A hacktivist group is claiming responsibility for outages affecting nine U.S. bank websites in recent weeks – part of a distributed denial-of-service (DDoS) operation that began last fall.
The group, called Martyr Izz ad-Din al-Qassam Cyber Fighters, posted a Pastebin message Tuesday that said it waged the DDoS attacks to protest the anti-Muslim film, “Innocence of Muslims,” which has remained on YouTube despite outrage in the Middle East and among sympathizers around the globe.
Website disruptions have affected JPMorgan Chase, Bank of America, Citigroup, Wells Fargo, U.S. Bancorp, PNC Financial Services Group, BB&T Corp., SunTrust Banks and Regions Financial Corp.
“Our aim of this operation is removal of that insulting and absurd film,” the Pastebin message said. “If you are in doubt of our statements and aims, we suggest that the U.S. authorities remove this offensive film from YouTube for one week experimentally. Then they will see whether the attacks will be stopped or not.”
On Dec. 21, the Office of the Comptroller of the Currency (OCC), a regulating body for national banks, issued an alert about the apparent uptick in DDoS attacks being waged against financial institutions.
The note, which was addressed to the heads of national banks, federal branches and agencies, technology service providers and other related organizations, warned that the aims of carrying out the DDoS attacks could range from a ploy to garner public attention to more damaging acts designed to enable fraud or the theft of proprietary information.
The Cyber Fighters group said its latest alleged attacks are the second phase of “Operation Ababil,” a DDoS mission it claims to have launched first against Bank of America in September.
Site takedowns have continued to occur at major U.S. banks over the past few months, with outage-reporting sites, such as sitedown.co, tracking access issues experienced by customers.
On Thursday morning, for example, there were multiple reports on the site of outages affecting Bank of America.