The attacks were previewed Monday in a Pastebin post from Izz ad-Din al-Qassam Cyber Fighters, which promised to attack Capital One (Tues.), SunTrust Banks (Wed.), and Regions Financial (Thurs.), beginning at 2 p.m. British Time each day, and lasting for eight hours.
The group said it was continuing the "attack to your financial centers" as ongoing retaliation for the release of the Innocence of Muslims film that attacked the founder of Islam, an excerpt of which was posted last month to YouTube. The group also questioned why the film had been allowed to remain online, and contrasted the legal handling of the film with a lawsuit filed by the U.K's duke and duchess of Cambridge--the latter, formerly known as Kate Middleton.
"For instance, at the same time with the Queen of England family's complaint against an insulting photo published in the French magazines the photo was removed immediately. But you did not care about the demands of Muslims and called the fighter groups' activities terrorist attacks," it said in the Pastebin post.
[ The malware market puts everyone at risk. See Weaponized Bugs: Time For Digital Arms Control. ]
Capital One Wednesday confirmed that its website had been attacked, but suffered only disruptions. "We have no reason to believe that customer and account information is at risk," spokeswoman Tatiana Stead told CNBC. "As always, protecting customer information is a top priority." Likewise, SunTrust Wednesday confirmed that its site had been disrupted by attackers.
Meanwhile, Regions Financial told Bloomberg Wednesday that it had prepared for the forecasted Thursday attacks against its site. "We are aware that the group claiming responsibility for these attacks has identified Regions as one of its targets," said a spokeswoman. "We take online security seriously and are taking every measure to protect the company and our customers." Come Thursday, however, the bank's website appeared to be at least intermittently unavailable.
Previous attacks launched under the "Izz ad-Din al-Qassam Cyber Fighters" banner have disrupted the websites of Bank of America, JPMorgan Chase, PNC, U.S. Bank, and Wells Fargo. To date, the group or groups involved appear to have been launching distributed denial-of-service (DDoS) attacks to cause the disruptions, via compromised servers.
Some former U.S. government officials, in anonymous interviews, have accused the Iranian government of being behind the U.S. bank attacks, which they say began a year ago, and involved fraudulent wire transfers. But in their Pastebin post, the hackers appeared to dispute such criticism. "It is necessary to mention that the Izz ad-Din al-Qassam group has no relation with recent Trojan-based attacks which aims the people's electronic money transfers. Our activities are only against the insulting movie mentioned above," it said.
That came as an apparent, direct reply to the FBI, the Financial Services Information Sharing and Analysis Center, and the Internet Crime Complaint Center, which recently issued a joint warning that attackers wielding spam, keyloggers, and remote access Trojans (RATs) were targeting banking employees, and using stolen access credentials to execute fraudulent wire transfers of up to $900,000 at a time, moving the money into foreign accounts.