Low Orbit Ion Cannon: Exposed


[one_fourth last=”no”]

In December alone, LOIC was downloaded over 30,000 times by people who bought into the idea of being part of an “Internet Protest.”[/one_fourth]

[three_fourth last=”yes”]

The United States Department of Justice, the Recording Industry Association of America, the Motion Picture Association of America, Amazon, PayPal, MasterCard, Visa. If you’ve heard of the attacks on any of these organizations, then you’ve heard about the results of the Low Orbit Ion Cannon (LOIC). LOIC is the weapon of choice of Anonymous and other “hacktivist” groups, enabling them to command a voluntary botnet.

What is the LOIC? How does it work? What good does it do? In this article, The Powerbase is going to examine the LOIC, and give our readers the information they need to interpret these current events.[/three_fourth]

What is the LOIC?

HIVEMIND completely changes what we think of as a botnet; for the first time, users can voluntarily give up the control of their machine to a centrally controlled server.

The LOIC started it’s life as an open source network testing tool by Praetox Technologies, designed to allow developers to stress test their servers and applications to see how well they will perform under heavy load. Praetox eventually released LOIC into the public domain, and it was picked up by Anonymous for use in Project Chanology in January 2008. Through various revisions and updates, LOIC has gotten some new features. The most widely used version, developed by NewEraCracker, introduced the biggest addition from the original version: HIVEMIND, the ability to be remotely controlled via an IRC server. The user simply inputs the IRC server, and the LOIC tool does all the rest.

HIVEMIND completely changes what we think of as a botnet; for the first time, users can voluntarily give up the control of their machine to a centrally controlled server. By using LOIC’s HIVEMIND mode, you allow your computer to be a pawn in a game you have no control over, while the individuals pulling the strings remain safely hidden behind the scenes.

As for how the LOIC works, it uses concepts as old as the Internet itself. There’s nothing special going on here, the tool simply floods the target will malformed requests designed to slow down the server. If enough of instances of the LOIC are run on enough different computers, it’s possible to bring the entire website down as the system struggles to answer all of the requests. It’s important to realize that no permanent damage is done during such an attack, and in fact the effect of this attack is very similar to what would happen if a site suddenly got linked to from a very popular website like Slashdot. Such an attack is known as a “Denial of Service” (DoS) attack, and when it’s effects are amplified by running it on hundreds or thousands of systems at once, it is referred to as a “Distributed Denial of Service” (DDoS).

The Anonymous Puppet-master

LOIC Instructions
Misinformation is the name of the game.

One of the biggest misconceptions about the LOIC software is that the individual users are somehow “untraceable”, which gives would-be users a false sense of security. If anyone is protected by this software, it’s the groups who are commanding the botnet. The attacks leave no sign of their commanders on the targeted servers, but plenty of evidence to incriminate those who run LOIC. Others claim that, since LOIC is not considered a Trojan or virus by popular antivirus applications, that the software must be safe. This shows a grotesque misunderstanding of the topic, and is rather worrying in it’s own right.

This misinformation is an integral part of the plan. If the users of LOIC realized how easily they could be tracked while using the software, they simply wouldn’t get involved. By leading these people on, they can get large numbers of users to commit their computers and Internet connections to the whims of Anonymous (or whoever decides to leverage LOIC). Preying on Internet users who may not have a strong grasp of these concepts, putting them directly in harm’s way just to further your own goals, is despicable. In December alone, LOIC was downloaded over 30,000 times by people who bought into the idea of being part of an “Internet Protest.”

About Tom Nardi

Tom is a Network Engineer with focus on GNU/Linux and open source software. He is a frequent submitter to "2600", and maintains a personal site of his projects and areas of research at: www.digifail.com .
  • Jonas Kulla

    Soo, how about you write your next article about how to distinguish between LOIC users and the million other malware-infested PCs, which are already part of a real botnet?

    Are you saying we should be able to arrest anyone without proper anti-virus?

    • Artimus

      Why would it matter? If your site/server is under DoS attack, you should be collecting data from the logs and sending it to the ISP’s abuse contact so they can start an investigation. A botnet is a botnet, the goal is to shut them down. Doesn’t matter who is pulling the strings.

      Are you saying we should only shut down botnets controlled by Anonymous?

      • Jonas Kulla

        No, what I’m saying is that their way of assuring wasn’t “LOIC isn’t traceable”, it was “if you ever get caught just pretend you didn’t know about anything, so they will just have to assume you’re another botnet victim, and will probably just tell you to install an anti-virus or something”.

  • Nick

    Well, although I don’t think the revolving seats behind anonymous have thought through the potential unwanted side effects of their actions. They are at least TRYING to stop the stupidity of censorship legislation.

