A day after the SOPA protest on the web, the hacker group Anonymous has taken the blackout theme to a whole new level: in retaliation for the closure of the Megaupload file-sharing site, and for its own SOPA protest, the group has started to systematically take down a number of websites for groups connected to the Megaupload case, including government bodies.
Update: We’ve also published a new story with further developments here. [To read about how events unfolded last night, continue reading below...]
Using distributed denial of service (DDoS) attacks, the hackers have gone after the Department of Justice’s site, the RIAA, the MPAA and the major record labels — so far Universal, BMI and Warner Music Group have been affected.
At the moment, the hackers are updating a Twitter feed with news of developments of the attack, which it is code-naming #OpMegaupload. It also appears that it is also going after related sites outside of the U.S. as well.
A series of messages posted on Anonymous’ Twitter feed, have detailed the group’s trail of destruction across the internet.
They are covering not just U.S. sites but also extending their work to similar organizations in Europe, such as Hadopi.fr, which is now also down.
Hadopi is the French law that was introduced in 2009 and is used to regulate internet access and copyright violations in France. This controversial bill basically outlines a three-strikes procedure for suspending internet access for those who download illegal content. There are legislators now considering how to apply this to streamed services as well, which are currently not covered.
Taking down government sites like the DOJ’s and
potentially the FBI’s — the Anonymous Twitter feed has mentioned it is working on the latter, although at the time of writing the FBI’s site is still up — could mean the group would be subject not just to felony charges but also potentially terrorist violations.
Update: FBI.gov is now down, too.
Cases involving the prosecution of Anonymous hackers are still being played out, so it’s not clear what route authorities may take over this current spate of attacks: hackers that were identified as part of Anonymous are currently being prosecuted in California for allegedly hacking PayPal when the Ebay-owned payments provider halted payments to Wikileaks. Defendants in that case pleaded not guilty in November 2011.
This case could be considerably more difficult to track for authorities: Anonymous says that there are 5,635 people confirmed to be working towards taking down sites.
A DDoS attack can mean several things, but one of the most common is when a person or network of people “attack” a site or server with a flood of communications requests, so that the target cannot respond to normal requests.
Adrian Chen at Gawker further describes how those DDoS attacks are getting amplified using viral techniques: hackers are at the moment spamming out links that effectively rope innocent users into also taking part in the attacks, by clicking on the links to automatically start pinging one of the sites on the target list.
Many of the sites listed above are simply leading to blank pages now, or “down for maintenance” pages, but one site, for the Utah police association, which might have less administrators than those of the DOJ, has been hacked with a message from the hackers about Megaupload:
The MPAA, meanwhile, has taken to posting Twitpics of its statements — for the moment, it has no website to use to post them, and a Twitpic can’t get hacked. “Our website and many others…were attacked today,” begins the 150-word statement. It also says it is working with law enforcement agencies to identify those responsible, and that “Protecting copyrights and protecting free speech go hand in hand.”
Update 2: Several of these sites are back up and running, but so is Anonymous’ own effort, with some 9,000 users participating in its site take-down. Read about other developments in this separate post.