Menu
Wikileaks DDoS tool downloads grow rapidly

Wikileaks DDoS tool downloads grow rapidly

LOIC tool unusually popular in UK

A disproportionate number of people downloading the open source DIY tool being used to launch DDoS attacks on companies deemed hostile to Wikileaks appear to be based in the UK, new figures have suggested.

According to security company Impreva, the total download for the 'manual' version of the Low Orbit Ion Canon (LOIC) tool is still modest by Internet standards at around 33,000 and growing. Not surprisingly, a third or almost 10,000 of those are from users based in the US, but despite its much smaller population the UK comes in second place with 3,200 downloads.

Other European countries, including Germany, France, Russia, Spain and The Netherlands are all between 1,000 and 2,000 downloads each. 85 per cent of downloaders are Windows users.

What is perhaps more alarming is the rate of increase in downloads, which is accelerating. Of the nearly 50,000 people who have now downloaded the tool as of 10 December, roughly 60 per cent have happened in two days.

Meanwhile, the server version of LOIC had been downloaded at least 33,000 times as of around 5pm GMT on 9 December. A third Javascript version cannot be measured because it requires no download.

Anyone in the UK thinking of looking at LOIC should be warned that even downloading it could be illegal under the Computer Misuse Act if that download is discovered and evidence of intent is proved. Demonstrating intent would be incredibly hard but the warning still stands.

"The 'voluntary' botnet is illegal. These attackers are downloading code which is performing an attack. Although they did not write the code, and although they are hiding behind the mask of so-called ideology, they are engaging in activity to disrupt a service," cautioned Imperva's CTO, Amichai Shulman.

Realistically, LOIC is a still more of a marketing tool for the Anonymous cause more than a serious botnet tool that can scale. The group is likely using involuntary botnets to do most of its DDoS, that is launching attacks using hijacked PCs without their owners being aware that this is happening.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags CanonPersonal Tech

More about CanonImperva

Show Comments
[]