Anonymous launches 'Operation Global Blackout', aims to DDoS the Root Internet servers

Anonymous launches 'Operation Global Blackout', aims to DDoS the Root Internet servers

Summary: The Anonymous hacktivist movement is planning to launch a distributed denial of service attack (DDoS) on the Internet's root DNS servers, using a Reflective DNS Amplification DDoS tool.

SHARE:
TOPICS: Browser, Security
68

According to a note left by members of the Anonymous hacktivist movement on Pastebin.com, the group is planning to launch a distributed denial of service attack (DDoS) on the Internet's root DNS servers, using a Reflective DNS Amplification DDoS tool specifically created for 'Operation Global Blackout'.

More details:

We have compiled a Reflective DNS Amplification DDoS tool to be used for this attack. It is based on AntiSec's DHN, contains a few bug fix, a different dns list/target support and is a bit stripped down for speed.

The principle is simple; a flaw that uses forged UDP packets is to be used to trigger a rush of DNS queries all redirected and reflected to those 13 IPs. The flaw is as follow; since the UDP protocol allows it,we can change the source IP of the sender to our target, thus spoofing the source of the DNS query.The DNS server will then respond to that query by sending the answer to the spoofed IP. Since the answer is always bigger than the query, the DNS answers will then flood the target ip. It is called an amplified because we can use small packets to generate large traffic. It is called reflective because we will not send the queries to the root name servers,instead, we will use a list of known vulnerable DNS servers which will attack the root servers for us.

Since the attack will be using static IP addresses, it will not rely on name server resolution, thus enabling us to keep the attack up even while the Internet is down. The very fact that nobody will be able to make new requests to use the Internet will slow down those who will try to stop the attack. It may only lasts one hour, maybe more, maybe even a few days. No matter what, it will be global. It will be known.

Based on a message update issued by Anonymous, the group has said that it still has the capability to target the Root Internet Servers.

Despite the fact that current Internet infrastructure allows the execution of DNS amplification attacks, the Anonymous hacktivist movement is surely lacking the capabilities to execute such an attack, despite the high number of recruited users that may be participating in the attack.

For the time being, the Low Orbit Ion Cannon (LOIC) ICMP flooder, and the RefRef web script remain the primary attack tools used by the Anonymous hacktivist collective.

Learn more about DNS Amplification attacks, what they are, how they work, and how can Internet Service Providers mitigate the threat posed by them.

Topics: Browser, Security

Dancho Danchev

About Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

68 comments
Log in or register to join the discussion
  • Anonymous suck

    Scourge of the earth, right there with Assad.
    People
    • were you breastfeed?

      just saying..
      goteamgo
  • RE: Anonymous launches 'Operation Global Blackout', aims to DDoS the Root Internet servers

    Any word on what's motivating them to do this?
    Aerowind
    • Media attention

      @Aerowind

      They're no different then your typical vandals that break mailboxs and car windows. They feel a sense of empowerment, even though nobody knows their names.

      They watch it on the news telling themselves "I'm so cool"
      William Farrel
      • RE: Anonymous launches 'Operation Global Blackout', aims to DDoS the Root Internet servers

        @William Farrel no different...........except the fact that mailboxes cost $20 and these guys are doing millions of dollars of damage. At some point I would imagaine they are going to piss off the wrong people and bad things are going to happen. They better quit while they are ahead.
        mepallow
    • RE: Anonymous launches 'Operation Global Blackout', aims to DDoS the Root Internet servers

      @Aerowind If you would have clicked on the pastebin link and read the actual note from Anonymous, you would've seen it's an anti-SOPA anti-Wall Street protest.
      xamountofwords
      • @Xamounto

        Who cares why? They are trying to shutdown ROOT servers! That has nothing to do with SOPA or Wall Street! These guys are crooks! I don't like a lot of things in this world but I am not going to go hack their website or throw a rock thru their windows. You don't see PETA Hacking the NRA or any other group for that matter. Who do these losers think they are? They don't speek for me! They are are a lot of other ways to protest!
        mrgeek33
    • yup

      squeeze cheese

      and because they CAN, and there isn't squat can be done about it
      goteamgo
      • @Gote

        Really, Well I think you are an Idiot so should I come over and spay paint your house because I can and there is nothing you can do about it? God that was a dumb reason!
        mrgeek33
  • Why would they do that?

    They will just make lots of people angry at them, and it would not help their cause.
    bmeacham98@...
    • RE: Anonymous launches 'Operation Global Blackout', aims to DDoS the Root Internet servers

      @bmeacham98@... What cause? It's all just ego.
      timspublic1@...
      • RE: Anonymous launches 'Operation Global Blackout', aims to DDoS the Root Internet servers

        @timspublic1@... Pretty much.

        Sometimes they give people, er, corporations what they full well deserve (Sony and the MAFIAA group, as well as some members of this group demolishing that Tor CP repository which was probably the most good they've done though not intending to do 'good'); but otherwise it's just garbage "Ops" that they run around doing just because.

        I doubt that this will succeed, though; mainly because of caching and other stuff that local (and company) DNS servers do while the attack, if it is indeed enough to knock the core around- though you can't cache it all.

        I think they'd do a better job demolishing, say, Iran's infrastructure than our own, though; if you're going to destroy something, why not destroy something that's worth destroying?
        R220
      • ???

        what waffles got to do with it? ;-)
        goteamgo
    • RE: Anonymous launches 'Operation Global Blackout', aims to DDoS the Root Internet servers

      @bmeacham98@... Agreed. They need to stick to attacking people who are doing real harm, like the MPAA and the Church of Scientology. Going after stuff like root Internet servers is just vandalism, pure and simple.
      masonwheeler
      • What?

        I just get this crap? Who the hell maid them God to hack anyone? I sure didn't, any when they do hack the FCC and other US Govt sites it cost me money! I don't make much as it is, So paying Millions to keep them out and fixing the site is really not something I am into. I like my money so stop!

        I hate Wall Street as much as anyone but I don't think hacking is going to help one damn thing!
        mrgeek33
    • psst

      there is NO cause.. you just think there is, because if there wasn't you might go insanse try to understand it ... OMG you still might go insanse! LOL
      goteamgo
  • RE: Anonymous launches 'Operation Global Blackout', aims to DDoS the Root Internet servers

    Other than announcing their attacks, has Anonymous ever published a manifesto or agenda for the existence?
    mjbernier
    • RE: Anonymous launches 'Operation Global Blackout', aims to DDoS the Root Internet servers

      @mjbernier yes, and it works beautifully. it's not a model of any sort of utopia or government or political movement, although many (mostly foreign and some American) anons are waging a pretty wild cyber war in the middle east, at the moment.

      if you look, you can find a video on youtube "what is anonymous" or something like that.

      most people that work under the flag of anonymous are good people with good intentions. some are not. there are evil people everywhere.

      then we hear the BITCHING. you all admit that you don't know what they do, yet you have an opinion. stop it! no one is out to get you. no one wants your stuff. so, go ahead and relax; someone is watching out for you, and have been for years. sleep well. we got it.
      annamouse
      • ;-)

        YAY! somebody gets it!
        goteamgo
    • yup

      and it clearly states: we have no manifesto or agenda

      seriously?
      goteamgo