PayPal Cyber Attack Arrests

Did you get the message?  I did.  Just a few days ago I received the a purported PayPal message that my account was going to have limited access, as well as several other terms and conditions that to be honest sent me into a PayPal rage. Should I have any questions I should use the link below to log into my PayPal account.  Sound familiar?

It was very convincing, however it was a weekend and I thought, “I’ll deal with it later.”  Monday I find that many other people I know received similar messages which of course caused us all to start wondering, “How real is this reality check on our PayPal account?”  It didn’t take long to find out it wasn’t real at all.

Allegedly hackers broke into the PayPal server in a retaliatory attack for WikiLeaks accounts being suspended.   Founded by Julian Assange, Wiki Leaks is an anti-secrecy organization that collects  information and then releases it to the public.  Their founder was arrested in Great Britian last winter after releasing 250,000 State Department documents in which US diplomats were, quite frankly less than complimentary towards their counterparts throughout the world.

(read more about WikiLeaks founder’s arrest)

The FBI reports the arrest of 14 people allegedly involved in the cyber-attack on PayPal.  Other arrests were made overseas in Great Britain and Amsterdam. Reportedly the cybberattacks on PayPal’s website were by the group “Anonymous.”  Anonymous is a group of hackers sympathetic to WikiLeaks and it has claimed responsibility for attacks against corporate and government websites worldwide.  PayPal closed the account being used for donations to WikiLeaks citing violations of the PayPal terms of service.  Wikileaks response was “PayPal’s action tried to economically strangle WikiLeaks.”

According to the indictment and complaints filed in court in San Jose, California, the defendants
“conspired with others to intentionally damage protected computers at PayPal” and are charged with various counts of “conspiracy and intentional damage to a protected computer.”

The attack was a DDoS, which are essentially an attempt to render computers unavailable to users through a variety of means, including saturating the target computers or networks with external communications requests, thereby denying service to legitimate users. According to the indictment, Anonymous referred to the DDoS attacks on PayPal as “Operation Avenge Assange.”

The individuals named in the indictment range in age from early 20’s to mid 30’s.  One person being charged in the indictment has had their name withheld.

According to the NY Daily News, “Manhattan lawyer Stanley Cohen, who represents a 20-year-old University of Las Vegas co-ed charged with conspiracy, told The Daily News that the FBI suspects his client is involved with Anonymous for about one year. “They must have run out of real terrorists, to be arresting a bunch of young girls,” Cohen said.

In an unrelated case of hacking, court documents indicate that a contractor in New Mexico was involved in the AT&T hacking group LulzSec, who you may also recognize from its involvement with Sony and PlayStation Servers.

(read more about LulzSec and Sony hacking)

According to Business Week “On Wednesday LulzSec appeared to deny that any of its membership had been compromised, saying in a tweet that “there are six of us, and we’re all still here.” LulzSec has taken responsibility for attacks on Fox News, PBS, Sony and Nintendo, among others.

Protecting yourself from cyber attacks

Don’t use links in email messages.

Open new windows and type in addresses to access accounts.

Make sure you regularly update your anti-virus program and be aware of what is going on in technology news.

Try not to store passwords, credit card information or other pertinent personal and financial information online as it could be compromised.