Godaddy Sites Back Online After Outage

A large number of websites that were either hosted or using GoDaddy name servers went down for more than four hours today following an outage in their DNS server. GoDaddy has been working to fix the issue and now it looks like almost all sites are back online.

There are speculations on what caused the glitch with some blaming it on the online vigilante group, Anonymous. A Brazilian twitter user loosely affiliated with Anonymous even tweeted the following, taking responsibility of the outage.

I’m taking godaddy down bacause well i’d like to test how the cyber security is safe and for more reasons that i can not talk now.

GoDaddy has been in the receiving end of similar attacks by Anonymous after their support to the infamous anti-piracy bill SOPA. But we are not yet able to verify whether this outage was a result of any kind of attack and there’s a good chance that this might just be a glitch in their DNS configuration. GoDaddy, while not mentioning whether the outage was a result of a DDoS attack, has tweeted that there was no compromise of user data.

WIRED is also reporting that GoDaddy has migrated some of the DNS records to VeriSign following the outage. It is not yet clear whether they are migrating the whole DNS configurations from the affected server or just the one for GoDaddy’s website which was also affected by the outage.

MTNL Website Hit By A DDoS Attack By Anonymous India

In their bid to lash out at the very staunch supporters of censorship and blatant liars and looters in general (read: the great Indian Internet Service Providers), Anonymous India has been doing pretty much the same thing that Anonymous Everywhere Else does:-

  1. Download the Low Orbit Ion Cannon software (a freely available Denial of Service attack software that keeps asking the target server several random bits of useless information, and thus clogging it)
  2. Get a bunch of friends and decide on a fairly useless website as the target (which usually does not have many servers to back up the content)
  3. Giggle manically
  4. ????
  5. PROFIT!! (Or at least, some drama)
So, Anon turned its head towards Mahanagar Telephone Nigam Limited (MTNL), the State’s ISP for Mumbai and New Delhi and launched a Distributed Denial of Service (DDoS) attack on its corporate website, leaving many a head in the MTNL office scratching their heads.
This was done to protest against the censorship of several sites such as The Pirate Bay and Vimeo.
We are against Internet Censorship. Instead of blocking few URLs the ISP blocked the whole domain of various file sharing websites. The HC Madras, DoT didn’t isssue any list of websites to be blocked still ISP supported internet censorship.
Apparently MTNL’s managers have absolutely no idea why these sites are banned.
These sites are generally blocked due to court orders or directives from the Telecom Department. But I cannot say for sure
It is very mind boggling indeed. But if this is the case with an alleged court order, then I am very sure this DDoS would not be more than a minor irritation on some of these employees of MTNL, many of whom would be quite surprised to know that their ISP has a corporate website.

Anonymous India Declares War On Censorship, Hacks Reliance Communication’s Network

The cat and mouse game of Internet censorship in India is getting too dangerous with each day.

A few weeks back, several Indian ISP’s censored torrent sites such as The Pirate Bay and blocked the very popular video sharing site Vimeo. The list of ISP’s include  Airtel, Reliance, MTNL and Youbroadband – some very big names who have thousands of customers in India. The explanation – Reliance Entertainment has obtained John Doe court orders and ISP’s are directed to block access to torrent and video sharing sites where pirated materials are distributed. (see example)

I am not sure how I am able to surf Vimeo, ThePirateBay, Pastebin and other blocked sites through my internet connection. I use BSNL broadband and have a Tata Photon connection but both these ISP’s haven’t blocked any site because of a so called court order. How awkwardly rebellious!

But then, Newton’s third law must manifest itself.

Anonymous, the infamous hacker group decided to have a go at Indian Government and they managed to take down Indian Government websites (here is the tweet from opindia). Now they are going all guns blazing towards Reliance and they have successfully hacked into the servers of Reliance communication, a sister concern of Reliance Entertainment. This blow from Anonymous is confirmed after some users reported that they were greeted by the following message, while trying to access social sites through the Reliance communications network.

reliance-hacked

Here are a few more screenshots, courtesy Whitec0de and ZDNet:

twitter-hacked-whitecode

opindia-hack

 

The defaced page of Anonymous India has a pretty long “press release” which kind of announces their propaganda against the injustice caused by Indian Government and Indian ISP’s such as Reliance communications. The group has also organized a Facebook event asking users to wear masks on June 9th, 2012, in protest for internet freedom and free speech.

anon-fb-event

 

Offense is the best defense. Agreed.

