Operation Payback directs DDoS attack at AFACT

By Brett Winterford on Sep 28, 2010 1:54 PM
Filed under Security

Thousands of bystanders taken out.

Anonymous attackers using the 4chan message board have levelled a sustained DDoS (distributed denial of service attack) against the Australian Federation Against Copyright Theft (AFACT) website, taking out thousands of other Australian websites in the process.

The attack, which was scheduled to begin at 5am AEST today, took the site down at 8:30am for several hours before AFACT and its technology partners took measures to restore service.

Neil Gane, executive director at AFACT, confirmed the site was inaccessible for several hours.

Gane said the attack - which constitutes a criminal act in Australia and several international jurisdictions - also took out close to 8,000 other web sites hosted by AFACT's technology partner, whom iTnews understands to be NetRegistry.

NetRegistry has posted a notification on its support pages to confirm its services have been attacked today.

The company said an attack began at 8:30am AEST this morning, with NetRegistry's firewall flooded with connection requests in what the company claimed was an attempt to take down all of its servers.

"They had achieved success in disabling all access to some of the client facing services behind the firewall, however this was short lived and we were able to restore most connectivity to those machines within some 30 minutes," the company said.

Impacted services included websites using NetRegistry's 'Zeus' cluster - a group of websites using PHP but not utilising Apache web server - plus some webmail services and website administration consoles.

"A lot of these sites are small Australian businesses and Government web sites," Gane said. "They have been affected by this senseless act."

The attacks follow a sustained campaign levelled against U.S. anti-piracy groups such as the Recording Industry Association of America (RIAA) and the Motion Picture Association of America (MPAA) earlier this month.

Organisers of the attack have now distributed the details of five IP addresses used by AFACT, asking attackers to use the message "PAYBACK IS A BITCH" as they flooded the site.

"Target will be: afact.org.au," read instructions on a web site aiming to corral attackers.

The group claims the attacks are a retaliation against efforts to take down file sharing sites such as The Pirate Bay.

"Anonymous is sick and tired of these corporations seeking to control the internet in their pursuit of profit," the group wrote in an explanatory letter prior to the attacks. "Anonymous cannot sit by and do nothing while these organisations stifle the spread of ideas and attack those who wish to exercise their rights to share with others."

The group claims individuals taking part in the attack are unlikely to be caught.

"Chances are next to zero because we are so many doing it. You can simply deny knowing what they are talking about, or saying you have been infected by a virus (botnet). However, if you try to do this alone chances are MUCH higher that you get caught."

But Gane said he understands that there "are ways of collating IP addresses" to identify the attackers.

Operation Payback directs DDoS attack at AFACT

18 comments in this discussion

"Okay, before the media gets out of control labelling all 4channers as criminals, let me say this: As a 4chan user, I did not, and will not, participate in acts such as this. The board /b/ is where ..."

By The_Soul_-_Stripped

Tags

afact, ddos, attack, operation payback, 4chan, anonymous, netregistry

Anonymous member convicted for Paypal DDoS

#OpUSA hacking spree kicks off early

LivingSocial hack exposes Australian customers

VentraIP deploys DDoS mitigation after attacks

Breaking Stories

Mater CIO shows QLD Health 'how it's done'

QLD Transport to replace 'cumbersome' data search

Melbourne firies use drone to check dangling truck

DNS DDoS attacks skyrocket

Photos: Toshiba's 2013 laptops

Readers of this article also read...

