Authorities in the US and Germany have raided Internet Service Providers in hopes of tracking down the hackers who launched distributed denial of service (DDoS) attacks against websites such as Visa.com, PayPal.com, and Mastercard.com earlier this month.
In documents posted to the Smoking Gun website, the US Federal Bureau of Investigation describes the complex path its investigation has taken as it has searched for the computers that served as a central meeting point for the attacks.
After Germany's Federal Criminal Police raided service provider Host Europe, they linked one of he IRC servers to Dallas's Tailor Made Services, the documents state. Two hard drives were seized from Dallas's Tailor Made Services on Dec. 16, the Smoking Gun reports. Another IRC server has been traced to Fremont, California's Hurricane Electric.
Neither Hurricane Electric nor Tailor Made Services could be reached immediately for comment on Thursday.
The early-December attacks were part of a grassroots campaign called "Operation Payback", which tried to put pressure on companies that had severed relations with WikiLeaks after it began publishing classified US Department of State cables. Operation Payback is the work of a group called Anonymous, which has launched similar attacks against the Church of Scientology and the Motion Picture Association of America in the past.
The attacks were strong, but minimally disruptive. They knocked websites offline, but they didn't touch any of the target's back-end transaction processing systems. They also garnered a lot of publicity for Anonymous.
Ringleaders urged volunteers to download software that flooded websites with useless internet traffic, ultimately causing may of them to come grinding to a stop. Other victims included the websites of WikiLeaks critic Sarah Palin and the Swedish Prosecutor's Office, which is pursuing sex charges against WikiLeaks founder Julian Assange.
The FBI investigation centres on the IRC servers, used to coordinate the attacks. The FBI initiated the investigation on Dec. 9 after PayPal provided them with the Internet Protocol addresses of eight IRC servers used in by the group.
On Dec. 9, Dutch police arrested a 16-year-old boy in connection with the attacks.