Posts tagged: SOPA

Jan 25 2012

Attackers Using DNS Poisoning to Hijack Domains, Divert Traffic

DNS PoisoningSeveral “activist hackers” appear to be using DNS poisoning and other attacks against the Domain Name System to divert users away from legitimate sites.

Instead of just launching distributed denial-of-service attacks, cyber-attackers have started hijacking domain names and redirecting traffic from legitimate sites to malicious ones.

The hacker group Anonymous recently managed to hijack the Domain Name System record for CBS.com and redirected all traffic to another Web server that displayed an empty directory structure. It appeared as if the contents of CBS.com had been wiped, but it was actually a different server altogether. CBS.com managed to regain control of its domain after the DNS poisoning attack.

A group of attackers called UGNazi, which may or may not have Anonymous sympathies, was behind a similar attack on the Website of the Ultimate Fighting Championship over the weekend. The UFC had supported the controversial Stop Online Piracy Act and Protect IP Act bills, which are now temporarily shelved in Congress. The same group hijacked two domains belonging to luxury handbag and leather goods retailer Coach and diverted the traffic.

“We arn’t done…not even close,” the attackers wrote on their Website. A short list of “targets” on the site explained the attacks were a result of the organizations’ support of SOPA.

Both Coach and UFC registered their domains through Network Solutions. It was evident the attackers had accessed Network Solutions’ domain management accounts. While it was unclear how they had done so, the cause is usually weak or compromised user passwords or a vulnerability in the registrar’s Website.

SOPA-related attacks continued this week and don’t appear to be abating. Anonymous attacked OnGuardOnline, a government-managed Website devoted to keeping users secure online. Some Anonymous members said the OnGuardOnline attack was in retaliation for SOPA and PIPA, as well as the proposed international agreement on combating online piracy, according to a message posted Jan. 23 on text-sharing site Pastebin,.

“If SOPA/PIPA/ACTA passes we will wage a relentless war against the corporate Internet, destroying dozens upon dozens of government and company Websites,” the message read.

Jan 19 2012

FBI Shuts Down Megaupload, Anonymous Shut Down FBI

Anonymous MaskHacktivist group Anonymous have compiled and published a dossier containing personal information about employees of the Motion Picture Association of America (MPAA) and US Democratic party leaders and their families.

The hacking group released a document listing the websites they planned to attack along with the names of US Democratic Party leaders and MPAA employees and their families.

The details included property values, work and home phone numbers and addresses as well as the names, ages and schools of the member’s children.

The group – who go by @YourAnonNews on Twitter – took credit for shutting down the Bureau’s official website FBI.gov earlier today, which as of 4.25pm AEST continues to display an error message.

They said the attack is in retaliation for the FBI shutting down popular file-sharing website Megaupload.com and charging the founders for online piracy.

Megaupload Limited and sister company Vestor Limited generated “more than $175 million in criminal proceeds” and caused “more than half a billion dollars in harm to copyright owners” through the piracy of “numerous types of copyrighted works,” the US Justice Department and FBI said in a joint statement.

The founder of the file-sharing websites 37-year-old Kim Schmitz, also known as Kim Dotcom and three others faced a New Zealand court today and said the group had “nothing to hide”.

But Anonymous hit back shutting down the websites of the US Department of Justice and Universal Music Group.

“The government takes down #Megaupload? 15 minutes later #Anonymous takes down government & record label sites,” they wrote on Twitter.

“We Anonymous are launching our largest attack ever on government and music industry sites. Lulz. The FBI didn’t think they would get away with this did they? They should have expected us,” they wrote on website Pastebin.

New Zealand’s police website police.govt.nz has also allegedly been targeted by the group after as Dotcom, Batato and two others were arrested in Auckland by New Zealand authorities carrying out warrants on behalf of the US for pirate material.

