[ISN] Bank Hackers Deny They˘re Agents of Iran

From: InfoSec News <alerts_at_private>
Date: Wed, 28 Nov 2012 02:46:32 -0600 (CST)
http://www.wired.com/dangerroom/2012/11/bank-hackers-deny-theyre-agents-of-iran/

By Noah Shachtman
Danger Room
Wired.com
11.27.12

A slew of American officials have blamed Iran for attacks on the servers 
of Bank of America, Well Fargo, HSBC, and other western banks. But the 
hackers taking credit for the sophisticated distributed 
denial-of-service strikes say that’s all wrong; they claim they hit the 
financial institutions because they were pissed off about “The Innocence 
of Muslims,” the infamous viral video making fun of the Prophet 
Muhammad. Tehran didn’t have a thing to do with it.

“We are not dependent on any government. We merely wanted to protest 
against the insulting movie,” people claiming to be part of the Izz 
ad-Din al-Qassam Cyber Fighters tell the Flashpoint Partners research 
group in an interview (.pdf).

There’s no telling if the denial is legitimate — or if the people being 
interviewed are behind the bank attacks at all. But the interviewees are 
dead on when they say that ”there are some ones who want to portray this 
action [the bank hacks] as political.” Shortly after the U.S. Defense 
Secretary talked about the bank jobs, unnamed American officials began 
whispering that they were the work of Iran.

The bank attacks this fall weren’t typical DDOS operations, which merely 
seek to overload servers with junk traffic. For one, they generated up 
to 100 gigabits per second of data — 10 to 20 times more than what it 
usually takes to knock a site offline. The attackers overwhelmed 
routers, servers, and server applications all at once; typical DDOSers 
target just one. They specifically targeted the banks’ Domain Name 
Server architecture, which translates website names (“cash.com”) into 
numerical internet-protocol addresses. And their traffic largely came 
from legitimate IP address, making it tough for the banks to filter. The 
websites for PNC Bank, Wells Fargo, Bank of America, and other 
institutions buckled in quick succession; customers had trouble 
transferring funds and paying bills online.

[...]


______________________________________________
Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
http://www.shopinfosecnews.org 
Received on Wed Nov 28 2012 - 00:46:32 PST

This archive was generated by hypermail 2.2.0 : Wed Nov 28 2012 - 00:57:07 PST