But the way these hacks are projected to the public, the issue may turn into a ridicule – everyone fighting with the other and nobody has any clue what they are fighting for. The issue here is freedom of voice, which can not be achieved by stabbing swords in each others back. The principle is forgotten amongst silly rules, turning the situation into a bureaucratic joke.

We have seen this mob war in past, Indian hackers hacked Pakistani websites which was soon followed by a Pakistani group hacking Indian Government sites. Why did the Indian hackers hacked Pakistani Government sites in the first place? The goal was to protest against Mumbai Bomb blasts, but in practice – their movement turned into a cyber war which was cease-fired through mutual agreement.

Now that Anonymous has declared war on Indian ISP’s, this might hurt end users in the long run. The law has a very long arm, scratching an unhealed wound will only make matters worse.

P.S: There is a rumor that Indian Government may ban HTTPS and SSH. This ran shivers through my veins but I calmed down on realizing that the report is 11 years old and the proposal was never tabled.

Update: Anonymous India has released a video on YouTube urging users to join their cause on June 9th, 2012. This is getting interesting!

[Updated] Anonymous Takes Down Congress and Supreme Court Website

UPDATE: A recent tweet by @opindia_revenge reveals that Anonymous has successfully managed to take down the Department of Telecom’s website – dot.gov.in

UPDATE: Looks like both the sites – supremecourtofindia.nic.in and aicc.org.in are back in action again! However, @opindia_revenge has tweeted with the following message:

Anonymous Takes Down Indian Govt. Websites

Anonymous group has successfully taken down the website of Supreme Court of India (supremecourtofindia.nic.in) and the official website of the All India Congress Committee (aicc.org.in). The reason being due to the fact that the Indian Government is taking Internet Censorship quite seriously, and has ordered most of the Indian ISPs to block websites including, Vimeo, ThePirateBay, Pastebin, Dailymotion, and many others.

Since yesterday, many users on Twitter were reporting that popular file sharing and torrent sites were blocked by major ISPs like Airtel, Reliance, MTNL and You Broadband ISP. Upon visiting the blocked sites, the following message is displayed – “Access to this site has been blocked as per Court Orders.”

Anonymous

Within hours, the government websites were taken down by Anonymous, an act of revenge, due to the very fact that the Indian Government had ordered ISPs to block ThePirateBay and other sites.


Anonymous Takes Down Govt. Sites

The first tweet came in from @opindia_revenge indicating that they’re going to “paralyze” the two websites. An hour later, a confirmation tweet followed stating – “We have successfully taken down our main enemy –>> http://dot.gov.in Department of telecom +1 for #opindia”

Although they mentioned that they had managed to take down the Department of Telecom’s websites (dot.gov.in), but at the time of writing this article, the website was fully functional.

The government websites are reportedly down since 17th May 2012, 15:30 IST

Back in June 2011, Anonymous has successfully hacked the National Informatics Centre’s (NIC) websites due to the action taken against Baba Ramdev’s anti-corruption campaign by the Delhi Police. They also managed to hack the Indian Army’s website, which was down for an hour or so.

In response to this, the Indian Twitter and Facebook account of Anonymous were suspended and all videos from its YouTube account were removed completely.

Pirate Bay Criticizes Anonymous for Virgin Media DDoS

A UK based ISP Virgin Media has decided to ban access to the Pirate Bay, following a court order. The court order affects five major ISPs in the UK, Virgin Media being the second largest in all of Britain. British Telecom (BT) is still in talks over this matter, in spite of being asked to implement a ban, last year. The ban on The Pirate Bay came after the British Phonographic Industry (BPI), which represents a number of media houses, aggressively pursued a case.

Furious over the ban, The Pirate Bay has given enough tips to circumvent this ban, rendering it useless anyway. On the bright side of things, it has also recorded a traffic boost of 12 million, after the court order. However, when Anonymous came out in support of The Pirate Bay and decided to DDoS Virgin Media, it was not pleased at all. The DDoS was carried out between 5 and 6 PM and Anonymous took down the Virgin Media website for over an hour.

The Pirate Bay has made it clear that it does not support DDoS as a means of protest.the-pirate-bay-virgin-hack

We believe in the open and free Internet, where anyone can express his or her views. Even if we strongly disagree with them and even if they hate us. So don’t fight them using their ugly methods. DDOS and blocks are both forms of censorship. If you want to help; start a tracker, arrange a manifestation, join or start a pirate party, teach your friends the art of bittorrent, set up a proxy, write your political representatives, develop a new p2p protocol, print some pro piracy posters and decorate your town with, support our promo bay artists.