Jan 02 2012

Hackers Launching Own Satellite to Combat Internet Censorship

Hackers SatelliteThe threat of Internet censorship has spurred some to seek refuge in space. Hackers at the Chaos Computer Club’s Chaos Communication Congress in Berlin this year proposed an initiative called the Hackerspace Global Grid (HGG), which aims to create and freely make available satellite based communication as a fallback or to bypass stuffy legislation.

The bunch of “hobbyist hackers, tinkerers and part time scientists” are predominantly based in Stuttgart, Germany. They want to keep their freedoms safe from threats like the proposed Stop Online Piracy Act (SOPA), by creating an “uncensorable Internet in space”. The project builds off of an earlier idea by Nick Farr in August for a Hacker Space Program.

The BBC interviewed 26-year-old Armin Bauer from Stuttgart who is working on the communications infrastructure for the project with his team. Bauer is currently working with Constellation, which is a platform that uses Internet-connected computers for aeropsace related research. The team is developing an idea for a network of low-cost ground stations for when the project gets those low-orbit satellites up there. The stations would be there to pinpoint satellites and facilitate sending data back to earth.

Bauer said, “It’s kind of a reverse GPS. GPS uses satellites to calculate where we are, and this tells us where the satellites are. We would use GPS coordinates but also improve on them by using fixed sites in precisely-known locations.”
Three prototypes are in development, and the team hopes to have them in place in the early half of 2012. Prices for individual ground stations will be 100 euros ($129). The team is exploring other sources for time and position data such as Galileo, GLONASS and ground-based surveying, but they are starting with GPS because it is simple and reasonably priced.

As the project is in the early stages, the hackers stress that they will have to deal with problems as they occur. “We’re trying to concentrate on reasons why this will work, not why it won’t,” they say on the HGG page.

Dec 20 2011

DeSopa – DNS Evasion to Stop Oppressive Policy in America

DeSopa Firefox AddOnPowerful special interests are attempting to force legislation for tighter control of the Internet, because they believe such legislation will preserve their power. The bill they have sponsored, SOPA (Stop Online Piracy Act), not only has severe consequences for the Internet, it doesn’t even achieve their objectives.

The internet creates market efficiencies that forces industries to adapt, thus pushing forward progress for humanity as a whole. Public freedoms should not be curtailed and the Internet, built by the masses, should not be destroyed, so that a powerful few may have a false sense of security that their business models are sustainable without technological evolution.

This program is a proof of concept that SOPA will not help prevent piracy. The program, implemented as a Firefox extension, simply contacts offshore domain name resolution services to obtain the IP address for any desired website, and accesses those websites directly via IP. Similar offshore resolution services will eventually maintain their own cache of websites, without blacklisting, in order to meet the demand created by SOPA.

If SOPA is implemented, thousands of similar and more innovative programs and services will sprout up to provide access to the websites that people frequent. SOPA is a mistake. It does not even technically help solve the underlying problem, as this software illustrates. What it will do is give undue leverage to predatory organizations, cripple innocent third party websites, severely dampen digital innovation and negatively impact the integrity and security of the Internet.

Please bring this to the attention of congressmen responsible for voting on SOPA. SOPA will not technically achieve its stated objectives. Anyone voting in favor of it is morally responsible for destroying the freedoms, innovation, hard work and aspirations of many.

HOW TO USE
– Enable the Status/Add-on bar if it is not enabled (View->Toolbars->Add-on bar)
– Click on the light blue DeSopa button in the Status/Add-on bar, at the bottom of the browser window, to access websites by IP.
– Click the green DeSopa button to switch back to DNS resolution.

KNOWN LIMITATIONS
– Can only resolve tabs one at a time.
– First time resolution is a bit slow because three services are checked serially and compared. This may be done in parallel in the future, or a trusted single source may be used.

HOW IT WORKS
When turned on, DeSopa intercepts URLs, sends the base URL to three offshore DNS services via HTTP, makes a best effort to check that two of them are equivalent, caches the IP for the browser session, redirects to the equivalent URL using the IP, and substitutes out the domain name in the source code with the IP address for future requests.

Add to Firefox: DeSopa 1.2