WikiLeaks suffers massive DDoS

By Dan Kaplan on Aug 13, 2012 7:08 AM
Filed under Security

Ongoing attack by new nemesis.

The website for whistleblower organisation WikiLeaks has been hit by a week-long and massive distributed denial-of-service attack.

The attacks arrive as the whistleblower site continues publishing new information related to global intelligence firm Stratfor, a company infiltrated by hacker collective Anonymous infiltrated late last year.

Roughly five million emails were stolen from Stratfor in the attack. It later handed over the emails to WikiLeaks for publication, which began releasing batches in February.

"The emails show Stratfor's web of informers, pay-off structure, payment-laundering techniques and psychological methods," WikiLeaks wrote at the time.

On Wednesday, WikiLeak's official Twitter account speculated the timing of the DDoS attack may be related to the Olympics; the ongoing releases of Stratfor and Syria documents, which also were handed over to WikiLeaks for publishing by Anonymous; or unspecified future releases.

A group calling itself AntiLeaks has taken credit for the DDoS campaign.

In a series of tweets on Friday, WikiLeaks said the group was going after its "donation infrastructure." The organisation said the assaults measured more than 10 gigabits per second, and are being delivered in a way that is impossible to deflect.

"The bandwidth [being] used is so huge it is impossible to filter without specialised hardware," the tweets said. "The DDoS is not simple bulk UDP or ICMP packet flooding, so most hardware filters won't work either. The [range] of IPs used is huge. Whoever is running it controls thousands of machines or is able to simulate them."

WikiLeaks has created a number of "mirror" sites in response, but most of those have been knocked offline as well.

WikiLeaks said it tried to move its servers to CloudFlare, a start-up that specialises in DDoS protection and website acceleration. However, WikiLeaks said it was turned away.

CloudFlare is no stranger to protecting targeted websites. The company had LulzSec as a customer during a three-week period last year when the close-knit hacktivist group was embarking on its rampage of breaches against companies like Sony and PBS. LulzSec, however, never violated CloudFlare's terms of service.

When asked Friday about WikiLeaks seeking CloudFlare's assistance, Matthew Prince, the company's co-founder and CEO, said the organisation wasn't denied service.

"We restrict all high-traffic sites from the automatic sign-up process," he said. "The purpose for this is to make sure a big site signing up has a great experience and that we're prepared so they don't overwhelm our network. You'd see the exact same error for the same reason if you tried to sign up The list of high-traffic sites is pulled automatically -- it wasn't purposefully directed at WikiLeaks."

Its not the first time WikiLeaks has run into trouble with U.S.-based companies.

In late 2010 it began publishing secret diplomatic cables which resulted in a number of major brands including Amazon, PayPal and MasterCard cutting off server hosting or payment processing ties with WikiLeaks in response to U.S. political pressure.

WikiLeaks' embattled leader, Julian Assange, remains at the Ecuador's London embassy. He is seeking asylum to the South American nation to avoid extradition to Sweden to face alleged sexual offenses. But he has not been charged with any crimes.

The AntiLeaks group said its claimed attacks are specifically against Assange and his attempt to seek asylum.

This article originally appeared at

Follow us on Facebook and Twitter

Copyright © SC Magazine, US edition


WikiLeaks suffers massive DDoS
Top Stories
AFL star joins Melbourne's Broadband Solutions
Shaun Grigg starts second job at peak of footy career.
Amazon Web Services killing it: revenue up 64%
Cloud vendor also triples operating income.
WestConnex signs national reseller Viatek
Five-year deal with Sydney Motorway Corporation.
Sign up to receive CRN email bulletins
What's the most important factor when partnering with a new vendor?

Latest Comments
CRN Magazine

Issue: 347 | March 2016

CRN Magazine looks in-depth at the emerging issues and developments for the channel, and provides insight, analysis and strategic information to help resellers better run their businesses.