BankThink

PayPal Data Led to Hacking Arrests

Hacking suspects may blame their arrests on having picked the wrong target.

PayPal Inc., which was targeted by the hacking group Anonymous, provided the Federal Bureau of Investigation with a list of computer IP addresses that is being used to determine which people to raid and arrest, Ars Technica reported Wednesday. PayPal had a system set up to log this information during when it was attacked.

The list was provided in December, after PayPal was hit by a distributed denial of service attack, which is a way for hackers to disrupt a company's online operations by overwhelming its website with more traffic than it was designed to handle. The following month, PayPal gave the FBI a list of 1,000 IP addresses it logged. Those addresses were the ones that sent the most traffic during the attack.

The traffic itself contained data that indicated the motives of the people behind it. Some of the data included text strings such as the word "wikileaks." PayPal, a unit of eBay Inc., became a target after it stopped allowing payments to WikiLeaks.

This information was revealed in an affidavit offered to support a search warrant on one home in Arlington, Texas. The home's residents were not charged.

The New York Times earlier reported that some of the suspects said they did not expect to be arrested for their participation in the attacks on PayPal and others. Perhaps to avoid further fallout, Anonymous said Wednesday that it plans to take a more legal approach to its attacks on PayPal. Instead of attempting to disrupt PayPal's website, Anonymous has vowed to simply boycott it, the Times said.

But the arrests continue.

British police said Wednesday they arrested a 19-year-old that they say is a spokesman for Lulz Security, another major hacking group that has targeted private companies and government agencies, the Times reported. The suspect uses the online nickname "Topiary."

For reprint and licensing requests for this article, click here.
MORE FROM AMERICAN BANKER