December 9, 2010
LOIC (Low Orbit Ion Cannon) is a network stress testing application, written in C# and developed by “praetox”. It attempts a denial-of-service attack on the target site by flooding the server with TCP packets, UDP packets, or HTTP requests with the intention of disrupting the service of a particular host. The program was exploited during Project Chanology to attack Scientology websites, and is currently being used by Operation Avenge Assange (Organized by Operation Payback) to attack the websites of companies and organizations that have opposed WikiLeaks.
“NewEraCracker” updated LOIC for the Operation Payback protests to fix a few bugs and added new features.
As of Version 18.104.22.168, LOIC has incorporated a new “Hive Mind” feature which allows the user to relinquish control of the LOIC application to the operator of an IRC channel. This has been likened to a “voluntary botnet”.
This updated version works on Windows XP or later, and requires Microsoft .NET Framework 3.5 Service Pack 1. It also works on Linux with Mono or Wine with .NET Framework 2.0.
An option to start the program hidden as a background service is also available in these later versions.
I don’t know if these attacks are part of some kind of PSYOP, but they certainly play into the pre-existing script for curtailing freedom on the Internet. Mike McConnell, former NSA Director, former Director of National Intelligence and now, Booz Allen Hamilton Senior Vice President, has said that we need to re-engineer the Internet:
We need to develop an early-warning system to monitor cyberspace, identify intrusions and locate the source of attacks with a trail of evidence that can support diplomatic, military and legal options — and we must be able to do this in milliseconds. More specifically, we need to re-engineer the Internet to make attribution, geo-location, intelligence analysis and impact assessment — who did it, from where, why and what was the result — more manageable. The technologies are already available from public and private sources and can be further developed if we have the will to build them into our systems and to work with our allies and trading partners so they will do the same.
He’s talking about changing the internet to make everything anyone does on the net traceable and geo-located so the National Security Agency can pinpoint users and their computers for retaliation if the U.S. government doesn’t like what’s written in an e-mail, what search terms were used, what movies were downloaded. Or the tech could be useful if a computer got hijacked without your knowledge and used as part of a botnet.
The data war between companies that have refused to do business with Wikileaks and the online activists keen to defend it is getting more intense.
The tool through which attacks are carried out against websites perceived to be anti-Wikileaks has now been downloaded more than 31,000 times.
Security experts warned people to avoid joining the voluntary botnet.
Targets of the loose-knit group Anonymous have so far included Visa, Mastercard and Paypal.
Amazon is expected to be among firms targeted next using the Anonymous attack tool known as LOIC. When a person installs the tool on their PC it enrols the machine into a voluntary botnet which then bombards target sites with data.
Distributed denial-of-service (DDoS) attacks are illegal in many countries, including the UK.
Social network Facebook confirmed that it had removed Operation Payback – as the campaign is known – from the site because it was promoting its attack tool.
This article was posted: Thursday, December 9, 2010 at 12:39 pm