PayPal suffers DoS for spurning Wikileaks

PayPal suffers DoS for spurning Wikileaks

Summary: PayPal was attacked last night in a denial-of-service attack which took its blog offline for about eight hours, according to security researchers.

SHARE:

update PayPal was attacked last night in a denial-of-service attack which took its blog offline for about eight hours, according to security researchers.

Julian Assange

Wikileaks co-founder, Julian Assange(Julian Assange image, by New Media Days, CC BY-SA 2.0)

The attacks came in response to a move by the payment giant to stop providing services to whistleblower website Wikileaks for donations.

PayPal said Wikileaks had breached its user policies which prevent its services being used to support criminal activity. Wikileaks is in the process of leaking more than 250,000 US diplomatic cables it leaked last week, which has brought censure from many nations, as well as investigations into the legality of the leaks.

"ThePayPalBlog.com is now back up after 75 service interruptions and 8 hours 15 minutes of total downtime. This report doesn't take into account the many hours that ThePayPalBlog.com resolved to a 403 error," PandaBlogs researcher Sean-Paul Correll said in a blog post.

The attack on the blog site was only launched by a few users, Correll said.

PayPal has confirmed that the blog, which sits on a different server to the main site, was down for a few hours and said that the matter was under investigation. It believed that the service interruption was due to internal infrastructure issues.

Correll said on his blog that he believed that those involved in a DoS campaign against the music industry called "Operation: Payback", were involved in the attack.

"On the other side of the attack spectrum, the anonymous attackers involved in Operation: Payback have vowed to take a temporary break from their mega-assault on the entertainment industry in order to spend some time helping Wikileaks."

Although few users were said to be involved, the attack might be the forerunner of a larger DoS campaign in support of Wikileaks.

A poster has appeared on a file upload site which appears similar to those used to coordinate and promote official Anonymous DoS campaigns. Forum posts have also given suggestions on how to handle a campaign.

Wikileaks has had a hard week. Users struggled to access the site after its domain name system services were cut off by US provider EveryDNS.net, after which the Pirate Party and other supporters opened mirror web sites across Europe.

The website was earlier dumped from Amazon's cloud hosting service after two large DoS attacks against the site.

Founder Julian Assange is under fire for his role in leaking the cables. The Australian citizen has also reportedly said that he received death threats.

Wikileaks said it would release a 'bomb' of sensitive information if the site is taken offline. The cables have reportedly been encrypted and sent to thousands of users around the world. It has also said it intends to release confidential documents reportedly revealing criminal activity at a major US bank.

Updated at 10:55am, 7 December 2010: added comment from PayPal.

Topics: Security, Operating Systems

Darren Pauli

About Darren Pauli

Darren Pauli has been writing about technology for almost five years, he covers a gamut of news with a special focus on security, keeping readers informed about the world of cyber criminals and the safety measures needed to thwart them.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

4 comments
Log in or register to join the discussion
  • Am not surprised!
    Paypal/Ebay are about as corrupt as they can get away with.
    They threatened to suspend my account when I complained on their blog about the raw deal one gets from their so-called "Buyer Protection" in regard to fraudulent sellers.

    They'e actively hidden facts about the huge number of sellers of fake/counterfeit goods they allow to continue ripping off unsuspecting buyers even after a multitude of cheated customer's complaints.
    To get some idea of the extent of just a fraction of this in regard to flash sticks, memory cards & MP players, Google for sosfakeflash, it's a site dedicated to assisting the victims.
    Needless to say we no longer use Paypal!
    grump3
  • Some sites are reporting Paypal got hacked. Wouldn't it be nice if they added cash to paypal user
    fddicent
  • Some sites are reporting Paypal got hacked. Wouldn't it be nice if they added cash to paypal user s accounts. I agree w/ grump. I have used eBay/Paypal for many years. Not too long ago though, a friend made up some t-shirts w/ a politcal ad on them. He even went so far as to trademark his saying on the shirts. He asked me to setup the website for it and to set it up for ebay & paypal. A few months into the ebay sales, I posted a question in the forums. Little did I know at the time that ebay employees are constantly monitoring the forums. I didn't say anything negative at all, just a simple question. Well it didn't stop there. I guess some people took offense to the shirt, and the shirt could have been taken a good and a bad way. That was the beauty of the shirt. anyhow before I knew it a ebay employee was posting my personal information in the forums. Everything from phone numbers to all my sales information. The next day I was suspended. A day or 2 later I did a search on ebay of the terms that matched my listings. Of course, there it was. The same user that gave me the hard time (and the one i suspect worked for ebay who posted my info) was selling shirts, coasters and basically anything you could put the picture that I photoshopped on. After a few emails to eBay asking them to remove the listings, for one the image/quote was trademark (it was a unique saying) and two; the person was using the image that I created. There was absolutely no denying it. Long story short, ebay did nothing basically told me to go "F" myself. The user did not do much sales from what I could tell, and neither did I. It was a lost cause to try and sue, but if I would've had the money, it would have been great to sue the crap out of eBay.l

    Ebay & Paypal don't care about the little guy. They will steal your ideas and ban you from using their services. Look at how many people sale Microsoft Server Operating Systems which cost many thousands of dollars, but try to list one and see if it lasts more than a few hours. I had a perfectly licensed copy w/ 25 CALs that was sealed, brand new. Even had the picture posted with me holding it. Once again ebay wouldn't allow me to sale it saying it was an illegal copy, which I proved wrong by showing the UPC. Funny though that a guy from Silicon Valley contacted me and purchase the OS from me at a very reduced rate b/c I had no other outlet to sale it and I didn't need it. A week later the same guy was selling my Server OS on eBay and had no problems.

    Just a couple of horror stories about eBay but there are thousands. Ebay/Paypal are parasites. Please give them a !PAN to the side of the face for the little guys like me.
    fddicent
  • Another Site dedicated to Paypal'smisconduct:

    http://www.paypalsucks.com/
    grump3