FBI Anon Raids Based on List of 1,000 IPs Provided by Paypal
29 replies, posted
[url]http://www.wired.com/threatlevel/2011/07/op_payback/#more-28521[/url]
[quote]
It turns out there’s a method behind the FBI’s raids of suspected Anonymous members around the country. The bureau is working from list, provided by PayPal, of the 1,000 internet IP addresses responsible for the most protest traffic during Anonymous’ DDoS attacks against PayPal last December.
FBI agents served 40 [URL="http://www.wired.com/threatlevel/2011/01/fbi-anonymous/"]search warrants[/URL] in January on people suspected of hosing down PayPal during ”Operation Payback” — Anonymous’ retaliatory attack against companies who blacklisted WikiLeaks. On July 19, the feds charged the first 14 defendants under the Computer Fraud and Abuse Act, and raided an additional 35 suspects for evidence.
An FBI affidavit first published Tuesday by an [URL="http://www.nbcdfw.com/news/tech/FBI-Raids-Arlington-House-in-Hacking-Case-126151358.html"]NBC affiliate[/URL] in Dallas lays out how the FBI decided on its targets, and suggests the bureau may have plenty more.
According to the affidavit, by FBI agent Chris Thompson, PayPal security officials were in close contact with the bureau beginning on December 6, two days after PayPal [URL="http://www.wired.com/threatlevel/2010/12/paypal-wikileaks/"]froze WikiLeaks’ donation account[/URL] and the first day it began receiving serious denial-of-service traffic. FBI agents began monitoring Anonymous press releases and Twitter postings about Operation Payback, while PayPal collected traffic logs on a Radware intrusion prevention system installed on its network.
On December 15, the company turned over a USB thumb drive containing the Radware reports, which documented “approximately 1,000 IP addresses that sent malicious network packets to PayPal during the DDoS attacks.” The list represented the “IP addresses that sent the largest number of packets.”
It was easy to distinguish the packets coming from the’ “Low Orbit Ion Cannon” — Anonymous’ fire-and-forget DDoS tool — because they contained strings like “wikileaks,” “goof,” and “goodnight,” the affidavit notes.
The newly released affidavit was offered in support of a search warrant for the home of an Arlington, Texas couple and their son, who were among the July 19 targets, and have not been charged. The house was the source of 3,678 packets in about two-and-a-half hours starting December 8.
[/quote]
The FBI should be smart enough to realize:
A. IP address =/= person
B. Rounding up a bunch of channers who ran LOIC for a few hours gets you no closer to the people that organized the attacks and wrote the software that made it possible.
C. This kind of makes them look like Paypal's personal hired goons.
I disagree with your statement OP and I'm glad the FBI cracked down on these idiots.
Anonymous did a DDos attack against Paypal. Paypal recorded the IP addresses of those responsible. Paypal gave said IP addresses to the FBI to help in their investigation of a criminal activity. The FBI acted using the IP addresses.
I don't see the problem here.
maybe they should focus more on the people who leaked all of those usernames and passwords which in turn has had thousands of dollars stolen from them via paypal
kinda like the situation i'm in right now :(
[QUOTE=5killer;31359506]Anonymous did a DDos attack against Paypal. Paypal recorded the IP addresses of those responsible. Paypal gave said IP addresses to the FBI to help in their investigation of a criminal activity. The FBI acted using the IP addresses.
I don't see the problem here.[/QUOTE]
Unless the ISP keeps track of who has an IP leased at the time when it was recorded, then those IPs are little more than a zip code.
Granted, I'm sure they didn't just blindly arrest every IP.
[QUOTE=bord2tears;31359596]Unless the ISP keeps track of who has an IP leased at the time when it was recorded, then those IPs are little more than a zip code.
Granted, I'm sure they didn't just blindly arrest every IP.[/QUOTE]
ISPs are required to keep a log of what customer had what IP at what time.
[QUOTE=CharadesV2;31359485]I disagree with your statement OP and I'm glad the FBI cracked down on these idiots.[/QUOTE]
I'm fine with there being some consequences, but I don't think this is the way to do it. This doesn't go after Anon's leadership at all, and it just ruins the lives of a bunch of dumbass kids that thought it would be fun to run a little program in the background and do their part to defend Wikileaks.
Plus, IP addresses don't really mean anything. Anybody could jump on an open wifi network and DDoS to their heart's content. As for the third point, these IPs aren't from the FBI's investigation, but from Paypal's, which means we are expected to completely take their word that these are the addresses responsible. It just seems like such a flimsy case and a waste of resources that won't change anything except trying to scare the people who might participate in the next one. Besides, the smart ones just hide behind proxies and VPNs.
Thankfully I don't think the FBI really intends to round up all 1,000 people.
Yeah, wasn't a very good idea openly challenging the FBI when you tie yourself to a group notorious to the media for maliciously DDOS'ing websites that do things that do coincide with their opinions.
[QUOTE=bord2tears;31359596]Unless the ISP keeps track of who has an IP leased at the time when it was recorded, then those IPs are little more than a zip code.
Granted, I'm sure they didn't just blindly arrest every IP.[/QUOTE]
How long ago were the DDOS attacks on Paypal again?
I pretty sure several months so they've had time to investigate and subpoena records and logs.
[QUOTE=bord2tears;31359596]Unless the ISP keeps track of who has an IP leased at the time when it was recorded, then those IPs are little more than a zip code.
Granted, I'm sure they didn't just blindly arrest every IP.[/QUOTE]
the police subpoena the records from the ISP
did you think that ISPs don't keep a list of what customers' IPs are?
