Black card

DDoS attack knocks American Express offline

Shares

A distributed denial of service (DDoS) attack took down the credit card company, American Express, yesterday afternoon, Motherboard reported.

According to an anonymous AmEx employee, the event may have been connected to the fight between Holland’s anti-spam group Spamhaus and hosting company Cyberbunker, which slowed the Internet appreciably in Western Europe. Cyberbunker launched the largest recorded DDoS in history attack against Spamhaus for its inclusion of Cyberbunker in its global spam list.  

Online payments company Dwolla was also affected earlier yesterday by a DDoS attack.

In addition to its website, AmEx apps were also affected. The attack lasted for about two hours before the company could restore its properties, according to Bankinfosecurity.com.

However, the New York TimesBits blog suggested this hack could be part of a long-term campaign against financial institutions that began last September and may have state support.

A hacking group calling itself the “Izz ad-Din al-Qassam Cyber Fighters” (whose name indicates a supposed connection to the Islamist group Hamas) has allegedly hit Wells Fargo, Bank of America, and JP Morgan during the course of this campaign, dubbed Operation Ababil.

“The group says it is retaliating for an anti-Islamic video posted on YouTube last fall,” said Bits. “But American intelligence officials and industry investigators say they believe that the group is a convenient cover for Iran.”

In a statement, AmEx said, “We experienced intermittent slowing on our website that would have disrupted customers' ability to access their account information. We had a plan in place to defend against a potential attack and have taken steps to minimize ongoing customer impact."

Company spokesperson Amelia Woltering claimed that AmEx had uncovered “no evidence to suggest that customer data or account information was exposed or compromised during the attack.”

An Islamist-affiliated blog posted a statement on the attack.

“The qassam group today has targeted its goals by powerful attacks. The Bank of America and American Express have gotten out of reach today due to Izz ad-Din al-Qassam group’s attacks. The Qassam group’s attacks to these Banks have caused the banks to be unable to offer service to their customers and this lead to their protests.  

The Qassam group has announced that till to complete removing of the film from internet, will continue its attacks to the U.S. Banks. The efforts of the authorities in order to prevent against the attacks have been ineffective until today.”

There is no evidence that Bank of America was also hacked yesterday.

H/T Motherboard | Photo by Clemson/Flickr