Muslim hackers claim responsibility for attacks on Wells Fargo

GlobalPost

US bank Wells Fargo suffered online service interruptions Tuesday during periods of unusually high web traffic volumes originating from a denial-of-service (DoS) cyberattack.

Wells Fargo spokeswoman Bridget Braxton confirmed to Reuters that the bank’s website and online banking services were disrupted but did not specify where the attacks came from.

"The vast majority of customers are not impacted and customer information remains safe," Braxton said. 

Muslim hackers, part of a group known as the Izz ad-Din al-Qassam Cyber Fighters, claimed responsibility for the attack as part of the group’s ongoing campaign against US-based financial institutions. 

More from GlobalPost: Anonymous, RedHack breach Mossad servers, hackers claim

“We have already stated that removal of the offensive video, INNOCENCE OF MUSLIMS, from YouTube is the simplest solution to stop the cyber-attacks. During last week the below list of banks and/or financial services were being chosen as target: BB&T, PNC, Chase, citibank, U.S. Bancorp, Suntrust, Fifth Third Bancor, Wells Fargo, and some others,” read a statement issued by the by the hackers through their pastebin account, QASSAMCYBERFIGHTERS, an account used by the organization several times during previous operations. 

Known to many as the Muslim world's Anonymous, earlier this month Izz ad-Din issued an ultimatum that their distributed denial of service (DDoS) attacks against American banking institutions would continue unless insults against the Prophet Mohammed were removed from YouTube.

If claims made by Izz ad-Din are true, yesterday’s attack against Wells Fargo is part of a now six-month-long campaign to remove the Innocence of Muslims video from YouTube and other sites. 

Izz ad-Din pledged to continue the attacks until banks lose $100 for every view and "like" earned by each copy of the video on YouTube. The hackers estimate that banks lose $30,000 for each minute their websites are down. Using their math, banks will lose more than $900 million before the attacks will cease.

More from GlobalPost: Syria's rebel hackers are losing the cyber war

As the operation continues, techniques used by Izz ad-Din to carry out cyberattacks are growing in sophistication and strength, posing a growing threat to investors and deposit holders across the United States. 

"The third wave of attacks has matured in several meaningful ways," director of security research at Arbor Networks Dan Holden told Information Week.

"The size of the botnet has continued to grow, new techniques and toolkits are being developed and the attackers continue to focus further on the application level."

According to Holden, Izz ad-Din is randomizing the techniques used in their cyberattacks to test and analyze bank’s defenses against DoS attacks. 

More from GlobalPost: Some in Congress join fight to reform cybercrime law 

"The attackers are beginning to use more sophisticated tactics as defensive capabilities improve and mitigation against the attacks continues to be successful," Holden said. "We are seeing randomization capabilities in the attack tools for the first time during the approximately seven-month campaign. We expect these trends to continue as the campaign carries on."

Sign up for our daily newsletter

Sign up for The Top of the World, delivered to your inbox every weekday morning.