With this ban, Virgin Media has become the first UK based ISP to impose a ban on The Pirate Bay. Legally, Virgin Media is not at fault here because it is just following court orders. However, instead of accepting the ban so happily, Virgin should have questioned the decision and followed BT’s example. ISPs should in no way determine what content to push to its users, and what to filter; this is against net-neutrality and free speech. If they are being forced to censor content like in this case, it is their rightful duty to question such decisions, as BT did.

Anonymous Brings Down the Great Firewall of China with a Massive Hack

After a long inactive period, Anonymous has resurfaced with a massive hack in China. Nearly 500 websites have been hacked in this operation and these attacks have been carried out by an Anonymous group based off China. A Chinese Anonymous Twitter account was created to announce this operation involving the takedown of government websites, contractors and several trade groups. This marks the most successful hack by the Anonymous faction, because the Great Firewall of China was believed to be impenetrable until now.

Anonymous China started announcing the hack on a Twitter account, @AnonymousChina. However, the account was taken down later and all its tweet were removed. Nonetheless, Anonymous China has another Twitter account in place (WeWorkForGlobal) to spread its propaganda. Most of the hacked websites are still showing a message from Anonymous. It was reported that some of these websites came back online for a brief period, only to be DDoSed again. The complete list of hacked websites can be found on this page.

The message on all the hacked websites reads,

Hello, everyone! Message to the Chinese government: Over the years, the Chinese communist government to unfair laws and unhealthy process to control the people. Dear Chinese government, you is not never fall, and today the website is black, tomorrow is your evil regime fell. So do not think we will give up, never give up. All you have done to the people today, tomorrow will double back. Not a hint of tolerance. No one can stop us, not your anger, nor your arms. Not deter us, because you can not be intimidated by the thought. Chinese friend’s message: You have been in a do not understand you suffer under the tyranny of the government. We are with you. At this point, here with you. Tomorrow and beyond will be to ensure your freedom. We never give up. Do not give up hope, and revolution created since your heart. The silence of other countries has highlighted the fact that China’s lack of democracy and justice. This is intolerable. We are fully committed to fighting for your freedom.

Just last week, one of China’s defence contractors, China National Import & Export Corp. (CEIEC), was hacked by a hacker who likes to call himself Hardcore Charlie.

This breach of the Great Firewall of China proves the futility of having a government regulated censorship of this form. However, the matter might not end here. China itself has many pro-government hackers and they might retaliate with a counter attack or a dox of the hackers involved in this breach. We have seen Anonymous getting pwned by the ruthless Mexican drug mafia earlier. Let us just hope that this does not end up in bloodshed.

SourceForge Takes Down the Dubious Anonymous OS Linux Distro

The popular online source code repository, SourceForge, has taken down a project that likes to call itself the Anonymous OS. This Project was uploaded on SourceForge almost a week ago and it has grabbed nearly 5000 downloads in this short span of time. While the official channels of Anonymous are rejecting any link with the distro, a Tumblr page has been created to promote the distro and it is making some bold claims.

The Anonymous OS distro is based off Ubuntu 11.10 and comes with the Mate desktop environment. It ships with known hacker and security tools like the High Orbit Ion Cannon, Tors Hammer, John the Ripper, Wireshark, Slowloris and Vidalia. The total size of the distro is 1.5 GB and it is still available on BitTorrent.

The official Twitter channel of Anonymous @AnonOps has rejected any affiliation of Anonymous with the Anonymous OS Linux build on SourceForge.

The Anon OS is fake it is wrapped in trojans. RT

— AnonOps (@anonops) March 15, 2012

With over 300,000 projects under its belt and millions of registered users, SourceForge has a responsibility towards both the user community and the developer community. This has led SourceForge to take down the   project for now, and pursue some answers from the project admin. As dubious as the name and the nature of the project is, it also ridicules the ideology of Anonymous. The very fact that Anonymous are Anonymous can be used so easily against them, and every time that happens, they have to fulfill the social obligation of rejecting dubious affiliations like these.

 

FBI Hits Back: Arrests LulzSec and Anonymous Members with the Help of Kingpin Sabu

After being repeatedly embarrassed and discomforted by Anonymous and its various offshoots, the feds have finally managed to land a telling blow on the notorious band of hackers. Fox News is reporting that Kayla (Ryan Ackroyd), Topiary (Jake Davis), pwnsauce (Darren Martyn), palladium (Donncha O’Cearrbhail), and Anarchaos (Jeremy Hammond) have been arrested in an intercontinental raid. The hackers were picked up from USA (Chicago), UK (London), and Ireland.

