The leader of AntiLeaks (someone calling themselves DietPepsi) has been in contact with a few larger websites and news agencies. He (or she) is claiming that their detailed knowledge of the attacks and announcement of intended attacks should prove that they are the ones behind it and not the US Government or Government agency. DietPepsi also claims that the attacks have nothing to do with the Trapwire document release. Although the timeline would seem to back AntiLeaks up it is still odd timing on the attack for the main WikiLeaks targets. The original DDoS attack began on August 3rd and the release of the first Trapwire documents started on
the 7th. AntiLeaks also went after a couple of Ecuadorian government sites taking them down through the use of the same style of DDoS (although not the same scope). It was the attacks on the Ecuadorian sites that the groups tipped up to the press, but for some reason they did not tip up the attack on WikiLeaks or their mirrors.
All of this sounds interesting, but there is something that I always remember when looking over press releases and announcements. It is often less what is said than what is not said. DietPepsi has made the statement: “We find the speculation that we are not behind these attacks and/or that we are CIA/NSA/FBI or even wikileaks themselves to be downright comical,". This declaration is probably true; they are not THE government or a government agency. However they did not say they were not under contract or working with the US Government.
We speculated that this is an attack using a slightly altered system similar to the ones used to attack Torrent swarms. As system of the scope and size needed to DDoS a Torrent Swarm would be able to produce the 10Gb/s that we saw with the WikiLeaks attacks. There is also ample evidence that some of these systems are operating in the US as the CERT Poland noted significant traffic originating from inside the US which was directed at Torrent Swarms not that long ago. The one known system, PiratePay, in Russia was funded by Microsoft’s Rissian branch so it is entirely feasible that there are versions of this in the US which have been funded by other corporations interested in maintaining their copyright. Some of the companies that might dump money into this, like the MPAA and RIAA, also have very close ties to the US Government. As we stated a couple of days ago it is not out of the question that one of these systems is being used in these attacks. They have the power and the technology to pull it off which makes them a prime suspect.
WikiLeaks is currently back online and taunting AntiLeaks with statements like “Is that all your’ve got?” posted on their twitter account. If you ask us that might be a way to get AntiLeaks to show their hand making it easier to identify them. Anonymous has also chimed in indicating that they may get involved in the fray soon. When asked about the possible involvement of Anonymous AntiLeaks said they are not concerned at all by this threat.
The situation is very interesting and there is certainly more to this than a group of “young adults” considering that none of the “young adults” we have spoken with actually call themselves this. There is also the matter of the verbiage of the statements. They come off very polished and correct. They also use a few keywords that are often used to stir FUD by the US and corporations that whine about the state of the internet and how we have to protect US IP. The one that still bothers us is “Assange is the head of a new breed of terrorist”… Sorry that one sound far too similar to a bad TV series or movie to fly.
Discuss this in our Forum