    Exactly what are you doing? Are you only complaining about the methods of others whom are getting off their asses to stop censorship that you too would not like?

    Here’s the thing. When those who implement laws do things of detriment to the people they supposedly represent, fighting those laws puts you in direct conflict with them and thus there is risk. It cannot be any other way!

    Those who want censorship for whatever reason, are in positions that they can implement it via legislation. If we all do nothing because it is too risky, censorship will be implemented because there is nothing to stop it.

    So Tom please, as a network engineer who realises the benefits of free access to infinite amounts of information BEFORE you lose it completely, perhaps you could spend your time trying to work out a better way to stop censorship yourself rather then post scare pieces which can only do the opposite.

    This is a game, but a very serious game with very serious consequences should we not provide an opposing force to this madness.

    • Bates

      Is this a joke? What has Anon ever accomplished by DDoS’ing sites other than get their members arrested? And censorship? Really? They attack whoever they want for whatever random reason they have, it’s never been about censorship.

      Things like the Internet Blackout worked because it was a willing statement. This is just childish behavior that helps nobody.

      • http://twitter.com/L_u_x_ David Kennedy

        Between an entire internet blackout – and dramatic attacks and influence of anonymous SOPA as well as other copycat legislation failed. That’s all… and what does that mean? It means – if you understand the vague and near limitless control that these pieces of law offered the government – that you still have a free and open internet… not bad for a 3 second download (although the real payload comes from botnets) – DDoS attacks are just one part of the arsenal – online activism, protests and a tremendous social network system are equal parts.. but there is no dog without the bite.

      • http://twitter.com/L_u_x_ David Kennedy

        And yes. It IS about censorship… though they’ve attacked others in the past that was when anon was finding it’s calling. There is absolutely no doubt that it’s “about censorship” – and it implies you really don’t know the group if you say it doesn’t.

      • http://twitter.com/L_u_x_ David Kennedy

        and lastly…. there would have been no internet blackout without anonymous. It is their activism that brings major players to the forefront to show their support. You can doubt that.. if you’d like.. but it’s true. Occupy Wall Street – also anonymous. There’s an incredible strength to their anonymity and their numbers — and they are just beginning.. they’ve only recently found their place in the world. Stay tuned.

  • Pingback: Low Orbit Ion Cannon Exposed | Linux | Syngu()

  • Pingback: Links 6/3/2012: Rejecting a New Mac and Vista 8; Linux 3.3 RC6 is Out | Techrights()

  • Pingback: Anonymous Creates Profit Center With Duck Duck Go()

  • Pingback: How Wikileaks separates itself from Anonymous? « phr33dom()

  • Kryde Steensvig

    to its defense. you mention that people using it is farely safe. then go on to say that they are not. then again mention that in December alone it was downloaded more than 30.000 times.

    you haven’t seen many arrests have you ?

    Lulzsec and most of the people now in jail, was not script kiddies doing DDOS attacks with LOIC

  • http://twitter.com/L_u_x_ David Kennedy

    Oh and one more thing. There’s no attack that isn’t traceable – in the same way that there’s nothing that isn’t hackable. Although an attack that cleans up after itself… and deletes all the logs… is pretty close – but while the attack is happening there’s always a way to find the source.

  • http://twitter.com/L_u_x_ David Kennedy

    Actually….. I’m still not done. :) Put it this way….. I think it’s perfectly fine that you are warning people about the LOIC being traceable… but also have one question — would you feel alright with griping about Anonymous on your website? 😀 The answer to that question admits their strength. They can bring down the FBI website.. Mastercard, Visa.. invade entire databases and drop them to the public for all to see – crack your twitter, facebook, all your emails and eavesdrop in your private chat channels (which they did for a private conference between FBI, CIA and European intelligence groups) If they can’t hack it quickly – they’ll social engineer the info out of you like candy from a baby… I don’t doubt them… I’ve seen their work. So.. simply put – maybe it’s a risk for the individual – but anonymous has proven their strength.. and aimed at the right target I’m glad they take the risk. Many disagree.. but what some see as anarchist low-lifes.. I see as the good guys..

  • http://www.facebook.com/people/Britt-Fox/1564296669 Britt Fox

    Nothing from any of the three branches of the United States government gives me hope in regards to freedom of speech or personal rights, much less privacy…Anonymous does.

    This is the future of war. Waged with a keyboard and an Ideal. Even if it’s taken awhile to fully develop that ideal. It’s always been true that heroes come from the unlikeliest of places, and never intended or wanted to be one.
    It’s ‘We The People’ on a global scale. How can that be bad?

    • Freedom

      So you think that Anonumous protects people’s freedom of speech…by shutting down other people’s websites and REMOVING their ability to express themselves?
      Silencing the people you don’t agree with isn’t freedom of speech, it’s the exact oposite.