WikiLeaks hactivists look to improve attack software
Wed Dec 15, 2010 2:41pm EST
* New features in the works for potential future attacks
* Software to launch attacks is extremely easy to use
* Software may be used to support other causes
By Jim Finkle
BOSTON, Dec 15 (Reuters) - Supporters of WikiLeaks who last week attacked the websites of MasterCard and Visa, say they are tweaking the software used for those assaults in a bid to create more powerful tools for possible future protests.
Several programmers posted their versions of the attack program, known as Low Orbit Ion Cannon or LOIC, on Geeknet Inc's (GKNT.O) SourceForge.net website.
Users can download the software for free, and also post suggestions to developers on how to improve it.
"I improved this software to make a better weapon of it," a developer working on the project, who goes by the screen name ChipForkAnon, told Reuters in an email.
The programmers are joining supporters of WikiLeaks who believe it is being unfairly attacked for publishing thousands of secret U.S. diplomatic cables. Credit card companies like Visa (V.N) and MasterCard (MA.N) have stopped processing donations for the nonprofit site, while Amazon.com Inc (AMZN.O) kicked WikiLeaks off its hosted service. <^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Take a Look [ID:nWIKI]
Reuters Breakingviews [ID:nLDE6B80K1]
The attack program is easy to use: Users need only enter the web address of the site they want to attack to join the army of computers launching a denial of service, or DOS, attack on a website. Such attacks can shut down a site by overwhelming it with web traffic.
Last week's attacks succeeded in shutting down the sites of MasterCard and Visa. Attackers sought but failed to shut down the better defended Amazon and PayPal sites.
Some 88,000 copies of the program were downloaded from SourceForge.net this week.
The LOIC software is not just a weapon. It can also be used by security experts to simulate attacks on websites that they want to protect.
Executives at SourceForge said they will continue to host the software, regardless of how frequently it is used in denial of service attacks -- unless they are served with a court order to remove it from their site.
"There's nothing inherent in the software that's bad," said Geeknet Chief Executive Scott Collison. "It would be like going to a store and saying 'Somebody used a hammer to kill somebody. Remove all hammers form the store.' We can't do that."
Supporters of the anonymous attacks are now incorporating changes to make it a more powerful weapon.
One key modification under consideration is adding a feature to hide the identities of the attackers. The current version allows the site under attack to log the location of its attackers, which would help law enforcement track them down.
Denial of service attacks are illegal in many countries including the United States and Britain.
Programmers are quietly working to improve the software so that it will work more efficiently in future attacks.
"I support this cause wholeheartedly," a programmer who goes by the screen name Urijah said in an email. "This is the new social mechanism we've been waiting for to correct the deficiencies of markets."
Analysts said publicity over the denial of service attacks by the WikiLeaks supporters will encourage other types of protesters to launch similar attacks on behalf of other causes with the same LOIC software,
"When we look back years from now we'll see this as a tipping point in 'hactivism' going from largely a theoretical threat to something that's more a day-to-day issue," said Yankee Group analyst Ted Julian.
Barrett Lyon, a security expert who specializes in protecting companies against sophisticated denial of service attacks from criminal professionals, said he suspects that political websites could be targets in upcoming political campaigns.
"There are people willing to risk breaking the law to join a cause of some sort to silence somebody," he said. (Reporting by Jim Finkle; Editing by Ros Krasny and Tim Dobbyn)