Hackers knock MasterCard, Visa offline for WikiLeaks cutoff (updated)

By Rob Pegoraro

I hope you weren't planning on looking for a new credit card or finding an ATM at MasterCard's site this morning. The credit-card firm's Web presence has been largely unreachable for the past few hours after a coordinated attack intended to punish it for refusing to process donations to WikiLeaks.

Reports such as TechCrunch's post indicate the "denial of service" operation was coordinated through 4chan, a free-form message-board site that's been used to arrange numerous other sorts of Web mischief and sabotage, as well as a separate effort called Operation Payback.

The latter site took responsibility for the MasterCard attack in a tweet earlier this morning.

(10:38 a.m. Netcraft, a British Internet-services firm, has posted a useful summary of the mechanics of this attack.)

MasterCard and other payment-processing firms, including PayPal and Visa, cut off WikiLeaks transactions earlier in the week, citing violations of their terms of service. (Earlier today, a PayPal executive told attendees at the LeWeb conference in Paris that the company did so after a request from following the lead of the State Department.)

People have since complained that these companies' actions amount to a form of government-directed censorship. Journalism professor and media critic Jeff Jarvis grumbled that he could use Visa and MasterCard to contribute to the Ku Klux Klan -- but not to WikiLeaks.

In other news, MasterCard's Wikipedia entry briefly led with a description that doesn't quite meet the crowdsourced encyclopedia's "neutral point of view" requirement:

MasterCard is an evil puppet of the US government, bowing to demand to cease handling WikiLeaks payments due to some vague reference to illegal activity. They are scumbags and should be called up on their actions!

Anybody want to bet on the odds of Visa and PayPal's sites staying intact through the rest of today?

4:57 p.m. We have our answer on that. Visa's site is down as well, yielding only an error message. Once again, Operation Payback took credit in a tweet--sent only two minutes after ordering up a denial-of-service attack via Twitter and Internet Relay Chat.

But Operation Payback's own site has gone offline, apparently after being suspended by its Web-hosting firm. Facebook has also evicted the group's page, it said in a tweet that linked to a screengrab of its removal notice.

Facebook spokesman Andrew Noyes confirmed the page's removal. The site's terms of service prohibit using it for "anything unlawful, misleading, malicious, or discriminatory."

(I've changed the headline to reflect this. I've also corrected a line about PayPal's involvement.)

6:56 p.m. Visa's site is back up. MasterCard's came up a while back--spokesman James Issokson wouldn't give an exact time, saying it came online in stages over a few hours--and the Purchase, N.Y.-based firm has issued a press release saying neither its "core processing capabilities" or cardholders' account data had been compromised.

Twitter, meanwhile, has suspended Operation Payback's "Anon_Operation" account (breaking the links to its tweets above). That operation has, of course, opened a new account, "AnonOperation," and resumed its postings. It called for a new "DDoS" attack on Visa 14 minutes ago, but the site seems to be holding up.

Sarah Palin is saying her site was attacked as well, my colleague Emi Kolawole reports.

For more context, see the story Joby Warrick and I wrote about the persistence of WikiLeaks online.