Wikileaks DDoS tool downloads grow rapidly

LOIC tool unusually popular in UK

A disproportionate number of people downloading the open source DIY tool being used to launch DDoS attacks on companies deemed hostile to Wikileaks appear to be based in the UK, new figures have suggested.

According to security company Impreva, the total download for the 'manual' version of the Low Orbit Ion Canon (LOIC) tool is still modest by Internet standards at around 33,000 and growing. Not surprisingly, a third or almost 10,000 of those are from users based in the US, but despite its much smaller population the UK comes in second place with 3,200 downloads.

Other European countries, including Germany, France, Russia, Spain and The Netherlands are all between 1,000 and 2,000 downloads each. 85 per cent of downloaders are Windows users.

What is perhaps more alarming is the rate of increase in downloads, which is accelerating. Of the nearly 50,000 people who have now downloaded the tool as of 10 December, roughly 60 per cent have happened in two days.

Meanwhile, the server version of LOIC had been downloaded at least 33,000 times as of around 5pm GMT on 9 December. A third Javascript version cannot be measured because it requires no download.

Anyone in the UK thinking of looking at LOIC should be warned that even downloading it could be illegal under the Computer Misuse Act if that download is discovered and evidence of intent is proved. Demonstrating intent would be incredibly hard but the warning still stands.

"The 'voluntary' botnet is illegal. These attackers are downloading code which is performing an attack. Although they did not write the code, and although they are hiding behind the mask of so-called ideology, they are engaging in activity to disrupt a service," cautioned Imperva's CTO, Amichai Shulman.

Realistically, LOIC is a still more of a marketing tool for the Anonymous cause more than a serious botnet tool that can scale. The group is likely using involuntary botnets to do most of its DDoS, that is launching attacks using hijacked PCs without their owners being aware that this is happening.

Join the CSO newsletter!

Error: Please check your email address.

Tags Personal TechsecurityCanon

More about CanonImperva

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John E Dunn

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place