Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

9/20/2010
09:39 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Mass Cyber Protests Target Recording Industry Association Of America And Motion Picture Association Of America

4chan users launched denial-of-service attacks on the organizations in protest against attempts to shut down free file-sharing sites

ORLANDO, Fla., Sept. 20 /PRNewswire/ -- PandaLabs, Panda Security's anti-malware laboratory, last Friday witnessed what could be the first organized mass cyber protest on the Internet, which targeted the Recording Industry Association of America (RIAA) and the Motion Picture Association of America (MPAA). The RIAA and MPAA had contracted with an Indian software company to shut down free file-sharing sites such as The Pirate Bay, driving users of the popular 4chan user group to call on its community to launch distributed denial-of-service attacks (DDoS) against the organizations.

"The most significant aspect of this event, in addition to the damage caused, is that it could mark the first mass cyber protest of its kind on the Web," said Luis Corrons, technical director of PandaLabs. "Numerous anonymous users have joined forces and pooled their resources toward a common cause over Internet rights. This attack is an example of the potential for future cyber protests and the difficulty in pinpointing and stopping them."

Supporting pictures are available at http://www.flickr.com/photos/panda_security/5007496635/ and http://www.flickr.com/photos/panda_security/5008105212/.

In 4chan users' attack against RIAA, the combined efforts led to 37 interruptions in the service, taking down the organization's site for one hour and 37 minutes. The portal gave instructions to users throughout the weekend, indicating the specific time to launch the attacks as well as the target IP address. Similarly, protesters tried to Google bomb a phrase accusing the president of the MPAA of "child molestation" and insinuating he belonged to a pedophile ring. One of the attacks also targeted the Indian software company that MPAA and RIAA contracted with to close down the free file-sharing sites.

4chan is a popular image board responsible for many Internet memes such as the Rickroll and LOLCats, as well as the "anonymous" assault on the Church of Scientology.

The next attack, which will target MPAA, is planned for tomorrow at 3 p.m. EDT. For more details on the attacks, which are being monitored in real-time by threat researcher Sean-Paul Correll, please visit http://pandalabs.pandasecurity.com/4chan-users-organize-ddos-against-mpaa/.

About PandaLabs

Since 1990, its mission has been to detect and eliminate new threats as rapidly as possible to offer our clients maximum security. To do so, PandaLabs has an innovative automated system that analyzes and classifies thousands of new samples a day and returns automatic verdicts (malware or goodware). This system is the basis of Collective Intelligence, Panda Security's new security model which can even detect malware that has evaded other security solutions.

Currently, 99.4 percent of malware detected by PandaLabs is analyzed through this system of Collective Intelligence. This is complemented through the effort of several teams, each specialized in a specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc), working 24/7 to provide global coverage. This translates into more secure, simpler and more resource-friendly solutions for clients.

More information is available in the PandaLabs blog: http://www.pandalabs.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 11/19/2020
New Proposed DNS Security Features Released
Kelly Jackson Higgins, Executive Editor at Dark Reading,  11/19/2020
How to Identify Cobalt Strike on Your Network
Zohar Buber, Security Analyst,  11/18/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: A GONG is as good as a cyber attack.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-5641
PUBLISHED: 2020-11-24
Cross-site request forgery (CSRF) vulnerability in GS108Ev3 firmware version 2.06.10 and earlier allows remote attackers to hijack the authentication of administrators and the product's settings may be changed without the user's intention or consent via unspecified vectors.
CVE-2020-5674
PUBLISHED: 2020-11-24
Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2020-29002
PUBLISHED: 2020-11-24
includes/CologneBlueTemplate.php in the CologneBlue skin for MediaWiki through 1.35 allows XSS via a qbfind message supplied by an administrator.
CVE-2020-29003
PUBLISHED: 2020-11-24
The PollNY extension for MediaWiki through 1.35 allows XSS via an answer option for a poll question, entered during Special:CreatePoll or Special:UpdatePoll.
CVE-2020-26890
PUBLISHED: 2020-11-24
Matrix Synapse before 1.20.0 erroneously permits non-standard NaN, Infinity, and -Infinity JSON values in fields of m.room.member events, allowing remote attackers to execute a denial of service attack against the federation and common Matrix clients. If such a malformed event is accepted into the r...