People claiming affiliation with the hacktavist group Anonymous have threatened large-scale, worldwide action against the oil and gas industry with an action dubbed #OpPetrol.

A missive, claiming to represent ‟a new generation of Muslims” and posted earlier this month to the text-based document sharing site Pastebin threatened hacks against the websites of corporations in the United States, Canada, England, Isreal, China, Italy, France, Russia, and Germany, as well as the governments of Saudi Arabia, Kuwait, and Qatar.

The document suggests a Middle Eastern origin for the attacks as well as an anti-Israeli, anti-American bent to the group’s mission. The motivation or the action is that the primary currency of the international oil export market is the U.S. dollar, meaning transactions aren’t handled in the local currency of the country where the oil is produced. The group argues this system leads to the western exploitation of Middle Eastern and Asian energy resources.

‟Why this Op? Because Petrol is sold with the dollar... and Saudi Arabia has betrayed Muslims with their cooperation. So why isn't Petrol sold with the currency of the country which exports it? Because the Zionists own us like this,” the document reads. ‟We defend our dignity and the dignity of all races, even if they are not Muslims. We are not racists. You can call us Jihadists or ‛terrorists,’ whatever you want, BUT, the REAL terrorists know who they are, and so do we... They are the killers of innocents, the stealers of land, dignity, rights, and resources; they are the creators of the bombs, drones, and surveillance technologies that have stolen all that is sacred from us.”

An image circulating online shows a list of targeted companies—primarily national and private energy firms based in the Middle East and Asia.

#OpPetrol target list map


While the main event is scheduled for June 30, #OpPetrol has already yielded some results.

This tweet from an Anonymous affiliated account boats of one energy industry site that has been taken down:

Another #OpPetrol branded document posted to Pastebin lists over 800 websites hacked by Anonymous in support of the operation. A cursory scan of the list shows that the majority of the affected sites aren’t all directly related to the energy sector—many having to do with tourism, IT business, or education.

The people behind #OpPetrol have another document in Pastebin listing the names and credit card information of over 500 individuals. That document is not being linked here for privacy reasons.

A report about #OpPetrol by energy industry IT firm Cimation noted that participants in the operation recently posted recommended techniques for doing damage to an online open forum. All three techniques are Perl scripts for doing things like attempting to break into a Facebook account by automatically attempting to match a password with a large word list. Another one of the exploits posted on the forum fortunately has already been patched.

In its own report on the upcoming attack, cybersecurity firm Symantec explained that these sorts of attacks are ‟typically low scale,” but advised the targeted industries and government agencies to take them seriously:

Based on previous observations the attacks will most likely leverage multiple attack vectors, including “run-of-the-mill” distributed denial of service (DDoS) attacks, phishing/spear-phishing emails, intrusion and data-theft attempts, vulnerable software exploration, web application exploits, and possibly website defacement.

Symantec warned that an announcement of this nature should be taken with a grain of salt. ‟Public announcements by these groups are often used as a means to gain notoriety or media attention and can be of highly volatile credibility,” noted the company’s report.

This action comes exactly one year after last year’s OpPetrol, which attempted to organize an attack against the same targets for similar reasons. In fact, the Pastebin document from the 2013 operation is almost word-for-word identical to the one posted this week.

Photo by Arne Hückelheim/Wikimedia Commons (CC BY-SA 3.0)