It will take time
Eventually these hackers will go to prison. It's just a matter of time.
Mastercard is feeling the wrath of the internet this afternoon - its website and at least part of its payment systems have apparently been brought down by a denial of service attack. The credit card company is being typically cryptic - its most recent statement said only that it is "is experiencing heavy traffic on its …
I expect them to simply defend by saying "My PC is a zombie working for a botnet", which in fact might actually be true, as some of the attacks use LCDS, which amounts to "voluntary botnet". And most of these guys are probably using botnets anyway; if the authorities haven't been able to get the ones actually doing scams or pushing penis pills, how would they be able to get a bunch of teens doing it for the lulz?
>>"I expect them to simply defend by saying "My PC is a zombie working for a botnet", which in fact might actually be true, as some of the attacks use LCDS, which amounts to "voluntary botnet"."
That *might* work.
Unless, of course, their [seized] PC has any kind of trail leading to 4chan, or someone does a bit of pre-snooping on their net connection before calling round at their house, or there are already records of them having joined in previous attacks.
If may well be that the chances of any individual being caught are low, though I'd suspect that if even a handful of people were done for participation in an attack, that might significantly reduce everyone else's keenness to join in next time.
Especially if there may well be records hanging around from previous times.
>>"...if the authorities haven't been able to get the ones actually doing scams or pushing penis pills, how would they be able to get a bunch of teens doing it for the lulz?"
Maybe the authorities would actually care more if big businesses actually did get meaningfully inconvenienced.
And presumably with the various scams, they're generally run via proper botnets on innocent people's PCs (not generally worth tracking down), rather than involving people reckless enough to do things from their own home.
1) The ones doing scams and pushing penis pills are at least half-bright; and
2) The teens doing it for the lulz really aren't.
I don't know about this LCDS thing I haven't been able to dig up a copy of yet, but LOIC doesn't even have a clue about the existence of such things as proxies, which means anyone who wants to find its users need do no more than turn 'netstat' output into a list of subpoenas, and the US ISP which will do anything with a subpoena other than immediately comply has yet to come into existence.
And if you downloaded a copy of LOIC, figured out how to use it, and did so, then you're going to have a hell of a time making the "OMG zombie" argument -- DAs might be ignorant, okay, but they can hire professionals to be not-ignorant for them.
Except that the logs will show they downloaded the software which turned their machines into a slave. It may simply be that their connections will not work one day and that they will be black listed. Understandable. If they assist a man and organisation who are publishing stolen secrets they can expect this.
they aren't hackers. they just download a tool like Low orbit ion canon. and point it at the website.
but there are in the order of 1000 people taking part in the attack. i find it hard to believe that that many people are going to pokey.
personally i think it serves mastercard right. freedom has a price. who are they to tell me to whom i can donate my money????????
"Eventually these hackers will go to prison. It's just a matter of time."
A couple of road bumps in this theory;
1. The 20 PC's in National Police E-Crime Unit have more important things to worry about (e.g. multi-million crimes that are funding terrorism, org crime, etc.)
2. The number of CMA90 charges raised by the police in the last 20 years are next to naff all, i.e. they can't catch computer criminals
3. The number of convictions managed by CPS on computer cases is laughable, as they regularly mess up evidence collection and presentation
4. Even if somehow they get there men this time!, you still have to convince a jury to convict, and as the BAE Hawk criminal damage trial shows, Jury's can have a mind of their own regardless of any iron clad evidence.
So whilst we wish you where right in your assumption that UK Plod can catch them, I will be highly surprised if they do.
.
>>"So whilst we wish you where right in your assumption that UK Plod can catch them, I will be highly surprised if they do."
There are more plods in the world than just the UK ones.
I'm sure there are people in the USA happy to make an example out of a few misguided youths, or to grab an adult they can portray as a dangerous anarchist leading their poor kids astray.
sorry but to be honest just attacking the website is worthless. if one thought it through the company should had been attacked where it gets its money from. namely point of sale or application proccess which are worth few mill a day and then some. after that constant attacks on record keeping both physical as well as electronic. but hey its too much to do and away from the keyboard which will require *gasp* doing some physical excercise. but hey it is common sense and goals are too hard so we can all just have a good laugh over useless gestures.
This is going to cost Mastercard hard cash.
It may well cost Visa and Master card a lot more. They have exploited their duopoly for US political interests, demonstrating that they are under the control of the US government. Wikileaks, for all its dubious nature, is not illegal and its processing company has already complained about this. Never mind a independent GPS system, Europe needs a credit card payment system outside the control of the US government (China, I notice , already does - UnionPay).
Merchant processors and merchants worldwide are reporting inability to access MasterCard's web gateways for accounts management, dispute/arbitration submission, et cetera -- a lot of administrative processes which will be held up a day or two, until the /b/tards get bored and wander away to dribble all over something else for a while.
