Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

FBI Warns of Hacktivist DDoS Attacks in “Operation New Son”

FBI Sends Warning to InfraGard Members of Possible Memorial Day Attacks

On Thursday, the FBI issued an alert to InfraGard members, warning them about an alleged plot to launch a series of DDoS attacks against high profile corporations. The campaign, titled OpNewSon (Operation NewSon), was initially proposed in April by a group of Anonymous supporters using the name TheWikiBoat.

FBI Sends Warning to InfraGard Members of Possible Memorial Day Attacks

On Thursday, the FBI issued an alert to InfraGard members, warning them about an alleged plot to launch a series of DDoS attacks against high profile corporations. The campaign, titled OpNewSon (Operation NewSon), was initially proposed in April by a group of Anonymous supporters using the name TheWikiBoat.

The FBI’s warning, which was sent from the Public/Private Alliance Unite (PPAU) appeared on Friday in a report published by ThreatPost. The PPAU is the FBI unit responsible for managing InfraGard. 

The letter lists 46 proposed targets including Apple, HP, Toyota, Wal-Mart, Wells Fargo, Bank of America, KPMG, Cargill, and IBM, just to name a few. The warning, as the letter explains, is sourced from public reports, but is relevant to the FBI’s ongoing investigations into hacktivist groups associated with Anonymous.

One of the public reports is a Pastebin post from April. In it, a group calling itself “TheWikiBoat” says that OpNewSon’s intended goals are cyber protest – such as DDoS – and the release of “precious classified data.”

“Those targets are none other then the ones who ultimately rule: the high revenue making companies of the world. While attacking the major companies of this planet may seem lulzy, we also wish that this operation make a difference. We are “sticking it to the man” so to speak. Our hopes are set out on this being a major operation because after all, we will be hitting major corporate/incorporate associations,” the notice explains.

While the list of proposed targets mentioned by the FBI consist of the usual suspects, such as banks and large corporate powers, others on the list are questionable, such as Kroger – a grocery store chain in the Midwest, McDonalds, BestBuy, and organizations in China and Japan.

While targeting technology giants, banks and related financial firms would be expected when “sticking it to the man,” it isn’t clear how a grocer, retail outlet, or fast food chain fit into the mix.

Two separate sources speaking on the condition that they remain anonymous (ironic no?) as they were not authorized to speak on record to the media, confirmed the letter as authentic. One of them, who happens to work within the IT department of an organization proposed as a target, said that the intent of the letter is clear; it’s just a basic heads up.

However, the Memorial Day holiday means that some IT departments will be running skeleton crews.

“If you’re already understaffed, holidays and summer vacations can add additional strain. The PPAU knows this, so the letter is a warning to remain vigilant and keep your eyes open,” the InfraGard member explained.

“In a situation like this, we’ll monitor the servers and tune the heads-up to look spikes in traffic that doesn’t follow the norm. Otherwise, we have to trust in our current defenses and our IR [Incident Response] plans.”

OpNewSon is slated to start later this afternoon. We’ll update this story if there is anything further to report.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Cybercrime

The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool...

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.