Accessibility links

Breaking News

Anonymous Attacks PayPal, But This Time It's Different

The hacker collective Anonymous is taking on PayPal again, this time not with distributed denial of service (DDoS) attacks, but with a Twitter-powered boycott:
Anonymous, together with LulzSec, issued a press release Wednesday urging PayPal users to close their accounts immediately and consider an alternative. They pointed to PayPal's willingness to "fold to legislation" as proof that it doesn't deserve its customers and the business they give to the payments providers.
The new boycott, named #OpPayPal, comes after recent FBI arrests of Anonymous activists who took part in Operation Payback in December, which launched DDoS attacks against PayPal for its withdrawal of support for WikiLeaks.
Press coverage, for example in "The Raw Story" and in "The New York Times," has been rather sympathetic to Anonymous activists, portraying them either as ill-informed participants who were unaware of the seriousness of their actions, or modern-day Gandhis taking part in cyber sit-ins.

Kevin Poulsen in "Wired" has more info on how the FBI tracked down the activists. The feds reportedly worked from a list, provided by PayPal, of the 1,000 IP addresses "responsible for the most protest traffic during Anonymous’ DDoS attacks."

If the Anonymous activists really didn't believe taking part in a DDoS attacks would have any legal consequences, then it would challenge Anonymous's claim that they do everything they can to ensure that attack participants stay untraceable.
In an interview with ethical hacker Sam Bowne last week on Tangled Web, he made exactly that point: "What’s really going on here is there’s a group of people who are my age, in their 40s and 50s, a small group at the core, that are recruiting young children and using them as disposable weapons -- tricking them into doing attacks and then letting them go down. It really is morally deplorable," he said.

Bowne also challenged the idea that DDoS attacks were analogous to real-world sit-ins:
You stand up in public with your real name and you let the police arrest you for doing something like blocking traffic and then this causes a public examination of why you did that and whether your cause is important.

Whatever Anonymous's motives it's interesting to see their change of tactics this time around. While I'm not particularly sympathetic to their cause here in attacking PayPal, a Twitter-powered boycott of a company is a much more legitimate example of digital activism to my mind than DDoS attacks, which amount to little more than cyber-vandalism, analogous not to a sit-in, but to smashing up the store.
These more legitimate tactics, according to Anonymous, seem to be paying off, with 20,000 people reportedly closing their PayPal accounts.