This is not at all the same thing as MasterCards not working when they're swiped through POS terminals. If that were what was going on, the whole damn world would be screaming its head off, and half the /b/tards would already have been v& because they're mostly too stupid to know what proxies are for.
Well I for one am well fucked off. Had to abandon a long and utterly tedious purchase of xmas pressies from an overseas company when my transaction couldn't be processed.
As it's always the last step this was especially irritating. Bunch of scrotes.
Anon to prevent being added to the list of targets, natch.
It's in the news, which means that the story that MC blocked wiki is also in the news which means people are talking about whether the US government leans on international companies for it's own political reasons.
Which is worthwhile - but don't worry there will be another royal wedding or popidol winner along in a moment to restore the news cycle.
They would have been wiser to have kept their noses out.
Wikileaks has not been proven to have broken any laws in the U.S. yet..
They are also going to be sued by the Icelandic payment company Datacell for freezing these transactions:
http://www.datacell.com/news.php
They deserve all they get for bowing down to fascist political pressure.
anonymous of course, because it is the theme of the day..
US government secrets are being released by Wikileaks. It makes sense for any organisation or group of individuals so attacked to self defend. Anyone expecting or exhorting otherwise is either not thinking very efficiently or engaging in duplicity and bad rhetoric. If you pinch a rat's tail it will bite.
No. US government secrets are being made public by Wikileaks. They have been indiscriminately released to over 3 million people by the US. What are the odds that foreign governments haven't had much of this information for months or years? Should one small cog be able to grab so much without someone asking why until after it is made public? If you *can* pinch a rat's tail then more fool it for letting you.
This must be some new definition of the word 'theft' that is not in the sophisticated dictionary. No, the data were stolen, are the property of various governments, and those who stole them will suffer the consequences, ditto those self appointed exhibitionists currently parading them. It's inevitable, no matter what sophistry you attempt to employ, and it is going to hit some pretty silly people hard, in the face. The amusing thing is that there is practically no government they have not annoyed. Thus most governments in the world have cause to smack them hard.
As I said before, I have ordered the popcorn. For the next few weeks and months it is going to be a matter of 'with a magazine of x rounds watch and shoot, watch and shoot'. The longer it goes on, the more damage they do, the more severe the retaliation. A frigging child could work that out, though evidently you have not.
Certainly not the property of Assange et al., plus there are certain things that a state keeps secret in the cause of defence and security. There a lot of citizens bright enough to understand the concept of security. For example, at this precise moment the UK is being targeted by large numbers of Russian spies. This is being countered, that is to say the property of the nation, its classified information, is being kept out of their hands.
I suspect this is why the UK public were less inclined to swallow some of Blair's more ridiculous spewings after 9/11. We already had a number of professional and experienced terrorist groups working in the UK, the IRA for a start, who were funded at least in part from US Irish immigrants, and people were less inclined to surrender any more liberties because a bunch of badly trained ad-hoc groups of not terribly deep thinkers.
The 7/7 bomb was a tradegy, with 52 deaths (I'm not counting the 4 suicide bombers like the Wikipedia article does, cos thats stupid), however, the IRA was regularly killing hundreds of people a year in the 70's and early 80's.
I remember then 7/7 happened, certain idiots in the US were saying "Well now they know what its like".
Amusing, because 9/11 happened, I remember people where i used to live in warrington were saying something not entirely dissimilar.
I do often wonder if it's really anon that took the site down or if it's all the news articles about the attack prompting people to go and check if it's still up.
i've been to the site a dozen times today and i've never been there before. i can't be the only one.
either way funny.
I have also been trying all afternoon to get on to their site - just to see if the reports of it "Mastercard is experiencing heavy traffic on its external corporate website - Mastercard.com - but this remains accessible."
I've been trying from at least 10 offices all day - hitting refresh constantly just to see if the site really is available.... so far no luck :-(
They deserve every bit of this -- why should Mastercard be deciding who we donate money to?
Anyway their 3-D secure system is utter rubbish..i have to reset my password for it every time I use it and often just abandon any online purchases once faced with it.
Nice, A DDoS attack that is probably improving bank security by taking 3D Secure offline.
If confused, have a read of the paper by Ross Anderson, et al below;
Veri ed by Visa and MasterCard SecureCode: or, How Not to Design Authentication
www.cl.cam.ac.uk/~rja14/Papers/fc10vbvsecurecode.pdf
These guys are really going to garner public support for wikileaks by pissing off people trying to do Christmas shopping.
Even if MC/Paypap/whoever -deserve- to be hit, it's short-sighted and counterproductive to attack them. It just gives more ammo to people who want to cast wikileaks as a criminal (or at least complicit) organization. Well done, Anonymous - you've handed you enemies a victory on a silver platter!
Please be advised that MasterCard SecureCode Support has detected a service disruption to the MasterCard Directory Server. The Directory Server service has been failed over to a secondary site however customers may still be experiencing intermittent connectivity issues. More information on the estimated time of recovery will be shared in due course.