It all started the afternoon of December 20. And, like most interpersonal spats today, it began on social media.
Threatening gaming sites. Downing Twitter (momentarily). Booting WikiLeaks off the internet. Oh, it’s all fun and games for the apparently-youthful group of skids in OurMine hacking crew, all fun and games until Daddy gets home. Then Daddy got home. And Daddy wasn’t pleased.
To put it in plain English, a relatively new hacker crew called OurMine (@Our_Mine on Twitter) went rogue, eschewing their usual gaming site targets for a briefly successful attack on WikiLeaks.org, just as WikiLeaks was in the middle of a campaign to respond to the US passing of the cyber-spying bill, and testing its new beta site.
In a day and a half (an eternity on Twitter) another branch of Anonymous struck back.
OurMine, it turns out (and they freely admit) have been doxed before, multiple times. Their enemies TeamBudyBear make something of a theme of it on their Twitter account, complete with screenshots. In addition to DDoS attacks, several months ago OurMine had claimed to have defaced Anonyinfo.com, which naturally did not go over well.
We spoke with @AnonyInfo to get some background on the attacks, both on WikiLeaks and the retaliatory dox by AnonyInfo. The “deface” it turned out was nothing more than an opportunistic seizure of an expired domain AnonyInfo was no longer using. AnonyInfo had no prior knowledge of OurMine. “No, only when they claimed to hack/deface our website. It was July, 8th. We immediately responded and exposed their lies. Most likely it was for publicity, yet if they continue to do these type[s] of attacking they’ll have us to worry about.”
AnonyInfo first of all denied OurMine had the skills or the botnet to do this themselves. “They’re probably using someone, using a booter. There’s no way they’re using a botnet.” In other words, they don’t run an army of enslaved zombie computers, they’re just renting time on someone else’s to get this done. And given WikiLeaks’ history with DDoS attacks and protection (including being the victim of the largest DDoS in history, back in the day), it has to have been pretty powerful. “These skids have 0 skills. Most tangodown that are happening are a result of booters. Turkey/SA just got tango down’d by a booter. It was @AR_Talents.” Talents has publicly claimed to have taken Syria offline as well and is leading the charge of #OpDDoSISIS.
I know, I know, it started as a simple Twitter spat and we are way, WAY down the rabbit hole, kittens. Stick with me.
As for why OurMine would attack WikiLeaks in the first place, well, it’s always the same reason. “They did it most likely for publicity/fame. No other reason. They do things for no reason.” And Talents’ motivation? “Some are taking down the internet to distrupt ISIS communications. Some are doing it for different reasons.We believe if the time is right, it’s okay to take down the internet.” This is in stark contraast to Anonymous operations during Arab Spring, where Anonymous and Telecomix worked together to ensure that the citizens of each country still had access to the outside world.
Talents took to Twitlonger to explain him/herself. “If the #target I’ve claimed was: Routing Connection via NameServers, Hosting content for my target or providing Protection for my target. My Targets are generally #ISIS or #PRO-ISIS Hosts, NameServers or Domains. I am not currently affiliated with any group or sec of Anonymous, just so those of you are aware.”
Meanwhile, farther up the rabbit hole…
In retaliation for the dox by AnonyInfo, OurMine replied, basically, a) incorrect and b) “Skids!” which in hacker terms is as sick a burn—particularly coming from skids—as can be. It hardly cramped their style for a moment. The AnonyInfo dox, in fact, is a remixed, edited, and supplemented version of one which another group had released in July. The essential info is the same.
For those of you who are thinking “Hmm, Christmas is coming and a new batch of teenaged DDoS artistes are threatening to take games offline…where have we heard this before?” you’re on to something. Taking gaming sites offline on Christmas is something of a tradition in the gaming/DDoS world, the equivalent of the superbowl, only literally every other team is also struggling to get that website offline, making the outcome that much more certain. Whoever gets the official credit, whether Lizard Squad or Phantom Squad or Taylor Swift’s Girl Squad, has won the PR war for that year and can look forward to a round of breathless interviews with the major media right up until they get v&.