Group used 30,000-node botnet in MasterCard, PayPal attacks
IDG News Service - PayPal's website was hit late Wednesday by two botnets as online activists continued their Web attacks on companies that have severed their relationships with WikiLeaks.
The activists have recruited volunteers, who have banded their computers into a distributed denial of service (DDoS) botnet, but they are also using hacked machines to carry out these attacks, said Sean-Paul Correll of threat researcher Panda Security. "Today we observed over 3,000 computers in the voluntary botnet, but we also have knowledge of a 30k node botnet," he said.
This botnet infects computers via peer to peer filesharing systems, but it can spread via Microsoft Messenger and USB sticks as well, he said. Panda is trying to get a sample of the botnet code to analyze.
PayPal was hit late Wednesday afternoon, Pacific time, and the Paypal.com address was unresponsive into early Thursday morning. "There have been attempted DDoS attacks on paypal.com this week," said company spokesman Anuj Nayar. "The attacks slowed the website itself down for a short while, but did not significantly impact payments."
PayPal's blog had been hit earlier in the week, but the main Paypal.com website was down for at least several hours Wednesday, and www.paypal.com was affected too, although less seriously. Unlike Visa and MasterCard, the website is critical to PayPal's business. Customers need the website to send money to other PayPal users.
Paypal wasn't the only company to have some payments affected, however. MasterCard's SecureCode service -- used to add a security code for use in online transactions, similar to a PIN (personal identification number), also suffered a disruption Wednesday, said MasterCard spokesman James Issokson. "There were some operational issues and they have been resolved," he said.
Representatives of the Anonymous group's Operation Payback said that they were responsible for this disruption. They believe that MasterCard's Web servers may have shared resources with the SecureCode system. In a MasterCard advisory,published on the Securetrading blog, MasterCard said that a directory server had failed.
Both MasterCard and Visa also had their public websites knocked offline by a "hive" of as many as 3,000 activists who had downloaded Web-attacking software, which was then turned on different websites.
For several months now, Operation Payback has gone after websites belonging to organizations that have cracked down on unlicensed music and movie copying -- the Motion Picture Association of America (MPAA) and the Recording Industry Association of America (RIAA). This week, the project took up cyber arms against companies that have cut business ties with WikiLeaks, making it harder for the website to raise money and continue operations. They have also hit websites belonging to WikiLeaks critics such as U.S. Senator Joseph Lieberman and former Alaska Governor Sarah Palin.
- Michaels breach exposes nearly 3M payment cards
- Teen nabbed in Heartbleed attack against Canadian tax site
- Heartbleed bug can expose private server encryption keys
- FTC can sue companies hit with data breaches, court says
- 5-year-old hacks Xbox, now he's a Microsoft 'security researcher'
- State AGs probe Experian subsidiary's data breach
- NSA sniffing prompts Yahoo to encrypt traffic between its data centers
- Banks withdraw data breach claim against Target
- Bank abandons place in class-action suit against Target, Trustwave
- Banks' suit in Target breach a 'wake-up call' for companies hiring PCI auditors
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts