Interpol arrests 25 in Anonymous raid

The international police agency has detained 25 people in Latin America and Europe over alleged Anonymous involvement, prompting a brief retaliation by the collective

Interpol has arrested 25 suspected Anonymous hackers in Latin America and Europe, apparently prompting a brief online fightback by the activist group.

Interpol logo

Interpol has arrested 25 people in connection with the online group Anonymous. Image credit: Interpol

The arrests were carried out in Spain, Colombia, Argentina and Chile, as part of a crackdown named Operation Unmask, the international police co-operation agency said on Tuesday. The crackdown was launched in mid-February, in response to attacks against government and commercial sites in Colombia, Chile and elsewhere, it added.

"This operation shows that crime in the virtual world does have real consequences for those involved, and that the internet cannot be seen as a safe haven for criminal activity, no matter where it originates or where it is targeted," Interpol's acting executive director of police services, Bernd Rossbach, said in a statement.

The agency noted that around 250 "items of IT equipment and mobile phones" were seized during the operation, which saw 40 premises searched in 15 cities. Payment cards and cash were also seized "as part of a continuing investigation into the funding of illegal activities carried out by the suspected hackers who are aged 17 to 40", Interpol added.

By late Tuesday evening, Anonymous was claiming it had exacted revenge on Interpol by bringing down the agency's website. Reports suggested that the Interpol site had indeed been successfully taken offline, but only for a short while.

"Tango down! Free international Anons!" read one message from a Twitter account regularly used as an Anonymous mouthpiece. Another tweet insisted that Anonymous is "not a criminal organisation".

Anonymous is supposedly not an organisation at all. It operates more as a collective with no apparent hierarchy and a constantly shifting membership, which makes it difficult if not impossible to stop. Its targets have ranged from companies and pressure groups to the highest-profile law enforcement and intelligence agencies.

Analysis of Anonymous attacks

Analysis released on Sunday by security firm Imperva noted how the collective also uses a variety of tools to accomplish its goals.

Anonymous attack infographic

Security firm Imperva has released this anatomy of an Anonymous attack. Image credit: Imperva

"Our research shows that Anonymous generally mimics the approach used by for-profit hackers, leveraging widely known methods — SQL injection and DDoS — to carry out their attack," Imperva chief technology officer Amichai Shulman said in a statement.

"We found that Anonymous, although it has developed some custom attack tools, generally uses inexpensive, off-the-shelf tools as opposed to developing complex attacks. Our research further shows that Anonymous will try to steal data first and, if that fails, attempt a DDoS [distributed denial-of-service] attack," added Shulman, whose firm detailed the path of a specific attack.

Imperva noted that, in the attack, a small group of "sophisticated hackers" first probed the target website and tried to steal data through SQL injections and other application attacks. After that failed, "laypeople" then joined in to aid a DDoS attack, using desktops and mobile phones to overwhelm the target's servers and bring down the site.

In the end, that attack failed too. Imperva did not name the target, but reports have identified it as the Vatican, which was the subject of the unsuccessful 'Operation Pharisee' Anonymous assault in August.

Interpol raid

Anonymous attacks on "the Colombian Ministry of Defence and presidential websites, as well as Chile's Endesa electricity company and its National Library" prompted Interpol's raid in February, the agency said.

It is not yet clear whether those arrested were members of Anonymous's sophisticated core, or just people sympathetic to Anonymous's cause and with access to the collective's Low Orbit Ion Cannon (LOIC) tools.

Many people have already been arrested — including in the UK — for taking part in Anonymous attacks, but there has been no discernible effect on the group's activities.

Get the latest technology news and analysis, blogs and reviews delivered directly to your inbox with ZDNet UK's newsletters.