. The Internet as we know it will end. FIGHT BACK."

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message. Kelly Jackson Higgins is Senior Editor at She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise Magazine, ... View Full Bio

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2014-07-11
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777.

Published: 2014-07-11
Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

Published: 2014-07-11
The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.

Published: 2014-07-11
Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.

Published: 2014-07-11
Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.