Security Experts:

Group Behind DDoS Against WikiLeaks Targets Russian News Agency

Anti Leaks, the group responsible for a recent DDoS attack against WikiLeaks, has turned their sights on RT.com, a state sponsored news agency in Russia. The DDoS attack was confirmed by the group early Friday morning.

Anti Leaks confirmed the DDoS attack over Twitter, and referenced "Pussy Riot", the group who is accused of hooliganism, by way of “religious hatred and animosity towards a social group of citizens.”

The women on trial, Nadezhda Tolokonnikova, Maria Alyokhina and Ekaterina Samutsevich, face a reported three years in prison each for their protest earlier this year in an Orthodox church. A verdict in their case is expected to be delivered later this afternoon.

However, there is other speculation as to the cause of the attack on Russia Today, which centers on Anti Leaks’ previous target. RT.com has ran a series of pro-WikiLeaks and pro-Julian Assange articles. Anti Leaks attacked WikiLeaks shortly before a new batch of Stratfor emails was to be published, and the group called Assange “a new breed of terrorist.”

WikiLeaks itself was able to recover from the attack thanks to help from CloudFlare, after a cry for help on Twitter. At peak, WikiLeaks said the attack reached levels of 10Gbps.

“...the DDoS is not simple bulk UDP or ICMP packet flooding, so most hardware filters won't work either. The range of IPs used is huge. Whoever is running it controls thousands of machines or is able to simulate them,” the organization said.

As for RT.com, the site was down for a brief period, but was functioning normally shortly before 06:00 EST, Friday morning.

Steve Ragan is a security reporter and contributor for SecurityWeek. Prior to joining the journalism world in 2005, he spent 15 years as a freelance IT contractor focused on endpoint security and security training.