Vulnerabilities / Threats

11:57 AM

Anonymous Threatens New York Stock Exchange Attack

Calls for distributed denial-of-service attack as part of the Occupy Wall Street protests.

10 Massive Security Breaches
(click image for larger view)
Slideshow: 10 Massive Security Breaches
A video that purports to be from the Anonymous hacktivist collective has called for a distributed denial-of-service (DDoS) attack to be launched against the New York Stock Exchange (NYSE).

"On October 10, NYSE shall be erased from the Internet, expect a day that will never, ever, be forgotten," according to a "message to the people" video posted to the AnonMessage YouTube channel on Friday. As with previous Anonymous communications, the video sports stirring music, stark visuals, and narration by a disembodied, synthesized voice. It also proposes using the Low-Orbit Ion Cannon (LOIC) DDoS tool, which is an open source network stress testing application, as "an option," but recommends that users "anonymize" themselves first. It also says that "we will have other (more powerful) means of taking down NYSE."

The FBI said it's investigating the Anonymous call to online arms. "The FBI is aware of these schemes and threats and is looking into the matter," FBI spokesman Tim Flannelly told

[ Learn the latest tactics that 'hacktivists' are using. Read WikiLeaks 'Hactivists' Target Fax Machines ]

But a post on Tuesday to the AnonOps Twitter feed, which has been a reliable source of information about Anonymous operations, called into question how many Anonymous members--if any--were planning to attack the NYSE. "We'll say it clear: We won't hack Wall Street. Please FBI invest the resources in better things!"

Likewise, a message posted to Pastebin under the Anonymous banner also disputed the video's authenticity. "It is a fake planted operation by law enforcement and cyber crime agencies in order to get you to undermine the Occupy Wall Street movement," said the post. "You must take all notices and information claiming to be 'Anonymous' with a grain of salt. Consider EVERYTHING."

In addition, no official Anonymous communication would encourage anyone to continue using "depreciated tools that have known flaws such as LOIC," according to the post. "Anonymous would never tell you to use LOIC--not after the arrests and failures of Operation Payback."

Indeed, the bureau, as well as law enforcement agencies abroad, continue to arrest suspects over LulzSec and Anonymous hacktivist attacks, for example relating to the breach of Sony's information security defenses, as well as attacks against the Serious Organized Crime Agency in the United Kingdom, and NATO servers. According to court documents, their investigations appear to be aided by people launching DDoS attacks and sometimes even using anonymizing tools, such as Tor, but still failing to fully disguise their IP address.

If the planned attack against the NYSE website isn't officially sanctioned by Anonymous, it does at least appear to fit with the group's previous modus operandi. Indeed, rather than attempting to knock NYSE trading offline, the video proposes attacking the NYSE website. Ranked by Alexa as being "one of the top 50,000 sites" on the Internet in terms of the amount of traffic it sees, the site isn't exactly high profile. But, as with the Anonymous pro-WikiLeaks attacks against the websites--but not payment processing systems--of such businesses as MasterCard and PayPal, the website takedowns-by-DDoS appear to be designed to publicize a cause, rather than compromise the companies' ability to do business.

Likewise, the DDoS attack planned for October 10 appears designed to support the current Occupy Wall Street protests in New York, which by Wednesday had been running for 19 consecutive days, as well as Occupy USA protests taking place around the country. "The events transpiring within Wall Street have gone awry; it seems that the government and federal agencies enjoy enforcing the law a little too much," according to the video supposedly released by Anonymous. "We witness the government enforcing the laws that punish the 99%, while allowing the 1% to escape justice unharmed for their crimes against the people."

Regardless, the FBI said that launching or intending to launch DDoS attacks is against the law. "It is a crime to show the intent to carry out a hack when you are in possession of software or computer applications to do so and we take it seriously," said Flannelly.

In "Becoming A Security Detective," this all-day virtual event from InformationWeek and Dark Reading, experts will offer detailed insight in how to collect security intelligence in the enterprise, and how to analyze and study it in order to efficiently identify new threats as well as low-and-slow attacks such as advanced persistent threats. It happens Oct. 20. Sign up now. (Free with registration.)

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
10/6/2011 | 3:20:02 PM
re: Anonymous Threatens New York Stock Exchange Attack
Just a bunch of wannabe hippy losers blaming everyone but themselves for their own failure. Get a job!
Exit to Shell
Exit to Shell,
User Rank: Apprentice
10/5/2011 | 8:16:21 PM
re: Anonymous Threatens New York Stock Exchange Attack
Respect!? Anonymous is a bunch of 2 year olds.
User Rank: Apprentice
10/5/2011 | 6:26:14 PM
re: Anonymous Threatens New York Stock Exchange Attack
at long last Anonymous gets some media attention and itGs nothing more than nefarious misinformation. when will the press stop playing it safe and give Anonymous both the respect and accurate coverage it deserves?
Facebook Aims to Make Security More Social
Kelly Sheridan, Associate Editor, Dark Reading,  2/20/2018
SEC: Companies Must Disclose More Info on Cybersecurity Attacks & Risks
Kelly Jackson Higgins, Executive Editor at Dark Reading,  2/22/2018
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.