'Anonymous' arrests tied to PayPal DDoS attacks, FBI says
14 arrested for PayPal attacks, two others for 'related' cybercrimes
Computerworld - The FBI said this afternoon that it had arrested a total of 14 people thought to belong to the hacking group known as Anonymous for their alleged participation in a series of distributed denial-of-service (DDoS) attacks against PayPal last year.
The defendants, all of whom are in their 20s or early 30s, were arrested on no-bail arrest warrants in a series of raids in Alabama, California, Colorado, the District of Columbia, Massachusetts and five other states. All of them were charged in an indictment that was unsealed in federal court in San Jose today.
Two other individuals were also arrested today on what the FBI said in a statement were related cybercrime charges.
One of them, Scott Matthew Arciszewski, 21, was arrested in Florida on charges that he illegally accessed files from a Tampa Bay InfraGard website last year and then publicly posted information telling others how to break into the site.
The other indictment unsealed in federal court in New Jersey charged Lance Moore, 21, of Las Cruces, N.M., with stealing protected business information from an AT&T server in June this year, and posting it on a public file hosting site. The thousands of documents, applications and files that Moore is alleged to have stolen were later made publicly available by the LulzSec hacking group, the FBI said in the statement.
According to the San Jose indictment, the 14 individuals who were arrested today were all members of Anonymous who conspired to attack PayPal last December in retaliation for its perceived opposition to WikiLeaks.
Soon after the whistleblower site started publicly releasing classified U.S. State Department cables late last November, PayPal terminated an account that WikiLeaks had set up to collect donations, citing violations of its terms of service.
The move prompted a series of angry retaliatory DDoS attacks against PayPal by members of the Anonymous hacking collective. Similar attacks were carried out by Anonymous members against the sites of several other companies that were seen as opposing WikiLeaks.
The attacks, dubbed "Operation Avenge Assange," were coordinated by Anonymous using an open-source tool called Low Orbit Ion Cannon that the group made available for public download to anyone who wanted to participate.
The 14 individuals named in today's indictment in San Jose have each been charged with conspiring to cause damage to a protected computer and intentionally causing damage to a protected computer. The conspiracy charge carries a maximum of five years in prison and a $250,000 fine, while the intentional damage charge carries a maximum penalty of 10 years in prison and a $500,000 charge, the FBI noted in its statement.
The individuals named in the San Jose indictment are Christopher Cooper, 23, Joshua Covelli, 26, Keith Downey, 26, Mercedes Haefer, 20, Donald Husband, 29, Vincent Kershaw, 27, Ethan Miles, 33, James Murphy, 36, Drew Phillips, 26, Jeffrey Puglisi, 28, Daniel Sullivan, 22, Tracy Valenzuela, 42 and Christopher Quang Vo, 22. One individual was unnamed.
The raids come amid a recent spike in activity by Anonymous. Just last week, members of the group claimed credit for breaking into computers belonging to military contractor Booz Allen Hamilton and exposing the email addresses and passwords of more than 90,000 military personnel.
Earlier this month, Anonymous was labeled a cyberterrorism group by the Arizona Department of Public Safety after members of the group repeatedly attacked Arizona police union websites to protest the state's tough immigration laws. In December, Anonymous launched a series of DDoS attacks against several organizations, including PayPal and Amazon.com, to protest what it claimed were efforts to stifle whistleblower site WikiLeaks.
Today's FBI raids shouldn't come as a surprise, said Josh Shaul, CTO of security vendor Application Security Inc. "They got a lot of people angry," he said. "When you play with fire you are going to get burned."
What is unusual, however, is that some Anonymous members appeared to have put little effort into concealing their tracks, according to Shaul. "It seems like these folks who got caught were brazen and careless about the way they went about their hacking activity," he said.
Many of the recent attacks by Anonymous and splinter group LulzSec appear to be focused on embarrassing the victims, not on outright data theft or sabotage. Even so, Shaul said that law enforcement officials "are certainly going to want to make an example of anyone they can bring in."
- Cyberattacks could paralyze U.S., former defense chief warns
- Security Manager's Journal: Thousands of dollars in phone calls? Management hates that.
- Everything You Know About Enterprise Security Is Wrong
- UK man charged with hacking Federal Reserve
- McAfee Offers Global Response to Nationalized Malware
- Tech Industry Praises Cybersecurity Framework From White House
- Ransomware like Cryptolocker uses Bitcoin, other virtual currencies for payment
- Trial for alleged Silk Road creator Ross Ulbricht set for November
- Target attack shows danger of remotely accessible HVAC systems
- U.S. is investigating Target data breach, AG Holder says
Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Who's Spying on You? You're aware of the threats of malware to your business but what about the ever-changing ground rules? Cybercriminals today are launching attacks against...
- Accelerating Network Convergence in Virtualized and Cloud Data Centers Adopting a converged networking strategy enables organizations to traffic server and storage I/O workloads on consolidated data throughput channels. Intelligent software helps optimize...
- Omnichannel: From Buzzword to Strategy Customers demand a seamless experience across channels, especially mobile. Read this whitepaper for a research-based framework for using omnichannel for higher customer engagement.
- How 10GbE Network is the Backbone of the Virtual Data Center The shift to a virtual data center has put tremendous strain on legacy networks; driving the need for more speed, lower latency, more...
- Webinar: Building a Big Data solution that's production-ready Big data solutions are no longer just a nice-to-have.
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well... All Cybercrime and Hacking White Papers | Webcasts