Search This Blog

Monday, August 1, 2011

PayPal sent FBI list that led to Anonymous raids

By Athima Chansanchai

In cooperation with the FBI, PayPal sent them a list of about 1,000 IP addresses that carried malicious code during Anonymous' attacks on it last year, which helped agents target specific people in recent raids that led to 16 arrests.

An affidavit filed by Special Agent Chris Thompson reveals that PayPal worked closely with the feds to nail down those responsible for the attacks on it, from the time the attacks started to about a week later, when PayPal found warnings about the FBI sweeps circulating amongst participants in the attacks.

As early as December, FBI agents had been in contact with Dave Weisman, PayPal's senior manager of its Electronic Crimes and Threat Intelligence Unit. They shared a conference call two days after PayPal was hit with a distributed denial of service (DDos) attack in retaliation for suspending donations to WikiLeaks through its PayPal account. PayPal reported several attacks to the FBI that occurred between Dec. 6 and 10.

On Dec.15, PayPal provided agents with a thumb drive that contained "logs and report detailing information regarding approximately 1,000 IP addresses that sent malicious network packets to PayPal during the DDoS attacks."

The 1,000 IP addresses were derived from logs created by a PayPal-owned Radware device that records the attackers' IP addresses and the malicious signature it's programmed to recognize. According to the affidavit, a senior security engineer at eBay identified the specific set of strings being used in the attacks, and found only half a dozen variations, leading investigators to be able to pinpoint the patterns of the infiltration.

The IP addresses captured by PayPal were able to be linked to specific premises through subpoenas served upon AT&T and other Internet Service Providers. One of the 1,000 IP addresses given to the FBI by PayPal sent more than 3,600 "malicious network packets" to PayPal between Dec. 8 and 9. A federal grand jury subpoena was served on AT&T on Jan. 6, which AT&T complied with a response on Jan. 18, which led to Valori S. Reid and Peter B. Reid, and their 19-year-old son Ethan, in Arlington, Texas.

The Reids weren't arrested, but their home was the site of one of 35 search warrants executed by the FBI in relation to the Anonymous investigation.
NBC reported: "Agents arrived at the house at about 6 a.m., and a neighbor said they stayed for three hours. They seized two laptops, two desktop computers, an external hard drive, several thumb drives, an iPod Touch and at least one cellphone."

The Department of Justice press release on the raids and arrests that took place in 11 states exposed the extent of the federal web that was dropped over the alleged hacktivists who were part of "Operation Avenge Assange." The release said, "The defendants are charged with various counts of conspiracy and intentional damage to a protected computer."

What is PayPal demo

Working with Paypal

Your feedback is always welcome. Thank you!

No comments:

Post a Comment