Major world events, hacktivism and #OpOlympicHacking
Everyone who tracks Internet attacks will confirm: activists who have adopted hacker methods — hacktivists — who receive approval from certain groups of people whose interests are infringed, can make a significant impact on the online business. By searching for the tags #OpISIS, #OpParis, #OpMonsanto, #OpWhales, #OpKillingBay, #OpKKK and #OpTrump you can easily get an idea of the breadth of interests of hacktivists. Any event widely reported by the press immediately attracts their attention. The just-concluded Olympiad was no exception - a large number of scandals riveted the views of millions of fans, intruders, terrorists and hacktivists to the main sporting event. And the recent terrorist attacks in Belgium, France and other countries, as well as memorable events at the 1972 Olympic Games in Munich and 1996 in Atlanta , caused a lot of concern about the peaceful conduct of the "yesterday's" Olympics.
The arrests of suspected terrorist attacks at the 2016 Olympics.
In addition to physical threats to people and organizations involved in various events, not just the Olympics, the threat of powerful cyber attacks is growing every year.
')
In recent years, hacktivists are increasingly arranging their actions, trying to draw public attention to certain issues. There are many groups of hacktivists, one of the largest and most famous is Anonymous . As examples of the operations carried out by them it is possible to give:
- #OpNice (Operation “Nice”), in which they “hunted” members of the terrorist group responsible for the attack on the French city and killed about a hundred people;
- #OpKKK (Operation “Ku Klux Klan”), in which the names of approximately 1,000 members of the Ku Klux Klan and affiliated organizations were made public;
- #OpIcarus (Operation “Icarus”), conducted to block banking sites;
- #OpWhales (Operation “Whales”), conducted against Icelandic and Japanese websites as a protest against the extermination of whales.
And a few months before the start of the Olympics in Rio, Anonymous announced the #OpOlympicHacking operation.
Motivation
The #OpOlympicHacking operation is based on social motivation, as is the case with the #OpWorldCup operation launched by Anonymous in the same Brazil during the 2014 FIFA World Cup. The various government organizations targeted the operation, thus hacktivists protested against holding the championship in Brazil.
As for #OpOlympicHacking, Anonymous published the following proclamation :
“Hello, Rio de Janeiro. We know that many of you understand the harm the Olympic Games are doing to this city. The media sells the illusion that the entire population welcomes visiting tourists from all over the world, many of whom are attracted to prostitution and drugs at bargain prices. This fake happiness hides the blood shed in the suburbs, mostly in slums, thanks to countless police and military raids on the pretext of a fictional war. Poverty engulfs the city, forcing entire families to leave their homes and familiar neighborhoods due to rising rental prices or demolitions conducted by corrupt officials in favor of construction companies. We have already announced our refusal to hold mega-events in the midst of blatant social inequality in this country. But despite the numerous words, calls and protests on the streets (always or under the control of the security forces, or roughly dispersed), the government continues to ignore the voices of its people. Therefore, we will continue our operations in order to reveal to the world numerous instances of arbitrariness on the part of officials and, consequently, enemies of their populations. ”
Also two videos were published in which they called to join #OpOlympicHacking:
Operation
Anonymous refers to itself as an “online meeting” with “a very free and decentralized management structure that is based on ideas, not directives.” The #OpOlympicHacking operation was coordinated by the Anonymous Brasil cell via Twitter, Facebook, Youtube and IRC channels. All these information channels were used to manage DDoS attacks against specific targets, as well as to inform about the results of previous attacks and campaigns.
Coordinating transactions in a Twitter-account Anonymous Brasil.
In addition to coordinating DDoS attacks, the mentioned sites are used to discuss and encourage participants to search for vulnerabilities on the victim resources.
IRC channel #OpOlympicHacking.
DDoS tool ("opolympddos")
Especially for the operation #OpOlympicHacking, a software tool was created for conducting DDoS attacks.
This tool is known as opolympddos. It is a set of executable files (representing VB .NET and Python scripts converted to Windows under Windows), as well as batch files. opolympddos allows everyone to take part in DDoS attacks, for which you need to install TOR and click on a pre-configured button tied to a specific target. After that, a DDoS attack is launched at the application level : a stable connection is established and HTTP requests are sent with random data and user agents.
Other DDoS Tools
There is evidence that other DDoS-tools distributed to #OpOlympicHacking were distributed to hacktivists. Archive containing a set of "hacker tools". This is not a set of new tools:
| File | Compile time | Description |
|---|---|---|
| Anonymous External Attack.exe | 03/22/12 11:54 | Tool for HTTP attacks. 26 antiviruses rate it as “HackerTool” |
| Bull-dosa.exe | 05/11/11 05:59 | DOS tool. 21 antiviruses rate it as “HackerTool” |
| Fireflood.exe | 01/21/12 10:03 PM | DOS tool. Probably a tool against virtualization. |
| LOIC.exe | 13/12/14 07:09 | DOS tool with tracking users through Google Analytics. |
| LOIC 2013.exe | 05/01/13 07:58 | |
| MacStartx User Attack [tiger] .exe | 10/26/13 6:14 AM | The tool is offered on the BR-forum: hxxp: //www.connect-trojan.net/2014/08/macstartx-user-attack-tiger-v461.html |
LOIC tool.
The httpdoser Python script distributed on the #OpOlympicHacking Facebook page.
Goals
Anonymous leaders distributed a list of potential targets with the help of posts in Pastebin. In general, the targets of the #OpOlympicHacking operation were organizations related to scandalous rumors regarding the organization and holding of the Olympics.
Attacks
Several websites have undergone DDoS and DoX attacks. According to Anonymous reports, sites were laid out that are related to national and local government and sports organizations.
In addition, Anonymous claims that they managed to steal important data belonging to a number of organizations and individuals related to the Olympic Games.
Conclusion
The power and frequency of attacks during the Olympics were lower than predicted by RSA experts. Most of the attacks were associated with DDoS activity, performed at a rather low technical level and had limited long-term consequences. At the end of the Olympics, the intensity dropped sharply, and we can expect another surge during the next major international event.
Source: https://habr.com/ru/post/308334/
All Articles