[QUOTE=Used Car Salesman;31359644]I'm fine with there being some consequences, but I don't think this is the way to do it. This doesn't go after Anon's leadership at all, and it just ruins the lives of a bunch of dumbass kids that thought it would be fun to run a little program in the background and do their part to defend Wikileaks.
Plus, IP addresses don't really mean anything. Anybody could jump on an open wifi network and DDoS to their heart's content. As for the third point, these IPs aren't from the FBI's investigation, but from Paypal's, which means we are expected to completely take their word that these are the addresses responsible. It just seems like such a flimsy case and a waste of resources that won't change anything except trying to scare the people who might participate in the next one. Besides, the smart ones just hide behind proxies and VPNs.
Thankfully I don't think the FBI really intends to round up all 1,000 people.[/QUOTE]
Scaring the potential offenders is probably what they are going for here.
DDOSing is illegal?
[QUOTE=Elecbullet;31359772]DDOSing is illegal?[/QUOTE]
What do you think
Apparently yes but I wouldn't really have thought so until I read the story
[QUOTE=Elecbullet;31359826]Apparently yes but I wouldn't really have thought so until I read the story[/QUOTE]
If it can harrass someone and completely fuck up a bunch of legitimate business then yes it is. Its like blowing up a bank.
Note:The widespread finical damage, NOT THE PHYSICAL DAMAGE.
All you changed your tune since they brought on the PayPal attacks in retribution of Wikileaks. It was all support and winners then. Seems like this Lulzsec thing has got us all scared, since they're not the benevolent activists like Anon was then.
[QUOTE='[Seed Eater];31360714']All you changed your tune since they brought on the PayPal attacks in retribution of Wikileaks. It was all support and winners then. Seems like this Lulzsec thing has got us all scared, since they're not the benevolent activists like Anon was then.[/QUOTE]
I didn't even support them then because they were affecting more people than Wikileaks ever would.
I understand the angry but they have the maturity of 5 year olds who wield their power likes its the best solution for everything. Meanwhile, I don't even know if you can still donate to Wikileaks anymore.
and then half of those people people who were unknowingly part of a botnet were raided?
ip addresses mean nothing holy shit
[QUOTE=Mattk50;31367968]and then half of those people people who were unknowingly part of a botnet were raided?
ip addresses mean nothing holy shit[/QUOTE]
America.
On the up side, this
[url=http://blogs.forbes.com/andygreenberg/2011/07/01/heres-the-legal-complaint-wikileaks-is-threatening-to-file-against-visa-mastercard/]WikiLeaks will sue PayPal-eBay, in the US and Europe as per Visa/MasterCard[/url]
IP =/= Location
You can easly do a UDP flood without revealing your IP
Or well, your correct IP
Doubt some idiots with LOIC is smart enough for that, but still
It could be worse, they could have hacked PSN.
Haven't they heard of proxies? Although, I don't know if you can ddos with a proxy.
[QUOTE=5killer;31359506]Anonymous did a DDos attack against Paypal. Paypal recorded the IP addresses of those responsible. Paypal gave said IP addresses to the FBI to help in their investigation of a criminal activity. The FBI acted using the IP addresses.
I don't see the problem here.[/QUOTE]
You download a virus, Anon commands you to spam PayPal (DoS) with packets. All the people then DoSing paypal are on this list with the FBI breaking down their doors.
[QUOTE=zzaacckk;31368628]You download a virus, Anon commands you to spam PayPal (DoS) with packets. All the people then DoSing paypal are on this list with the FBI breaking down their doors.[/QUOTE]
So then the FBI should work with those who are part of a botnet and help remove it. Either way removing computers infected into a botnet is a good thing because it diminishes the botnet's abilities.
A botnet's strength is numbers and numbers alone.
[QUOTE=Used Car Salesman;31359285][url]http://www.wired.com/threatlevel/2011/07/op_payback/#more-28521[/url]
The FBI should be smart enough to realize:
A. IP address =/= person
B. Rounding up a bunch of channers who ran LOIC for a few hours gets you no closer to the people that organized the attacks and wrote the software that made it possible.
C. This kind of makes them look like Paypal's personal hired goons.[/QUOTE]
A. Except for the fact that FBI's arrests so far seem to be pinpoint accurate. And following the chain to see the base IP isn't that hard.
B. You can get more information by arresting these people and forcing them to talk (just like L.A. Noire!). These are just kids, most of them shitscared, and they're very likely to open up to keep themselves out of trouble. And some of them are going to know a bit more along the lines of aliases or locations of servers.
C. No it doesn't, it looks like the FBI working with a business to protect US citizens from assholes.
[editline]27th July 2011[/editline]
[QUOTE=Used Car Salesman;31359644]I'm fine with there being some consequences, but I don't think this is the way to do it. This doesn't go after Anon's leadership at all, and it just ruins the lives of a bunch of dumbass kids that thought it would be fun to run a little program in the background and do their part to defend Wikileaks. [/QUOTE]
Yeah, but there's other ways to do these sort of things than something malicious like a DDOS. Most people who argue for WikiLeaks most likely haven't even taken the time to read any of the documents on there. These kids would be much more beneficial to society if they created or joined activist groups about getting those documents out in the public's eye.
Glad to see the FBI actually fighting back against anon and the like.
I loled.
[QUOTE=Elecbullet;31359772]DDOSing is illegal?[/QUOTE]
Yes, much like how getting 100 people together and having them all block the entrance to someone's business would be illegal
I bet there are several shit-scared teens who participated in this who are throwing their hard drives out windows.
Sorry, you need to Log In to post a reply to this thread.