23 August 2015

SAIC Whistlebreakers

A sends:

About those bots:

https://cryptome.org/2015/08/kill-thieving-bots.pdf

I work at SAIC and a loose-lipped co-worker was bragging about his "whistlebreaker" project. That was not the real name it was just what he called it. It sounded like it had three parts.

One was to flood leak websites with fake submissions with tor targeting websites that use Secure Drop and Global Leaks. It was not clear if he meant flood with false leaks or denial of service. I did not ask any questions I just let him talk.

The second part was using bots to hog bandwidth from leak websites to drive their costs "sky high" and to deny that bandwidth to legitimate users.

The third part was triggering bans on proxies VPNs and tor exit nodes, making as many file requests as possible so that users will not be able to use them to safely access websites. It involved using or circumventing the .htaccess file I am not sure which.

"The goal is to divert bandwidth strangle traffic and get them to block their own users."

Good luck and keep it up.