Anonymous hacktivists say Wikileaks war to continue Published duration 9 December 2010

A member of the Anonymous group of hackers, which has been targeting firms it sees as being anti-Wikileaks has said the campaign is not over.

Speaking on the BBC's Today programme, Coldblood said that "more and more people are downloading the voluntary botnet tool".

This signs them up to a so-called botnet, an army of machines that can then launch attacks.

Overnight Visa became the latest victim.

Its website experienced problems while Mastercard payments were also disrupted.

Both were victims of distributed denial-of-service attacks (DDoS), which bombard websites with requests until they are unable to cope, and fall over.

The Operation Payback campaign is targeting firms that have withdrawn services from Wikileaks.

Wikileaks attracted the ire of the US government when it began publishing 250,000 leaked diplomatic cables. The government has written to Wikileaks, saying its actions are illegal but denies putting pressure on firms such as PayPal to withdraw services.

Coldblood, who is not an official spokesperson for Anonymous, told the BBC that "thousands" of people had joined up in what he described as a "war of data".

"We are trying to keep the internet open and free but, in recent years, governments have been trying to limit the freedom we have on the internet," he said.

Entries on the Twitter page of Operation Payback, the Anonymous campaign, said the Visa site had been taken down.

Visa's website was later restored and spokesman Ted Carr said its processing network, which handles cardholder transactions, was working normally.

But in a day of fast-moving developments, the Anonymous Twitter page then went down, replaced by a message from Twitter saying the account had been suspended.

Twitter say they do not comment on "the actions we take on specific user accounts". However, a source told the BBC that the last tweet sent out by Anonymous included a link to a file containing consumer credit card information.

Former US vice-president candidate Sarah Palin has been vocal in her criticism of Wikileaks and her website was also hit by DDoS attacks.

media caption Kristin Hrafnsson, from Wikileaks, condemned companies such as Mastercard for cutting ties with the website.

Paul Mutton at the security firm Netcraft, who is monitoring the attacks, said Visa is considered a more difficult target and the attack on it required a much larger number of "hacktivists" - politically motivated hackers - 2,000 compared with 400 for Mastercard.

Earlier the BBC was contacted by a payment firm linked to Mastercard that said its customers had "a complete loss of service".

In particular, it said that an authentication service for online payments known as Mastercard's SecureCode, had been disrupted.

Other readers have also said that they have had problems with online payments. The scale of the problems is still unclear.

Mastercard acknowledged there had been "a service disruption" involving its SecureCode system, but it added: "Our core processing capabilities have not been compromised and cardholder account data has not been placed at risk.

"While we have seen limited interruption in some web-based services, cardholders can continue to use their cards for secure transactions globally."

False account

Anonymous, which claimed to have carried out the attack, is a loose-knit group of hacktivists, with links to the notorious message board 4chan.

It said that it has hit several targets, including the website of the prosecutors who are acting in a legal case against Wikileaks founder Julian Assange.

An Anonymous member told AFP news agency the group would extend their campaign to anyone with "an anti-Wikileaks agenda".

PayPal, which has stopped processing donations to Wikileaks, has also been targeted.

The firm said Wikileaks' account had violated its terms of services.

"On 27 November the State Department, the US government, basically wrote a letter [to Wikileaks] saying that [its] activities were deemed illegal in the United States," PayPal's Osama Bedier told the Le Web conference in France.

"And as a result our policy group had to make the decision of suspending their account.

"It's honestly, just pretty straightforward from our perspective and there's not much more to it than that," he said.

Other firms that have distanced themselves from the site have also been hit in the recent spate of attacks including the Swiss bank, PostFinance, which closed the account of Wikileaks founder Julian Assange.

The bank said Mr Assange had provided false information when opening his account.

Swamp site

Security experts said the sites had been targeted by a so-called distributed denial-of-service attack (DDoS), which swamp a site with so many page requests that it becomes overwhelmed and drops offline.

Noa Bar Yosef, a senior analyst at Imperva said the attacks were "very focused".

media caption PayPal's Osama Bedier: "Our policy group had to make the decision of suspending the account"

"It is recruiting people from within their own network. They are actually asking supporters to download a piece of code, the DDoSing malware, and upon a wake-up call the computer engages in the denial of service," he said.

Before the Mastercard attack, Coldblood, told the BBC that "multiple things" were being done to target companies that had stopped working with Wikileaks or which were perceived to have attacked the site.

"Websites that are bowing down to government pressure have become targets," he said.

"As an organisation we have always taken a strong stance on censorship and freedom of expression on the internet and come out against those who seek to destroy it by any means."

"We feel that Wikileaks has become more than just about leaking of documents, it has become a war ground, the people vs. the government," he said.

Some of the early DDoS hits failed to take sites offline, although that was not the point of the attacks, according to Coldblood.

"The idea is not to wipe them off but to give the companies a wake-up call," he said. "Companies will notice the increase in traffic and an increase in traffic means increase in costs associated with running a website."

DDoS attacks are illegal in many countries, including the UK.

Coldblood admitted that such attacks "may hurt people trying to get to these sites" but said it was "the only effective way to tell these companies that us, the people, are displeased".

Anonymous is also helping to create hundreds of mirror sites for Wikileaks, after its US domain name provider withdrew its services.