Friday, January 20, 2012

What is LOIC and how does it work

With the Feds shutting down popular locker storage site Megaupload, hacktivist group Anonymous quickly sprung into action to take revenge. They targeted the FBI and Department of Justice websites including Universal music, Warner music and other popular websites. Once they targeted these websites with DDoS attacks. A DDos (Distributed Denial of Service) attacks works on the logic that if enough number of hits go to a popular website it will shut down under its own weight. So when a DDoS attack is on, a particular websites will get so many hits that it begins to crumble becoming slow and unresponsive. 

What is loic and how does it work

To do this Anonymous uses a popular javascript based program developed by 4chan affiliated hackers called LOIC ( Low Orbit Ion Cannon). Group members used this program as well as directing other internet users who support their cause to download and use the program. So once downloaded on a users computer the program will keep sending requests to a particular website and when thousands of people do this all at once. That website can go down.

LOIC is available for Windows, Mac and Linux. The Windows version of LOIC has something know as a Hivemind. How this works is that once it's downloaded lets you point your copy at an internet relay chat server and once that is done, you can allow someone else to pint your attack to a particular URL, IP or website address. So one mastermind can collectively control thousands of computers. Ensure that all the attacks are being directed at a single website.

Another way Anonymous has been tricking users into targeting website servers is by distributing links via Twitter, Tumblr, pastebin and other popular social sites. Once you click on the link you are automatically part of the program to target websites.  (Here's a link to the Twitter search, just don't click the PasteHTML link. Source)

Will you be prosecuted if you download and use LOIC?
It is unlikely as investigators would conclude that all the computers that were used during the attack might have been part of a compromised botnet. cnet covered this aspect is more detail and you can read more here. Gizmodo says that there is little risk to the user because the attack knocks out servers and the log files do not actually log anything. Plus there is no proof that you computer was not a part of a compromised botnet.

No comments:

Post a Comment