FBI says Dallas based computer was source for attacks on PayPal

Image representing PayPal as depicted in Crunc...Image via CrunchBase
The Smoking Gun:

As part of an international criminal probe into computer attacks launched this month against perceived corporate enemies of WikiLeaks, the FBI has raided a Texas business and seized a computer server that investigators believe was used to launch a massive electronic attack on PayPal, The Smoking Gun has learned.

...

The PayPal assault was part of “Operation Payback,” an organized effort to attack firms that suspended or froze WikiLeaks’s accounts in the wake of the group’s publication of thousands of sensitive Department of State cables. As noted by the FBI, other targets of this “Anonymous” effort included Visa, Mastercard, Sarah Palin’s web site, and the Swedish prosecutor pursuing sex assault charges against Julian Assange, the WikiLeaks founder.

On December 9, PayPal investigators provided FBI agents with eight IP addresses that were hosting an “Anonymous” Internet Relay Chat (IRC) site that was being used to organize denial of service attacks. The unidentified administrators of this IRC “then acted as the command and control” of a botnet army of computers that was used to attack target web sites.

...

One IP address was initially traced to Host Europe, a Germany-based Internet service provider. A search warrant executed by the German Federal Criminal Police revealed that the “server at issue” belonged to a man from Herrlisheim, France. However, an analysis of the server showed that “root-level access” to the machine “appeared to come from an administrator logging in from” another IP address.

“Log files showed that the commands to execute the DDoS on PayPal actually came from” this IP, Agent Lynd reported. Two log entries cited in the affidavit include an identical message: “Good_night,_paypal_Sweet_dreams_from_AnonOPs.”

Investigators traced the IP address to Tailor Made Services, a Dallas firm providing “dedicated server hosting.” During a December 16 raid, agents copied two hard drives inside the targeted server. Court records do not detail what was found on those drives, nor whether the information led to a suspect or, perhaps, a continuing electronic trail. In a brief phone conversation, Lynd declined to answer questions about the ongoing denial of service probe.

...
There is more.

The story does not name any individuals as responsible for launching the attacks, but I suspect their investigation will trace back to whomever was responsible for giving the commands. While this is a criminal investigation, I think that PayPal, Sarah Palin and others who were attacked will have civil cases against those responsible. The question then will become whether those people have any assets worth suing over.

I am not surprised they have been able to walk back this cat. The forensic accounting of cyber attacks is getting better all the time. Those who do not like the legal actions of a person or company cannot use illegal acts to protest them.
Enhanced by Zemanta

Comments

Popular posts from this blog

Should Republicans go ahead and add Supreme Court Justices to head off Democrats

29 % of companies say they are unlikely to keep insurance after Obamacare