Slyck Chatbox - And More

Operation Payback: That's All (for now), Folks

Discuss Slyck's latest news
Forum rules

Operation Payback: That's All (for now), Folks

Postby SlyckTom » Mon Nov 08, 2010 12:34 pm

Operation: Payback came roaring into the Internet landscape and left behind a slew of battered websites, a suspended P2P litigation campaign in the UK, an embarrassed law firm, and a humbled KISS frontman. In what may be a new method of Internet activism, or, as some would say, 'hacktivism', Operation: Payback has largely concluded its campaign after nearly two months of pillaging various anti-P2P websites. Let's take look at this bizarre chapter of Internet history.

It all began innocently enough on September 18, 2010. Members of Operation: Payback concluded recruiting enough people across the 4chan message boards, and launched their raid on the's website with a Distributed Denial of Service (DDoS) attack. A lot of media sources will tell you that 4chan attacked the MPAA, but this is not correct. 4chan was merely used as an organizational platform. You'll also hear this was organized by Anonymous. This too isn't totally correct. Supporters of Operation: Payback definitely include some members of Anonymous and of 4chan, but the reality is that participants came from numerous organizations and groups, and indeed loners, from across the Internet.

Critics of the operation have lambasted the effort, but there's little doubt that Operation: Payback had several episodes of success: ACS: Law's email database leak (an indirect score), the suspension of ISP cooperation with P2P litigators in the UK, the DoS attack against the Ministry of Sound, revenge again Gene Simmons of Kiss, and the DoS attack against Hustler.

Operation: Payback scored an indirect, and perhaps their most monumental victory, against UK law firm ACS: Law. On September 21, the website was attacked and knocked offline for only a modest amount of time. Supporters of Operation: Payback had patted themselves on the back and moved on, but then Andrew Crossley, solicitor of ACS: Law, declared these fateful words to The Register:

"typical rubbish from pirates", "Big whoop..."

"It was only down for a few hours. I have far more concern over the fact of my train turning up 10 minutes late or having to queue for a coffee than them wasting my time with this sort of rubbish."

This led to a follow-up DDoS attack that led to a protracted downtime. ACS:Law’s website was down until the 24th, but then their webhost attempted a comeback. Unfortunately, whoever was administering the website exposed the root directory and left a backup file readily available for download. Shockingly, the file contained an email database with hundreds of interoffice and personal emails – and in the process exposed the personal details over 8,000 individuals accused of file-sharing in the UK.

Other than the intrinsic victory of exposing the P2P litigation strategy in the UK, the DDoS had another cascading effect. Because of the volume and scale of the database breach – namely all the names, addresses and personal information of suspected file-sharers – a moratorium against P2P litigation in the UK was granted by the High Court. On October 4th, the court heard arguments from BT Broadband and the Ministry of Sound’s legal representative Gallant Macmillan. The ISP had argued that until the security of their customers' information was thoroughly reviewed, it was inappropriate to cooperate with the Ministry of Sound. The court agreed, and until at least January of 2011, ISPs will not be divulging customers' identities.

“We're pleased that the court has agreed to an adjournment so that our concerns can be examined by the court, this will then act as a precedent/test case for the future,” BT said in a statement.

Connected to this court ruling was Ministry of Sound (MoS), the largest independent music label in the UK. Two of their websites, one being their general homepage and the other a pay site for concert tickets, were hit by DDoS attacks on October 3rd. The intended target was actually Gallant Macmillan, however, an unexpected resistance to the attack forced a change of target to the MoS. This attack exposed the surprising litigation-oriented mindset of the MoS – and also knocked their websites offline for several days.

Another imposing strike came against KISS frontman Gene Simmons, who had recently expressed a very pro-litigation approach to file-sharing.

"Make sure your brand is protected...Make sure there are no incursions. Be litigious. Sue everybody. Take their homes, their cars. Don't let anybody cross that line."

This led to a splinter movement within Operation: Payback that launched a DDoS attack without the main group. Despite attacking with a smaller force, the group still managed to knock and offline for a brief period. Enraged, Gene made a rather aggressive post on his site once service was restored.

“Second, they might find their little butts in jail, right next to someone who's been there for years and is looking for a new girl friend.”

This led to a follow-up DDoS attack, except this time with the full force of Operation: Payback behind the strike. The result? Gene’s sites were knocked offline for several days, and he was also forced to retract his threatening statement of jail rape. Operation: Payback considered it revenge for what they considered his misguided perception of the realities of P2P litigation which often times sweeps up innocent victims.

Other successful attacks include – which Panda Security noted as impressive considering the speed (less than 3 minutes) the site was brought down. A site that’s designed to handle large amounts of video traffic was seemingly unable to thwart the initial attack, but it was brought back online within the hour. Another notable attack was the second strike against the RIAA in retaliation for the LimeWire shutdown – the RIAA website was taken offline in about 4 minutes 30 seconds.

After nearly 3 months of DDoS attacks, most members of Operation: Payback have largely retired from their activities. November 5th was supposed to be a day of epic DDoS attacks, but other than a half-hearted attack on that indeed took the site offline for a brief time, it was not the grand day many were expecting. But Operation: Payback accomplished much of what it sought – it raised awareness and engaged the public. There were a few serendipitous and unexpected outcomes, by far the greatest being ACS:Laws database breach and the suspension of ISP cooperation with P2P litigators in the UK. Although Operation: Payback has taken a break, it’s by no means defunct. Supporters of the movement, and their botnets, lay in the waiting and will no doubt reemerge when the time calls for it.


Follow us on Twitter @SlyckDotCom
Join our Facebook Fan page
Posts: 5713
Joined: Fri Jul 26, 2002 7:22 pm
Location: New York City

Re: Operation Payback: That's All (for now), Folks

Postby Anon1447 » Mon Nov 08, 2010 5:00 pm

This article couldn't be any more incorrect..

Due to server problems, re-linking etc., the project is simply hiking over a minor speedbump.

Posts: 1
Joined: Mon Nov 08, 2010 4:58 pm

Re: Operation Payback: That's All (for now), Folks

Postby bananonmusic » Thu Dec 09, 2010 2:53 pm

Wow, how did you manage to post this on the most active day of ddosing in operation payback's history? way to be afk, man.
Posts: 1
Joined: Thu Dec 09, 2010 2:49 pm

Re: Operation Payback: That's All (for now), Folks

Postby sunnyd » Thu Dec 09, 2010 2:59 pm

Errr... on November 8th the Slyck article was posted, at that time, they were suspending the attacks. How did you, bananonmusic, manage to do your post without checking the date of the original posting, were you perhaps afc, man, (away from calendar)? :wink:
Follow Slyck on Twitter @SlyckDotCom
Join Slyck's Facebook Fan Page
Posts: 30027
Joined: Mon Jan 21, 2008 2:34 pm

Return to Slyck News

Who is online

Users browsing this forum: No registered users and 3 guests

© 2001-2008