Anti-ISIS Hackers Tested DDoS Tool on BBC’s Websites

A hacking group going by the name of “New World Hacking” claimed responsibility for taking down BBC websites for multiple hours on New Year’s Eve through a distributed denial of service (DDoS) attack, but said they were only testing a new attack tool.

On December 31, 2015, BBC started experiencing issues with its websites at around 07:00 AM GMT, and it initially called the problems “technical issues,” but later revealed that they were the result of a DDoS attack carried against its services. According to the company, the attack caused an iPlayer database to malfunction, and the connected services became unavailable because of that.

After the incident was over, BBC said that it was indeed hit by a DDoS attack and that both its main website and associated services such as main iPlayer catch-up service and iPlayer Radio app were knocked offline. The issue was resolved rather quickly, with all services back online by 10:30, though some pages took longer to load than normal.

A couple of days later, the company found out that the New World Hacking group, which usually goes after members of the so-called Islamic State (also known as IS or ISIS), was behind the attack. The hackers contacted BBC technology correspondent Rory Cellan-Jones on the matter and revealed that the attack was, in fact, only a test.

Breaking – US-based group calling itself New World Hacking claims it carried out BBC DDoS. Usually targets IS but was “testing” its systems

— Rory Cellan-Jones (@ruskin147) January 2, 2016

Apparently, the group came up with a tool called Bangstresser, which it plans on using against ISIS targets. They also revealed that the tool is capable of launching 600 gigabit-per-second (Gbps) attacks, thus being able to take down some of the largest websites on the Internet. The group decided to use the tool against BBC to test its actual power.

Message to me from New World Hackers on BBC DDoS : “It was only a test, we didn’t exactly plan to take it down for multiple hours”

— Rory Cellan-Jones (@ruskin147) January 2, 2016

BBC also discovered that the hacker group was created in 2012 and reportedly includes 12 members, eight male and four female. They have been engaged into a campaign against the Ku Klux Klan recently, as well as in the #OpParis effort, which focused on finding and reporting the social media accounts of ISIS members following the November attacks in Paris.

Soon after BBC published their findings on the DDoS attack, the New World Hackers group took it to twitter to reiterate that the attack was only a test and that ISIS remains their main target. What’s uncertain, however, is whether the group will carry out similar “tests” in the future as well, or will focus on catching bad guys instead of taking down legitimate services.

REMEMBER.. Only a DDoS attack test.. ISIS will be our main target. #BinarySec https://t.co/tNizF8aTDl

— New World Hackers (@NewWorldHacking) January 2, 2016

A November report from Kaspersky Lab revealed that nearly half of DDoS attacks carried out in the third quarter of 2015 were powered by Linux-based botnets. The most notable of them used systems infected with the XOR DDoS Trojan and was capable of launching 150+ Gbps attacks.