Comments: 18

RaTTyRaTT Sep 28, 2010 2:36 PM	Hurray... ... oops, should read... "We honestly cannot condone the senseless violence in these attacks, and hope the strongest measures of the law are brought against them such as Stoning, public Humiliation, a few fatal beatings and the like..." oh, sorry, meant to say on the part of AFACT for hiding behind those other poor innocent bystanders... HAAaahaa Seriously, not much fun for them, but if I was hosting no NetRegistry - i would consider it a justified expectation, and not nice - but since it's AFACT... well 'nuff said! (Completely understandable.)
schneider Sep 28, 2010 4:59 PM	I would say it's NetRegistries fault that others were effected they should know that AFACT will be attacked and the attacks will come more often. If they don't like it remove AFACT from their hosting. This organisation is trying to fight a battle against every net user. They STILL have not given the people of Australia an option which IS legal so what do they expect? Create something like netflix in Australia and you won't need to prosecute pirating because NO ONE will need to do it anymore! AFACT deserve everything they get. It's unfortunate that other companies were brought down but maybe they should tell the provider to fix the issue or they will leave... Although I'm not part of the group that bought them down I hope they do a better job next time and push them off the net that they hate so much
Mordd Sep 28, 2010 7:01 PM	Personally I hate 4chan but I fully support the methodology of Anonymous, if nothing else it continues to keep the issues in the media. Well done Anon.
peterniss Sep 28, 2010 7:09 PM	AFACT used a company to conduct DoS attacks on various trackers which isnt made clear in the article. So really they are just doing the same thing to AFACT as AFACT did to them in the first place. Along with their own innocent bystanders. No sympathy from me.
fatcat Sep 28, 2010 7:52 PM	As an Australian citizen I'm not allowed to participate in this so called "illegal activity" so can I ask a question that itnews should have asked. Why are there no charges being laid against AFACT? Whilst I couldn't participate in this "illegal activity" there is something I (we) can and willl do. Ditch Netregistry unless it ditches AFACT.
Homie Sep 28, 2010 11:06 PM	#Mordd Like you, i personally hate 4chan but i'm the first fan of the anonymous methodoloy too. To keep our privacy on the web, right now, only one solution: signup and surf with a VPN access. It's the only way to be anonymous and to bypass the AFACT; here, a list of all the VPN providers around the world: http://www.start-vpn.com
mnjugg Sep 29, 2010 1:40 AM	I fully support "Operation Payback". If criminal charges are pressed against the 4Chan group will there also be charges against the RIAA, MPAA and the lawyer groups that also condone this action when it suits there needs? The companies in the US decided that this action was futile and maybe criminal, when is the rest going to learn. These attacks are carried out by 50 people and look what they can do. Imagine what would happen if more joined.
Ace Sep 29, 2010 12:15 PM	One would hope that supporters of 4Chan are willing to compensate all the small internet-based businesses who lost their livelihood for the duration of the attack. The mentality that two wrongs make a right is the domain of the uncivilised, and tends not to exist outside of organised crime and third-world countries. The mentality that 'we don't care about collateral damage' is very GWB-'you're either with us or you're against us'-like thinking, probably requiring a slightly deficient IQ. Apparently, organised crime syndicate called 4Chan are among this group of non-thinkers.
Sams Sep 29, 2010 2:11 PM	Regulars here know how I feel about AFACT, but stunts like DDOS attacks really just give the casual observers the impression that the Internet is a wild west that need more regulating .. and thus plays straight into the hands of people like AFACT and Conroy. It suspect it's really just a bunch of script kiddies trying to big note themselves, not any serious political movement.
Ewok Sep 29, 2010 2:25 PM	I disagree Sams, anarchy can be one of the biggest motivators for a political movement. All you need is an idea. Then for people to be willing to do something in support of that idea, and then if you have enough people participating in the support of said idea, you have a movement. That in itself is more powerful that a bunch of corrupt morons being hypocritical, performing their own DDoS attacks on people and then crying foul when the exact same methods are turned against them. It may well be as simple as kids with scripts, but whose to say that the kids with scripts are not feeling personally affected by what these mongrels are trying to do to them aswel? We're all in it together, and the more people that are willing to stand up to the corporations, the better.
