Yes, they actually ddos www.mastercard.com and the website is still down, or very slow, right now
Their method is pretty basic and don't require high hacker skills :
- they ask people on twitter, facebook and other social networking, to join their irc server (irc.anonops.net channel #operationpayback)
- they ask these people to read for example, this web page
that explain how to install a software
named LOIC on their computer
- Once they have installed the software and launch it, the client computer joined the botnet. They named it "the Hive"
- After, the owner of the Hive, a member of the "Anonymous" group tell the botnet which website is the target.
So it is a new kind of "Voluntary" botnet.
Anyway, many things surprise me :
- their Irc channel is "open" for everyone, so everyone can join it and watch the show.
So the chan is probably or will be monitored by law enforcement.
The irc server mask the real ip of the client connexion, so they must feel secure on Irc.
But the client computer IP adress who attack the web servers is not masked, so they can be traced quite easily.
(not so easily on big websites that handle a lot of connexion, and so get many normal clients ip on their logs)
- Actually, from the irc channel : " .: There are currently 616 LOICs in the hivemind. :."
So with just "616 clients computers", they have succeded to take down postfinance.ch, mastercard.com & others web site.
I think it will be more difficult .. Maybe these website were not so much protected that we can imagine.
They already have tried to take down paypal.com but don't succeded. This website is more secured, with a lot of more bandwitch than the others.
They said they need around 1000 to 5000 clients computers to take down paypal.com. If the botnet continue to grow, they will maybe try again.
The PandaLabs Blog is monitoring the recent news on this matter :
edit on 8/12/10 by digit78 because: mispeeling