Al-Qaida's Shamukh Chat Forum Under Attack

Al-Qaida's top-tier Al-Shamukh chat forum is facing an ongoing electronic attack, that has rendered the forum totally unreachable, according to a terrorism expert.The attack on Shamukh is similar to one reported in June this year, and first the domain and then subsequently the underlying data server were both taken down separately, Evan Kohlmann of Flashpoint Partners said in an email late Monday.

The difference this time however is that al-Qaida now has an alternate secondary forum to distribute its propaganda and media, known as "Al-Fidaa". "In other words, shutting down Shamukh is still quite an annoyance, and it certainly causes jihadi webmasters headaches, but it hasn't had the same effect of gagging al-Qaida's media machine," said Kohlmann who has spent over a decade tracking al-Qaida and other terrorist organizations.

Al-Fidaa is not yet under attack, but it would be interesting to see if a similar electronic attack is launched against this forum as well.

The identity of the attackers is still not known, but it looks like someone launched a coordinated assault on the forum that was designed to cripple the whole system, Kohlmann said.

Typically, that's not the kind of thing that happens because of a lightning strike or a handful of people relying on a tool like LOIC (Low Orbit Ion Cannon), he added.

LOIC is a network stress-testing tool that floods sites with data, making them unable to serve legitimate visitors. This type of attack is called a distributed denial of service (DDoS) attack.

Kohlmann said in a Twitter message earlier on Monday that web domain names servicing Shamukh chat forum have come under apparent attack by unknown hostile parties. He later reported that the forum was "totally unreachable".

A threat to "cut the tongue" of U.S. TV host and comedian David Letterman was posted on the forum in August.

http://www.pcworld.com/businesscenter/article/240637/alqaidas_shamukh_chat_forum_under_attack_says_expert.html

Hacker Group Anonymous Vows To Destroy Facebook On November 5

Hacktivist group Anonymous, which has been responsible for cyber-attacks on the Pentagon, News Corp, and others, has vowed to destroy Facebook on November 5th (which should ring a bell).
Citing privacy concerns and the difficulty involved in deleting a Facebook account, Anonymous hopes to "kill Facebook," the "medium of communication [we] all so dearly adore."
This isn't the first time Anonymous has spoken out against social networks.
After Google removed Anonymous' Gmail and Google+ accounts, Anonymous pledged to create its own social network, called AnonPlus.
The full text of the announcement, made on YouTube and reported by Village Voice, is below:

Operation Facebook

DATE: November 5, 2011.

TARGET: https://facebook.com

Press:
Twitter : https://twitter.com/OP_Facebook
http://piratepad.net/YCPcpwrl09
Irc.Anonops.Li #OpFaceBook
Message:

Attention citizens of the world,

We wish to get your attention, hoping you heed the warnings as follows:
Your medium of communication you all so dearly adore will be destroyed. If you are a willing hacktivist or a guy who just wants to protect the freedom of information then join the cause and kill facebook for the sake of your own privacy.

Facebook has been selling information to government agencies and giving clandestine access to information security firms so that they can spy on people from all around the world. Some of these so-called whitehat infosec firms are working for authoritarian governments, such as those of Egypt and Syria. 

Everything you do on Facebook stays on Facebook regardless of your "privacy" settings, and deleting your account is impossible, even if you "delete" your account, all your personal info stays on Facebook and can be recovered at any time. Changing the privacy settings to make your Facebook account more "private" is also a delusion. Facebook knows more about you than your family. http://www.physorg.com/news170614271.htmlhttp://itgrunts.com/2010/10/07/facebook-steals-numbers-and-data-from-your-iph.... 

You cannot hide from the reality in which you, the people of the internet, live in. Facebook is the opposite of the Antisec cause. You are not safe from them nor from any government. One day you will look back on this and realise what we have done here is right, you will thank the rulers of the internet, we are not harming you but saving you.

The riots are underway. It is not a battle over the future of privacy and publicity. It is a battle for choice and informed consent. It's unfolding because people are being raped, tickled, molested, and confused into doing things where they don't understand the consequences. Facebook keeps saying that it gives users choices, but that is completely false. It gives users the illusion of and hides the details away from them "for their own good" while they then make millions off of you. When a service is "free," it really means they're making money off of you and your information.