The arrests tell only part of the story. The real kicker is in the details. Apparently, the feds managed to track down Sabu, the kingpin of LulzSec and one of the leaders of Anonymous, in June, 2011. The man behind some of the most notorious attacks in the past 18 months turned out to be Hector Xavier Monsegur – an unemployed, 28-year-old father of two. Facing the charge of charge of aggravated identity theft, which carries a two year prison sentence, Sabu agreed to drop all his moral convictions and teamed up with the FBI. Turning him wasn’t easy, and ultimately it was the prospect of staying away from his kids that swayed him. Since then, Sabu has continued to work with the FBI, often from their offices, to help in collection of proof against his co-conspirators.

Although today’s news will send shockwaves through Anonymous, this wasn’t totally unexpected. Sabu had been doxed towards the end of last year itself, and several hackers believed that he was snitching. Here are excerpts from a prophetic interview given by Virus:

6:15:39 PM virus: he disappeared for a week, I don’t recall what day
6:15:52 PM virus: but when he returned he said his grand mother died and that’s why he was MIA
6:16:01 PM virus: after that he started offering me money to own people

6:19:19 PM virus: another reason why I believe he was converted after he disappeared and returned is everybody else started getting arrested one by one starting with ryan clearly, who was their ddos bitch
6:19:29 PM virus: yes, I believe he cut a deal to save himself

Back in November, Jester and others uncovered Sabu’s real name, email address, address, pictures and other personal details. Here are some of the stuff about Sabu that was already available on the internet:

Sabu
Sabu

Sabu
Sabu’s grandmom with his and his dad’s pictures (source)

Even though, many members of the inner circle had already predicted today’s events, it still is a massive blow to Anonymous. Not only have they lost several of their most visible faces, but they have been betrayed by their de facto leader.

Slowloris DDoS Tools Used by Anonymous Infected with Zeus Trojan

The arrest of Megaupload’s Kim Dotcom has upset Anonymous greatly, and they have been busy ever since the Megaupload takedown incident. In protest, the Anonymous took down the US Department of Justice website, a number of other record label websites and the Federal Bureau of Investigation website. This was their single largest attack ever.
anonymous-logo
However, a lesser-known fact has surfaced recently. Symantec studied the DDoS tools used by Anonymous, and found that the version of Slowloris they were using was in fact, infected with a Trojan itself!

Robert Hansen who goes by the alias RSnake wrote Slowloris. It is extremely effective for DDOS attacks on low bandwidth.

After Megaupload was shutdown, Anonymous circulated a list of tools to use for hacktivist operations. However, they (seemingly unintentionally) link to a remastered version of the Slowloris tool. On discovery of the exploit, Symantec said,

Not only will supporters be breaking the law by participating in DoS attacks on Anonymous hacktivism targets, but may also be at risk of having their online banking and email credentials stolen.

Elaborate efforts have gone into shutting down Zeus but it keeps coming back always. Riding on the rage of the people against the Megaupload shutdown, the Zeus command and control center gobbled up bank account information, email accounts, cookies and a lot more.

After the matter became public, the link to Slowloris has been removed and it has definitely alerted the victims of this situation. Over the last few days, we will see many fresh OS installs and bank and email account credential changes. Will the Anonymous take revenge? Will we get to see a Zeus vs. Anonymous now?

How To Fight Anonymous: With Sarcasm

How do you fight an amorphous “organization” famed for its aping of a quote from V for Vendetta that goes “Behind this mask is an idea… and ideas are bulletproof!”? If the Boston Police Department’s reaction is to become to mainstay, this is the perfect and the most encouraging way to fight a bunch of mischief makers with no real disruptive skills: with sarcastic humor and employing down-to-earth police officers as “actors”.

Last week the Boston Police Department’s community news website was ‘hacked’ by Anonymous on the pretext of [insert random “fight the power/police/government/media” propaganda piece/reason here] and the site was taken down. The hackers replaced the website with a message that conformed to the aforementioned inserted pretext with the rap song “Sound o’ Da Police” performed by American rapper KRS-One.

Now, after a week of poking around, the Boston Police have managed to put the site back online, with a homemade video to boot where police officers, with their straightest faces, explain how they could not sleep because one of the most important sites in the entire web had been taken down. With a mockumentary-style shot of an Asian IT officer assuring everyone that the site should be working properly for a while.

The video shows the maturity of the police force starkly against the juvenile nature of these hackers. I, for one, welcome these humorous police officers.