Hacktivist Speaks Out About DDoS

Claims Attacks on U.S. Banks Not Backed by Iran
Hacktivist Speaks Out About DDoS

A self-described member of the hacktivist group Izz ad-Din al-Qassam Cyber Fighters says the group's recent attacks against 10 U.S. banks were not backed by the Iranian government, according to ABC News.

The hacktivist told ABC News that the group comprises computer-savvy volunteers who are only interested in protesting a YouTube movie trailer the group believes casts a negative light on Islam.

See Also: Gartner Market Guide for DFIR Retainer Services

"No government or organization is supporting us, and we do not wait for any support as well," the self-proclaimed member of the hacktivist group said in an e-mail to ABC News. "Do you think that the massive protests in the world are done with support? [In] the same manner [that] millions of Muslims in the world protested, hackers are also part of this protest."

The hacktivist also told ABC that Izz ad-Din al-Qassam was not involved in the August hack of Aramco, a Saudi oil firm, which involved the deletion of data from tens of thousands of computers.

Attacks on U.S. Banks

So far, Izz ad-Din al-Qassam has taken credit for distributed-denial-of-service attacks that have targeted Bank of America, JPMorgan Chase, Wells Fargo, PNC, U.S. Bank, CapitalOne, HSBC, SunTrust, Regions and BB&T.

In an Oct. 23 Pastebin post, the group announced it would stop its attacks in honor of Eid al-Adha, a three-day Muslim holiday. It also said it expected to grant one interview with a U.S. news organization before more attacks would be waged. Since then, the hacktivists have been quiet, until reaching out to ABC News.

The group claims it is targeting U.S. banks solely to get publicity for its protests against the video. But some security experts have questioned that motive, noting that DDoS attacks are often used as tools of distraction to perpetrate financial fraud (see DDoS Attacks: First Signs of Fraud?).

In mid-September, federal authorities warned U.S. banking institutions of fraud linked to DDoS. In a joint alert issued by the Federal Bureau of Investigation and the Financial Services Information Sharing and Analysis Center, authorities said DDoS attacks targeting financial institutions had been linked to account takeover incidents (see High Risk: What Alert Means to Banks).

On Oct. 31, Homeland Security Secretary Janet Napolitano told The Washington Post that "financial institutions are actively under attack."

When asked whether hackers are stealing information or money from banks, Napolitano answered, "yes," and then quickly added, "I really don't want to go into that per se. All I want to say is that there are active matters going on with financial institutions" (see What Caused Citi's Outage?).

Napolitano said the DHS was working with the financial-services industry, as well as other critical-infrastructure industries, to address known vulnerabilities.


About the Author

Tracy Kitten

Tracy Kitten

Former Director of Global Events Content and Executive Editor, BankInfoSecurity & CUInfoSecurity

Kitten was director of global events content and an executive editor at ISMG. A veteran journalist with more than 20 years of experience, she covered the financial sector for over 10 years. Before joining Information Security Media Group in 2010, she covered the financial self-service industry as the senior editor of ATMmarketplace, part of Networld Media. Kitten has been a regular speaker at domestic and international conferences, and was the keynote at ATMIA's U.S. and Canadian conferences in 2009. She has been quoted by CNN.com, ABC News, Bankrate.com and MSN Money.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.