Anonymous is on a destruction spree lately—after Megaupload was killed, their reaction was swift and powerful. They made it look easy—and that's because thanks to the HOIC (High Orbit Ion Cannon), it is. Here's the newest hacker superweapon.
Anonymous relies on the mob, corralled by a vanguard of elites. It may have a serious brain trust at the top, but Anonymous' power—like any other popular movement—lies in its ability to arm the unskilled. When Anon wants to knock down a website, it organizes a heap of followers around one target, armed with software (HOIC) that overloads a server with fake visitors—a simulated flood of malicious traffic that pushes a site to its breaking point. And once a website is down, this software keeps it down.
Last year it was all about the Low Orbit Ion Cannon—an easy to use tool preferred by 4chan and Anonymous miscreants who wanted to attack websites. The LOIC made hacking so easy, all you needed was fingers, eyeballs, and a basic understanding of some written language:
The idea behind LOIC is that it can allow you to participate in attacks even if you've no clue how to hack. Just download a copy of LOIC (available for Windows, Mac, and Linux!), punch in the target information like a URL or an IP address and zap.
It was the hacking equivalent of microwaving your dinner. Now, it's evolved and pumped way the hell up.
A child could use the HOIC—and that's what makes it so dangerous. Pretty much anyone with eyeballs and a bone to pick can find HOIC via Google, install it in a couple of minutes, and be ready to go. All you need to do is type in a target website and click fire.
The HOIC has some diabolical tricks up its sleeve. First, it cranks out more dummy traffic—meant to overwhelm and crash a server with more fake "visitors" than it can handle—with a magnitude that outstrips anything the LOIC was capable of: one Anon told me he's able to fire off as much as 2 MB per second using HOIC. Part of the supercharging comes from the use of "boosters"—custom scripts that spread malicious traffic across a range of target sub-pages, rather than just one. For example: instead of hitting EvilSite.com, a booster will knock EvilSite.com/about.html, EvilSite.com/news.html, etc, all forged to look like the traffic is coming from a variety of spots. Think shotgun versus pistol.
"Most good firewalls have been written to block loic attacks," another Anon tells me, owing to the fact that it's been a 4chan standby for years. HOIC, on the other hand, is a newer weapon, and sites are less likely to be prepared for it. The use of boosters also confuses online defenses, turning a focused, easy to trace beam into an overwhelming scattershot. But HOIC can't turn any Anon into a lone wolf—an operative who actively uses the newest cannon said at least 50 users are necessary to give their targeted site enough of a walloping to take it down and keep it down.