MasterCard attacked by voluntary botnet after WikiLeaks decision

mastercard.com is currently under a distributed denial of service (DDoS) attack, making the site unavailable from some locations.

The attack is being orchestrated by Operation Payback and forms part of an ongoing campaign by Anonymous. They announced the attack's success a short while ago on their Twitter stream:

Operation Payback is announcing targets via its website, Twitter stream and Internet Relay Chat (IRC) channels. To muster the necessary volume of traffic to take sites offline, they are inviting people to take part in a 'voluntary' botnet by installing a tool called LOIC (Low Orbit Ion Cannon – a fictional weapon of mass destruction popularised by computer games such as Command & Conquer).

The LOIC tool connects to an IRC server and joins an invite-only 'hive' channel, where it can be updated with the current attack target. This allows Operation Payback to automatically reconfigure the entire botnet to switch to a different target at any time.

Yesterday, Operation Payback successfully brought down the PostFinance.ch website after the Swiss bank decided to close Julian Assange's bank account.

Later in the day, they also launched an attack against the Swedish prosecutor's website, www.aklagare.se. The attack was successful for several hours, but now appears to have stopped. The Director of Prosecution, Ms. Marianne Ny, stated yesterday that Swedish prosecutors are completely independent in their decision making, and that there had been no political pressure. The same group also successfully took down the official PayPal blog last week, after WikiLeaks' PayPal account was suspended.

As more companies distance themselves from WikiLeaks, we would not be surprised to see additional attacks taking place over the coming days. Concurrent attacks against the online payment services of MasterCard, Visa and PayPal would have a significant impact on online retailers, particularly in the run up to Christmas.

Although denial of service attacks are illegal in most countries, Operation Payback clearly has a sufficient supply of volunteers who are willing to take an active role in the attacks we have seen so far. They are a force to be reckoned with.

A real-time performance graph for www.mastercard.com can be viewed here.