After the FBI raids against Anonymous members that were carried out a few weeks ago, some might wonder where exactly the police was getting the names and addresses of the hackers the FBI claimed to arrest. Now the answer seems to be close to us: it turned out that such information was included into the shopping list details provided to the FBI by PayPal.
According to the media reports, PayPal, the online financial entity, is no longer a friend of Anonymous, and is known for collecting a thousand of IP addresses of people noticed to carry out Anonymous' denial-of-service attacks against PayPal late last year.
Meanwhile, everyone who understands that a hacker must know at least some ways to mask their address before doing things like this will realize that the names on the provided list most likely appear the bottom feeding script kiddies. Considering that the FBI is trying to catch the high-profiles Anonymous leaders rather than average members, there are some doubts that the clever hackers won’t think about hiding their IP addresses first. Still, an FBI affidavit suggests that the authorities may have many more people to arrest.
According to one of the FBI agents, PayPal security department has been cooperating with the bureau since the beginning of December, a couple days after the online payment system froze WikiLeaks’ donation account, because it soon found out that the company website started receiving serious DDoS traffic.
The FBI agents started monitoring Anonymous press releases, and at the same time PayPal started collecting traffic logs on its intrusion prevention system that had been installed on its network. The online payment company provided the FBI a USB thumb drive with the traffic logs in question, which contained about one thousand of IP addresses sending malicious network packets to the service within the DDoS attacks. The FBI receives the IP addresses engaged in sending the largest number of packets coming from hackers. Those packets contained such strings as “Wikileaks” and “Goodnight”.
According to the media reports, the affidavit was offered in support of a search warrant for the house of a Texas couple and their son. Although the family hasn’t been charged yet, the house became the source of over 3,500 packets in about 2.5 hours.