Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


07:06 PM
Connect Directly

'Anonymous' Back With A Vengeance: Downs DoJ, MPAA, RIAA, Universal Music Websites

White House also being targeted as federal anti-piracy moves fuel widespread online attacks

In apparent retaliation for the federal takedown of online storage and file transfer site Megaupload announced by the Department of Justice today, the Anonymous hacktivist collective went to work waging mass distributed denial-of-service (DDoS) attacks that knocked offline the websites of the DoJ, Motion Picture Association of America, the Recording Industry Association of America, and Universal Music.

Also in the crosshairs of the hacktivists: the White House website, which as of this posting remained online, although Anonymous members were calling for targeting it as well. And security experts say this latest -- and possibly biggest -- DDoS campaign by Anonymous is far from over, with more targets to come. According to one tweet from AnonDaily, this is the largest attack by the hacktivist group, with more than 5,600 people using the Low Orbit Ion Cannon (LOIC) DDoS tool.

Barrett Brown, a former member of Anonymous who now runs an online activists entity called Project PM, tweeted today about another Anonymous campaign focused on Democratic members of Congress who remain in support of anti-piracy bills before Congress, the House’s Stop Online Piracy Act (SOPA), and the Senate’s Protect Intellectual Property Act (PIPA).

The wave of DDoS attacks came in reaction to DoJ’s announcement today that it had issued 20 search warrants in nine countries, including the U.S., and had seized $50 million in assets from Megaupload. Seven people were charged with copyright infringement and operation of a global criminal organization, including site founder Kim Dotcom (a.k.a. Kim Schmitz), who was arrested in New Zealand with three other suspects. The individuals are accused of supporting illegal downloads of music, movies, and other copyrighted content.

[Online protests blur anti-piracy legislation future. See The Day (Some Of) The Web Went Dark.]

An unsealed grand jury indictment said Megaupload made $175 million in subscriptions and advertising, and cost copyright owners some $500 million in lost revenues. While the company was based in Hong Kong, U.S. officials were able to take action because the company allegedly hosted some pirated content on servers in Ashburn, Va.

The timing couldn’t be more striking: The case hit the news one day after a high-profile online protest of SOPA and PIPA. Federal officials, however, told The Washington Post that the timing of the indictment announcement was a coincidence.

Megaupload posted a statement on its site prior to its takedown, stating that the allegations were “grotesquely overblown,” according to the AP.

"The fact is that the vast majority of Mega's Internet traffic is legitimate, and we are here to stay. If the content industry would like to take advantage of our popularity, we are happy to enter into a dialogue. We have some good ideas. Please get in touch," the statement said.

Meanwhile, Anonymous’ "OpMegaUpload" campaign is far from over, industry experts say. Look for other victims to face DDoS firepower as well. Yesterday’s online protest ferver, coupled with today’s indictment, merely fanned the flames for Anonymous and attracted more participants, one source said.

Among the tweets from accounts claiming to be from Anonymous was one that said: "Megaupload was taken down w/out SOPA being law. Now imagine what will happen if it passes. The Internet as we know it will end. FIGHT BACK."

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message. Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Overcoming the Challenge of Shorter Certificate Lifespans
Mike Cooper, Founder & CEO of Revocent,  10/15/2020
US Counterintelligence Director & Fmr. Europol Leader Talk Election Security
Kelly Sheridan, Staff Editor, Dark Reading,  10/16/2020
7 Tips for Choosing Security Metrics That Matter
Ericka Chickowski, Contributing Writer,  10/19/2020
Register for Dark Reading Newsletters
White Papers
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-10-20
The Transaction Insight reporting component of TIBCO Software Inc.'s TIBCO Foresight Archive and Retrieval System, TIBCO Foresight Archive and Retrieval System Healthcare Edition, TIBCO Foresight Operational Monitor, TIBCO Foresight Operational Monitor Healthcare Edition, TIBCO Foresight Transaction...
PUBLISHED: 2020-10-20
The Boxstarter installer before version 2.13.0 configures C:\ProgramData\Boxstarter to be in the system-wide PATH environment variable. However, this directory is writable by normal, unprivileged users. To exploit the vulnerability, place a DLL in this directory that a privileged service is looking ...
PUBLISHED: 2020-10-20
In Spree before versions 3.7.11, 4.0.4, or 4.1.11, expired user tokens could be used to access Storefront API v2 endpoints. The issue is patched in versions 3.7.11, 4.0.4 and 4.1.11. A workaround without upgrading is described in the linked advisory.
PUBLISHED: 2020-10-20
DomainMOD before 4.14.0 uses MD5 without a salt for password storage.
PUBLISHED: 2020-10-20
Netwrix Account Lockout Examiner before 5.1 allows remote attackers to capture the Net-NTLMv1/v2 authentication challenge hash of the Domain Administrator (that is configured within the product in its installation state) by generating a single Kerberos Pre-Authentication Failed (ID 4771) event on a ...