The FBI has swooped on a Texas-based computer network which it thinks was hijacked for the Anonymous group’s Operation: Payback DDoS attack on PayPal.
According to a search warrant spotted by The Smoking Gun the Feds say that they will check each system on the network to work out which computer was responsible for the attack.
It comes following Anonymous or 4chan’s attempt to bring down various financial service companies that refused to do business with Wikileaks, most notably PayPal and the Swiss bank PostFinance.
PayPal contacted the FBI on December 6, following 4chan’s DDoS attack on PayPal’s blog, which was pushed offline for several hours. Several days later, PayPal came under full assault again.
The Untouchables think Anonymous used Twitter to recruit participants for the online offensive, directing them to an Internet Relay Chat server at irc.anonops.net. They then used a network stress testing application, dubbed the Low Orbit Ion Cannon (LOIC) to flood Paypal with HTTP requests and TCP packets.
Although it sounds like the coppers are looking for a needle in a haystack, PayPal insecurity experts have identified the eight IP addresses hosting the IRC site.
One of them belonged to the Canadian outfit FranTech Solutions. Another was traced to a server located in Herlisheim France, owned by Host Europe, with root-level access coming from an administrator with a Dallas, Texas based IP address: Tailor Made Servers, a colocation outfit.
It looks like commands for the DDoS attack came from the Dallas computers. The warrant seeks permission to snuffle any of Tailor Made’s machines to find Anonymous.