13 Anonymous hackers indicted for massive DDoS attacks against MasterCard and others

13 members of the hacking collective Anonymous were indicted yesterday in a Virginia federal court for allegedly attacking government websites, and the sites of credit card and record companies in 2010.

The alleged distributed denial of service (DDoS) attacks took place as part of "Operation Payback", a series of attacks undertaken to avenge the taking down of file-sharing site The Pirate Bay. Attacks also took place against credit card companies that blocked payments to Wikileaks in the wake of its release of US diplomatic cables in February 2010, and organisations like the Recording Industry Association of America (RIAA) that Anonymous considered to be part of a reactionary crackdown on freedom of distribution.

The 13 men, who were indicted both under their real names and their online handles (such as "Anonyjosh", "grishnav" and "mightymooch"), are charged with conspiracy to intentionally cause damage to a protected computer. The charge carries a maximum sentence of five years in prison.

The defendants, who are aged between 21 and 65, are accused of having "participated in a worldwide conspiracy... to engage in a coordinated series of cyber-attacks", and of causing "significant damage to victims" amounting in damages of $5,000 (£3,112) to MasterCard alone.

The group's weapon of choice for this attack was an open-source and freely-available program known as the Low Orbit Ion Cannon (LOIC), an application capable of bombarding a website with a salvo of irrelevant traffic in order to slow down its servers. The attack required the simultaneous firing of a large number of these applications to bring down large websites like MasterCard and the Library of Congress.

The group posted flyers on online message boards recruiting users to take part in these attacks. One flyer posted on 16 September 2010 in aid of an attack on the Motion Picture Association of America (MPAA) announced, "We target the bastard group that has thus far led this charge against our websites, like The Pirate Bay. We target MPAA.ORG!"

The flyer also included detailed instructions on where to download the LOIC, how to install it, and when to use it.

"Install the LOIC linked above into any directory you choose, load it up, and set the target IP to [IPaddress] port80 Method will be TCP, threads set to 10+, with a message of 'Payback is a bitch'... Everything else must be left blank. Once you have the target locked, DO NOT FIRE. REPEAT: DO NOT FIRE! This will be a calm, coordinated display of blood. We will not be merciful. We will not be newfags. The first wave will be firing in: ONE DAY: 09/17/2010 9PM EASTERN When it comes time to fire, ignore all warning messages. They mean nothing. Keep firing."

The group also posted advice on how to destroy evidence in case their identities became known to the authorities.

"F------ MAGNETS won't DELETE F------ EVERYTHING unless they're exposed directly to the harddrive for a few minutes. Do not use the recycle bin to dump data!... Microwave works wonders on CDs, also on HDDs, pen drive and most electronics."

The government has issued an arrest warrant for all 13 men. One of the defendants, Dennis Owens Collins, who went by the handles "iowa", "owen" and "anon5", had been indicted before for similar DDoS attacks, and was apparently only days away from reaching a settlement. It is thought that this settlement has now been redacted.

Image: Flickr (Stian Eikeland)