Anonymous attacks 'cost PayPal £3.5m'

Northampton university student was part of the DDoS campaign against PayPal for refusing to process Wikileaks payments

The Anonymous hacking group cost PayPal £3.5 million when it carried out an attack on its websites, it was alleged in court this week.

The court in London heard that student Christopher Weatherhead, 22, was studying at Northampton University when he purportedly took part in a distributed denial of service (DDoS) campaign against PayPal.

It was said that Weatherhead was part of the Anonymous hacking group, which targeted companies who opposed internet piracy, but who later attacked PayPal after it refused to process Wikileaks payments.

Weatherhead denies a charge of conspiracy. He has pleaded not guilty to conspiring to impair the operation of computers between 1 August 2010 and 22 January 2011. Three other men have already pleaded guilty to the charge.

As well as PayPal, MasterCard, Visa, the Ministry of Sound, the British Recorded Music Industry and the International Federation of the Phonographic Industry were also targeted by the Anonymous group.

Prosecutor Sandip Patel said PayPal was chosen after it refused in December 2010 to process payments for the Wau Holland Foundation, which was raising money to keep Wikileaks going.

Weatherhead is said to have used the online name Nerdo, when posting plans for the attacks on an internet relay chat (IRC) channel hosted in Russia.

Patel said PayPal was the victim of a series of attacks "which caused considerable damage to its reputation and loss of trade".

He said more than 100 workers from PayPal's parent company eBay spent three weeks working on issues related to the attacks. PayPal, it was heard, also had to pay for more software and hardware to defend against similar attacks in the future. Patel said the total cost to the firm was "estimated at £3.5 million".

The prosecution said the BPI, which was the subject of an attack in September 2010, had paid out £3,996 for improved online security, whilst the Ministry of Sound had spent an extra £9,000 on security after its four websites were attacked in October 2010.

Weatherhead's home had been raided on 27 January 2011, where computer equipment was seized. The trial is continuing.

Tags: Anonymous, security, visa, paypal, IT Business

Confirmed: hackers can use Heartbleed to steal private SSL keys

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]
Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Web Security and Control

Protect your users on the web

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.