#OpMegaupload, a reaction by the hacktivists group Anonymous to a strict takedown of file-sharing site Megaupload (and the arrest of employees) on piracy charges, has been pretty successful in disabling the websites of the Department of Justice, the MPAA, the RIAA and others.
Partly carried out via Twitter messages, this new effort by Anonymous is only superficially similar to previous distributed denial of service (DDoS) attacks that Anonymous has carried out to punish its targets. It’s emerged that many of the attacks are being triggered by average Joe Internet users who merely click on a weblink, unaware that the action then activates code that tries to swamp a website with too much traffic.
Previous Anonymous DDoS attacks have used tools like the group’s so-called Low Orbit Ion Cannon (that’s a Wikipedia link, not the code itself), which is a piece of software that volunteer hacktivists download to their PCs and choose to run, whereby it then starts blasting the target website with traffic. But the people behind the new campaign are either keen to achieve a more potent attack technique, or are hedging against the fact that Anonymous volunteers have been tracked down through the LOIC tool. By masking the DDoS system in an otherwise innocuous weblink, Anonymous may be ensuring many more people take part–even if they do so inadvertantly, or without realizing the implications of what they’re doing.
This maneuver, some may say “trick,” may be a very clever move as it means the blame for the DDoS is diluted across many more people. And though taking part in a DDoS attack is a criminal offense in some places there’s likely to be a massively sticky legal situation if the authorities succeed in tracking many unwitting offenders. It also means you should be extra-careful when clinking on suspicious links on Twitter, in emails, on other social networks for the time being, even if they appear to come from friends.
[Image: Flickr user think anonymous]