Think for a while and prepare for a day that will go down in history. November 5 2011, #opfacebook . Engaged.

This is our world now. We exist without nationality, without religious bias. We have the right to not be surveilled, not be stalked, and not be used for profit. We have the right to not live as slaves.

We are anonymous
We are legion
We do not forgive
We do not forget
Expect us

http://www.businessinsider.com/anonymous-facebook-2011-8

Anonymous unsheathes new, potent attack weapon

Better DDoS attacks ahead

Members of Anonymous are developing a new attack tool as an alternative to the LOIC (Low Orbit Ion Cannon) DDoS utility.
The move follows a spate of arrests thought to be connected to use of the LOIC, which by default does nothing to hide a user's identity.

The new tool, dubbed RefRef, due to be released in September, uses a different approach to knocking out websites. LOIC floods a targeted site with TCP or UDP packets, a relatively unsophisticated yet effective approach, especially when thousands of users use the tool to join voluntary botnets.

RefRef, by contrast, is based on a more sophisticated application-level approach designed to tie up or crash the servers behind targeted websites instead of simply flooding them with junk traffic, according to a blog post on the development by an Anonymous-affiliated blog.
"Anonymous is developing a new DDoS tool," the post explains. "So far, what they have is something that is platform neutral, leveraging JavaScript and vulnerabilities within SQL to create a devastating impact on the targeted website."
RefRef, which uses a "target site's own processing power against itself" is undergoing field trials, with tests against Pastebin, the blog post by AnonOps Communications reports.
Arrests in UK, Spain and Turkey connected to LOIC-powered attacks have already prompted some core members of Anonymous to move towards using a new server and dropping LOIC in favour of other attack tools, such as Slow Loris and Keep-Dead DoS. This now seems to be purely a stop-gap measure while RefRef undergoes development.
LOIC was originally developed for network stress-testing, but later released into the public domain where, years later, it became a weapon of choice for hacktivists, most notably in the Operation Payback attacks against financial service organisations that blocked accounts controlled by Wikileaks last December following the controversial release of US diplomatic cables.
The problem with LOIC is that unless attacks are anonymised by routing them through networks, such as Tor, then users will be flinging junk packets that are stamped with their IP address at the targeted systems. These IP addresses can then be traced back to suspects by police.
Whether or not RefRef does a better job at anonymisation, by default, remains unclear but early experiments suggest that Anonymous is brewing a more potent attack tool. "Supposedly, the tool will DoS a targeted website with ease," Dancho Danchev, an independent cyber-threats analyst told El Reg. ®

Hackers attack 1,500 Vietnamese websites

 

Foreign hackers have attacked an estimated 1,500 Vietnamese websites, including the online forum for white-hat hackers, since early this month.

The list of hacked websites ranges from government sites to sites dealing with real estate and electronics. In the latest case, Kon Tum Province’s Department of Education and Training's website was disrupted on Wednesday.
On June 5, www.hvaonline.net, a popular forum for legitimate web security technicians (aka white-hat hackers) fell prey to a staunch attack.
The hackers allegedly deployed a Distributed Denial-of-Service attack (DDoS attack).
The website’s service provider announced that most of the hackers had Chinese IP addresses.
Shortly after the website was restored, on June 12, it was hit by another DoS attack.
The Vietnam National Oil and Gas Group (PetroVietnam)'s site, petrotimes.vn, and a website used by the Vietnamese Ministry of Foreign Affairs were also hacked.
IT experts said the DDoS attacks did not cause huge losses to Vietnamese websites because they could not change the content of the websites.
The hackers used the attacks just to show what they are capable of, they said.
According to commenters in a number of popular IT forums, a number of Vietnamese companies and agencies were poorly equipped to deal with the online assault. “Foreign hackers are launching organized and deliberate attacks on Vietnamese websites,” said Vo Do Thang, director of Athena Network Security Center in Ho Chi Minh City.

http://www.i-policy.org/2011/06/hackers-attack-1500-vietnamese-websites.html