Under Attack?
Search
Menu
  • Blog
  • Hacks
  • ALERT: OpKillingBay Threats on the Rise

ALERT: OpKillingBay Threats on the Rise

By Daniel SmithOctober 23, 2015

OpKillingBay is a yearly hacktivism operation by Anonymous, activists and other organizations in response to the hunting of whales and dolphins in Japan and Denmark. This year’s denial-of-service (DoS) attacks began in early September with an uptick in attacks in October following a TweetStorm earlier in the month.

This year OpKillingBay featured a two front campaign:  one for Japan and the hunting of dolphins and the other for Denmark and the hunting of whales. Each campaign featured their own website and information regarding each operation.  The Denmark operations are distinguished from the Japanese operations with the hashtag #OpKillingBay #EU.

OpKillingBay01

“Whaling was outlawed in 1986 by the International Whaling Commission, but dolphin hunts remain legal, The Must be change #OpKillingBay”
Anonymous organizers prepare content for TweetStorms, videos, target lists and websites.  The OpKillingBay website for Japan this year featured pre-scripted tweets that included @mentions, hashtags and images for each tweet.  They also provided pre-scripted tweets for the TweetStorm in English, Japanese, Dutch, French, German, and Spanish.  In addition, they provided scripted tweets designed to call out sponsors of the upcoming Olympics in Japan.

OpKillingBay02

Operation Websites:

Each operation also provided their own target list for other hacktivists to attack.

OpKillingBay03

Savn.fo was targeted after it was discovered to be used to track whales

This year the attackers behind OpKillingBay targeted a wide variety of industries on both fronts of the operation.
Industries:

[one_half]

  • Transportation
  • Retail
  • Banks
  • Government

[/one_half]
[one_half_last]

  • Media
  • Tourism
  • Worker Union’s

[/one_half_last]

A single hacker that goes by the handle RektFaggot has attacked over 28 targets from Denmark to Japan since the beginning of September. Rekt has been one of the main hacktivist for OpKillingBay. The hacker has provided target lists, scan reports, data dumps and directly attacked victims. In addition to OpKillingBay, Rekt has also engaged in OpSeaWorld, OpWhales and OpFunKill.

OpKillingBay: 28+ Sites attacked by Rekt since the beginning of September

[one_half]

  • unyuroren.or.jp
  • Town.koya.wakayama.jp
  • town.kudoyama.wakayama.jp
  • town.taiji.wakayama.jp
  • town.taiji.lg.jp
  • cypress.ne.jp
  • whaling.jp
  • plala.or.jp
  • japanpost.jp
  • jnto.go.jp
  • narita-airport.jp
  • centrair.jp
  • the-japan-news.com
  • ascii.jp

[/one_half]
[one_half_last]

  • smyrilline.dk
  • savn.fo
  • lindin.fo
  • faroeislands.fo
  • chw.jp
  • city.iwade.lg.jp
  • drekin.fo
  • elektron.fo
  • borg.fo
  • shimoda-aquarium.com
  • aburatsubo.co.jp
  • marine-world.co.jp
  • ven.fo
  • sif.fo

[/one_half_last]

OpSeaWorld: 11+ Sites attacked by Rekt since the beginning of September

[one_half]

  • Sochiaquarium.ru
  • Marineland.fr
  • Georgiaaquarium.org
  • Zoo.pt
  • Tiergarten.nuernberg.de
  • Gulfarium.com

[/one_half]
[one_half_last]

  • Bodrumdolphinpark.com
  • Dolphin-academy.com
  • Dlfinarium.nl
  • Curacaodolphntheraphy.com
  • Mundomar.es

[/one_half_last]

OpWhales: 1 Site attacked by Rekt since the beginning of September

  • Iceland.is

OpFunKill: 2 Sites attacked by Rekt since the beginning of September

  • Denmark.dk
  • Gordonramsay.com

OpKillingBay04

In this series of attacks, we have seen SQL injections, data dumps and service outages cause by denial-of-service attacks from ongoing campaigns by Anonymous.  OpKillingBay has targeted a number of industries directly and indirectly related to the hunting of dolphins and whales. Attacks like these are hard to avoid.  At the core of the problem are ideological differences.  The victims of these attacks are conducting business within the letter of the law.  The actions of the groups behind OpKillingBay are driven from an emotional and social justice perspective. These two sides may never see eye to eye and this could result in a persistent state of attacks.

These attacks aim to cause service outages due to vulnerabilities in server applications or a large amount of traffic aimed at a weak network.  Radware offers a full range of solutions to help your network properly mitigate attacks like the ones seen during OpKillingBay. Our DefensePro system can help provide your network with real-time behavioral based attack mitigation. Our Attack Mitigation Services (AMS) can also aid in detection and mitigation with cloud based volumetric attack scrubbing.

In addition to Radware products, it is recommended that you review your network once a year during the month of August.  These attacks happen yearly before the start of the fishing season in September.  Maintaining and inspecting your network is necessary if you are facing yearly attacks from hacktivists like those involved with OpKillingBay.

For more Information about this alert visit: http://global.radware.com/LP=242

Reports

Sources


To learn more about how you can protect your organization from attack, please download our DDoS Handbook.

Posted in: Hacks Security

Daniel Smith

Daniel is the Head of Research for Radware’s Threat Intelligence division. He helps produce actionable intelligence to protect against botnet-related threats by working behind the scenes to identify network and application-based vulnerabilities. Daniel brings over ten years of experience to the Radware Threat Intelligence division. Before joining, Daniel was a member of Radware’s Emergency Response Team (ERT-SOC), where he applied his unique expertise and intimate knowledge of threat actors’ tactics, techniques, and procedures to help develop signatures and mitigate attacks proactively for customers.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Contact Us Now

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

CyberPedia

An Online Encyclopedia Of Cyberattack and Cybersecurity Terms

CyberPedia
What is WAF?
What is DDoS?
Bot Detection
ARP Spoofing

Get Social

Connect with experts and join the conversation about Radware technologies.

Blog
Security Research Center
Close

What are you looking for?