Hacktivist Speaks Out About DDoSClaims Attacks on U.S. Banks Not Backed by Iran
A self-described member of the hacktivist group Izz ad-Din al-Qassam Cyber Fighters says the group's recent attacks against 10 U.S. banks were not backed by the Iranian government, according to ABC News.
The hacktivist told ABC News that the group comprises computer-savvy volunteers who are only interested in protesting a YouTube movie trailer the group believes casts a negative light on Islam.
See Also: Online Retailers at Increased Risk
"No government or organization is supporting us, and we do not wait for any support as well," the self-proclaimed member of the hacktivist group said in an e-mail to ABC News. "Do you think that the massive protests in the world are done with support? [In] the same manner [that] millions of Muslims in the world protested, hackers are also part of this protest."
The hacktivist also told ABC that Izz ad-Din al-Qassam was not involved in the August hack of Aramco, a Saudi oil firm, which involved the deletion of data from tens of thousands of computers.
Attacks on U.S. Banks
So far, Izz ad-Din al-Qassam has taken credit for distributed-denial-of-service attacks that have targeted Bank of America, JPMorgan Chase, Wells Fargo, PNC, U.S. Bank, CapitalOne, HSBC, SunTrust, Regions and BB&T.
In an Oct. 23 Pastebin post, the group announced it would stop its attacks in honor of Eid al-Adha, a three-day Muslim holiday. It also said it expected to grant one interview with a U.S. news organization before more attacks would be waged. Since then, the hacktivists have been quiet, until reaching out to ABC News.
The group claims it is targeting U.S. banks solely to get publicity for its protests against the video. But some security experts have questioned that motive, noting that DDoS attacks are often used as tools of distraction to perpetrate financial fraud (see DDoS Attacks: First Signs of Fraud?).
In mid-September, federal authorities warned U.S. banking institutions of fraud linked to DDoS. In a joint alert issued by the Federal Bureau of Investigation and the Financial Services Information Sharing and Analysis Center, authorities said DDoS attacks targeting financial institutions had been linked to account takeover incidents (see High Risk: What Alert Means to Banks).
On Oct. 31, Homeland Security Secretary Janet Napolitano told The Washington Post that "financial institutions are actively under attack."
When asked whether hackers are stealing information or money from banks, Napolitano answered, "yes," and then quickly added, "I really don't want to go into that per se. All I want to say is that there are active matters going on with financial institutions" (see What Caused Citi's Outage?).
Napolitano said the DHS was working with the financial-services industry, as well as other critical-infrastructure industries, to address known vulnerabilities.