Vulnerabilities / Threats
10/5/2011
11:57 AM
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Anonymous Threatens New York Stock Exchange Attack

Calls for distributed denial-of-service attack as part of the Occupy Wall Street protests.

10 Massive Security Breaches
(click image for larger view)
Slideshow: 10 Massive Security Breaches
A video that purports to be from the Anonymous hacktivist collective has called for a distributed denial-of-service (DDoS) attack to be launched against the New York Stock Exchange (NYSE).

"On October 10, NYSE shall be erased from the Internet, expect a day that will never, ever, be forgotten," according to a "message to the people" video posted to the AnonMessage YouTube channel on Friday. As with previous Anonymous communications, the video sports stirring music, stark visuals, and narration by a disembodied, synthesized voice. It also proposes using the Low-Orbit Ion Cannon (LOIC) DDoS tool, which is an open source network stress testing application, as "an option," but recommends that users "anonymize" themselves first. It also says that "we will have other (more powerful) means of taking down NYSE."

The FBI said it's investigating the Anonymous call to online arms. "The FBI is aware of these schemes and threats and is looking into the matter," FBI spokesman Tim Flannelly told FoxNews.com.

[ Learn the latest tactics that 'hacktivists' are using. Read WikiLeaks 'Hactivists' Target Fax Machines ]

But a post on Tuesday to the AnonOps Twitter feed, which has been a reliable source of information about Anonymous operations, called into question how many Anonymous members--if any--were planning to attack the NYSE. "We'll say it clear: We won't hack Wall Street. Please FBI invest the resources in better things!"

Likewise, a message posted to Pastebin under the Anonymous banner also disputed the video's authenticity. "It is a fake planted operation by law enforcement and cyber crime agencies in order to get you to undermine the Occupy Wall Street movement," said the post. "You must take all notices and information claiming to be 'Anonymous' with a grain of salt. Consider EVERYTHING."

In addition, no official Anonymous communication would encourage anyone to continue using "depreciated tools that have known flaws such as LOIC," according to the post. "Anonymous would never tell you to use LOIC--not after the arrests and failures of Operation Payback."

Indeed, the bureau, as well as law enforcement agencies abroad, continue to arrest suspects over LulzSec and Anonymous hacktivist attacks, for example relating to the breach of Sony's information security defenses, as well as attacks against the Serious Organized Crime Agency in the United Kingdom, and NATO servers. According to court documents, their investigations appear to be aided by people launching DDoS attacks and sometimes even using anonymizing tools, such as Tor, but still failing to fully disguise their IP address.

If the planned attack against the NYSE website isn't officially sanctioned by Anonymous, it does at least appear to fit with the group's previous modus operandi. Indeed, rather than attempting to knock NYSE trading offline, the video proposes attacking the NYSE website. Ranked by Alexa as being "one of the top 50,000 sites" on the Internet in terms of the amount of traffic it sees, the site isn't exactly high profile. But, as with the Anonymous pro-WikiLeaks attacks against the websites--but not payment processing systems--of such businesses as MasterCard and PayPal, the website takedowns-by-DDoS appear to be designed to publicize a cause, rather than compromise the companies' ability to do business.

Likewise, the DDoS attack planned for October 10 appears designed to support the current Occupy Wall Street protests in New York, which by Wednesday had been running for 19 consecutive days, as well as Occupy USA protests taking place around the country. "The events transpiring within Wall Street have gone awry; it seems that the government and federal agencies enjoy enforcing the law a little too much," according to the video supposedly released by Anonymous. "We witness the government enforcing the laws that punish the 99%, while allowing the 1% to escape justice unharmed for their crimes against the people."

Regardless, the FBI said that launching or intending to launch DDoS attacks is against the law. "It is a crime to show the intent to carry out a hack when you are in possession of software or computer applications to do so and we take it seriously," said Flannelly.

In "Becoming A Security Detective," this all-day virtual event from InformationWeek and Dark Reading, experts will offer detailed insight in how to collect security intelligence in the enterprise, and how to analyze and study it in order to efficiently identify new threats as well as low-and-slow attacks such as advanced persistent threats. It happens Oct. 20. Sign up now. (Free with registration.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
UberGoober
50%
50%
UberGoober,
User Rank: Apprentice
10/6/2011 | 3:20:02 PM
re: Anonymous Threatens New York Stock Exchange Attack
Just a bunch of wannabe hippy losers blaming everyone but themselves for their own failure. Get a job!
Exit to Shell
50%
50%
Exit to Shell,
User Rank: Apprentice
10/5/2011 | 8:16:21 PM
re: Anonymous Threatens New York Stock Exchange Attack
Respect!? Anonymous is a bunch of 2 year olds.
JBUDDEMEYER000
50%
50%
JBUDDEMEYER000,
User Rank: Apprentice
10/5/2011 | 6:26:14 PM
re: Anonymous Threatens New York Stock Exchange Attack
at long last Anonymous gets some media attention and itG«÷s nothing more than nefarious misinformation. when will the press stop playing it safe and give Anonymous both the respect and accurate coverage it deserves?
http://littlebiggy.org/4631847
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-3946
Published: 2014-04-24
Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops do not occur for "a small percentage" of the packets, aka Bug ID CSCty73682.

CVE-2012-5723
Published: 2014-04-24
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.

CVE-2013-6738
Published: 2014-04-24
Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics Log Analysis 1.1 and 1.2 before 1.2.0.0-CSI-SCALA-IF0003 allows remote attackers to inject arbitrary web script or HTML via an invalid query parameter in a response from an OAuth authorization endpoint.

CVE-2014-0188
Published: 2014-04-24
The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary users via the X-Remote-User header in a request to...

CVE-2014-2391
Published: 2014-04-24
The password recovery service in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 makes an improper decision about the sensitivity of a string representing a previously used but currently invalid password, which allows remote attackers to obtain potent...

Best of the Web