Anonymous - Group of hackers

Are hackers really so good that they can put a halt on the New York Stock Exchange?

http://abcnews.go.com/Technology/anonymous-hackers-threaten-erase-york-stock-exchange-site/story?id=14705072

It is said that they already have for a minute or two, although I lost the link.

They also have made a threat to end Facebook next month, I wonder how they could do that as all of their hacks have been just flooding the servers.

http://articles.businessinsider.com/2011-08-09/tech/30015171_1_privacy-settings-facebook-account-privacy-concerns

They have a decent size list of attacks already made, they tend to always have a reason too, which sort of provides a scare. Although they did fail at trying to attack amazon. http://www.computerworld.com/s/article/9200639/Anonymous_attack_on_Amazon.com_appears_to_fail

How in hell do they remain anonymous? Do they have their own ISP or something?

Perhaps this belongs in GQ but I just want to hear peoples thoughts about it…

There’s a big difference between a website for use by the public and the internal network of the stock exchange. Taking down the website would be a yawn. Doing anything to affect the network that handles trades would have enormous implications, but luckily they are unlikely to succeed.

As for remaining anonymous, many of them actually are found. There’s pretty easy ways around it. Simply by using an open WiFi network, they can effectively remain anonymous. That’s as easy as going to McDonalds or Starbucks. More complex, they take control of other peoples computers and do their nefarious deeds that way. So they send an instruction to Hijacked computer 1, which tells Hijacked computer 2, which tells 3, all the way to thousands. Tracing back through that is virtually impossible.

Obligatory xkcd link.

Thanks.

Sorry Miller, Treis beat you by 7 minutes… Awesome website though :\

I’ve been reading a little bit about this.

Anonymous hacks are mostly DDos attacks and I read that in order to perform one successfully, the hackers internet speed has to be higher than that of server they are attacking. For them to attack big name sites using a McDonalds wifi wouldn’t make sense if correct.

Also, could you explain hijacked computer to me? Are they doing some type of remote desktop with strangers computers or are they behind the scenes? Do they actually use a hijacked computer’s internet connection while using their own commands at home? Also, how is it not traceable even with thousands of hi-jacked computers? Doesn’t it all have to originate from one or two IP addresses? I’m guessing it might be possible to be seen as just a pool of IP’s but I always thought connections were ran in straight lines & branches…

Hijacked computers are those that are infected with a virus. This virus allows the hackers to control parts of the computer. It isn’t quite a remote desktop. More like they can receive a certain set of instructions, and can complete certain actions.

In the case of denial of service attacks, they potentially have millions of these computers. Websites like the CIA or NYSE are built to handle maybe a thousand simultaneous users. So when a hacker controls a million computers, he can direct them at the NYSE and send a load 1,000 times higher than the site is designed for. This typically makes the site crash.

So if you’re a site looking to find the hacker that did this to you, yes you can get those IPs. You can then go to that person’s ISP and see their traffic. So as you say, it is just branches and lines. The problem is, if the hacker bounced his commands through 1,000 hijacked computers, you have to follow a thousand lines back. That’s extremely time consuming and difficult. You have to pull logs for all of those computers. That data might not be retained, or you might not have access to it. For example, if you’re an American company, and your following a line that ends up in Iran, what can you do? You can’t get more information to follow the line to the next computer.

Okay thanks.

I’m guessing sending commands to thousands and millions of computers doesn’t rely on a large server. In other words, anonymous could have easily slowed down NYSE website from one computer using maybe Charters internet connection.

Honestly it doesn’t seem worth it in the end. I guess since “Anonymous” are hacktivist that there really isn’t any personal benefit aside from proving a small point.

Businesses though could take a hit if they aren’t as large and set up correctly as Amazon is. They attempted to attack amazon because they released Wikileaks from using their servers.

I bet they have commands though that they could use to retrieve personal information off some of those hijacked computers if they wanted to. This web isn’t safe and the majority of people couldn’t understand what safe is unless they knew the ins & outs.

Correct me if I’m wrong but can’t virus scanners only detect was is known to them and added into a database? Isn’t it most likely very easy to create a hijacking worm or virus that doesn’t get picked up by anything as long as it isn’t distributed to a large crowd? I’m sure an unpopular torrent would do the trick if this was the case.

DDoS attacks are usually coordinated by multiple attackers, although a single attacker could do it if they had a botnet under their control. Botnet=a group of poorly-secured computers that you’ve infected with a virus, who will all DDoS a site at the same time if you tell them to.

A botnet is usually composed of the computers of tech-unsavvy people, or often businesses with lax antivirus detection (or purely reactive tactics, where they’ll clean a virus when one is reported, but they don’t run active scanners). A good botnet virus won’t do anything to alert the end user that they have an infection, it’ll just use more system resources and bog their connection down slowly over time.

Ten years ago taking down the NYSE’s trading system would have completely screwed up trading in NYSE listed stocks. Now? Not so much. There are literally dozens of other venues through which trades can be matched. Brokerages would simply route their orders through other exchanges/electronic networks.

Most open sources of Wifi have detection devices that will shut off any suspicious behavior they see. I get that from time to time using the Chicago Public Library. It’ll kick me out and say I did something that could be considered illegal. What I don’t know?

Wifi is also fairly slow, and there are ways of tracing you even with open hot spots. The thing is, it can be painfully slow to trace you, so why bother.

Just get Linux and it’s fairly easy to hack into your neighbors Wifi. But as treis pointed out a hijacked computer would be better. You could hijack it and then hold off using if for a year. The further distance from the hijack time the more difficult it is to trace it.