Sams Sep 29, 2010 2:33 PM	Ewok: "All you need is an idea. Then for people to be willing to do something in support of that idea," I appreciate your ideals - in fact, most of my clients non-profits involved in campaigns of one sort or another. Exactly what the "something" is that people do though is the key. For example, violent protest is definitely out. I think similarly DDoS attacks will do more to harm the campaign than support it, especially when it affects bystanders, such as the other users of NetRegistry in this example. Edited by Sams: 29/9/2010 02:34:25 PM
Ewok Sep 29, 2010 2:37 PM	I do agree with the point that affecting innocent bystanders is out of the question and that acts of violence are completely out aswel. But when a company has the ability to have their voice heard and have their opinion influence those in positions of power to act against those that are against them, that's not on. Just seems like a "do what I say, not as I do" stance they have at the moment.
Mordd Sep 29, 2010 9:40 PM	Think of a DDoS attack like a group of people taking to the streets and marching to protest, shutting down traffic in the process. The businesses affected in the DDoS attack are all the people who get held up by the protest in the street (time is money after all). The fact is that its nothing more than political activism done online, instead of in the streets. You can deny that fact all you want by saying 2 wrongs don't make a right, but as every activist knows, rules are made to be broken, and sometimes you have to break a few laws in order to highlight the huge injustice of another law. I will always support actions like this online, as I am an activist at heart and always will be. The People, United, Will Never Be Defeated! :D
Ace Sep 30, 2010 10:35 AM	The phrase 'Rule are made to be broken' is used by people who have no excuse for their behaviour. I'd love to see someone use that as their defence in a court of law. There is a difference between 'People United' (eg mature organisations like GetUp) and 'Pack Mentality' (immature groups, typically teenagers, 4Chan). In the end, the pack will always be defeated, because if nothing else, most of their group will grow up...hopefully :D
deteego Sep 30, 2010 10:47 AM	Ace wrote: The phrase 'Rule are made to be broken' is used by people who have no excuse for their behaviour. I'd love to see someone use that as their defence in a court of law. There is a difference between 'People United' (eg mature organisations like GetUp) and 'Pack Mentality' (immature groups, typically teenagers, 4Chan). In the end, the pack will always be defeated, because if nothing else, most of their group will grow up...hopefully :D Unfortunately we don't live in Hippie Land where everyone lives happily together and rules aren't broken. When such laws are put in place (the ones that 4Chan/Anonymous) are part of, and it becomes clear that they don't want to change their ways even with massive opposition, the only thing you can do is get dirty, and unfortunately that usually involves breaking the law. Protesting used to be illegal, as did free speech. This isn't just a question of Legality anymore. Its also not possible to make a set of laws that makes a perfect society, there will always be laws/rules which will be easy to abuse and/or difficult to enforce Edited by deteego: 30/9/2010 10:48:58 AM
Ace Sep 30, 2010 12:17 PM	'massive opposition'? Are you delusional? Oh, hang on...don't bother answering that.
deteego Sep 30, 2010 12:20 PM	Ace wrote: 'massive opposition'? Are you delusional? Oh, hang on...don't bother answering that. Do you know what I even was referring to?
The_Soul_-_Stripped Oct 1, 2010 11:07 AM	Okay, before the media gets out of control labelling all 4channers as criminals, let me say this: As a 4chan user, I did not, and will not, participate in acts such as this. The board /b/ is where most of this originates from, and for the most part it is only a small number of people participating out of the hundreds, or even thousands, that frequent the boards. Moderators ban these people, more often than not, just like with any website forum. There are many more 'boards' on 4chan - news, personal advice, fitness, tv, music, anime, computing, transport, cars, 'adult' boards, all sorts of stuff. I don't like AFACT, much less the RIAA (Outdated business methods clinging desperately to our wallets), but the fact is this method of protest is childish. Another 'Operation Chanology' (Which was made up of users from 2chan, a japanese image board, 7 chan, a image board unrelated to 4chan, 4chan, 420chan, 1chan (A board with one topic - trains) and many more), which protested against Scientology being recognised as a religion), against internet censorship, the outdated and exploitive methods of music sales ($30 for a CD, the artists see very little of this), and so on, in which 'anonymous' legally protests in the streets.