Wells Fargo's logo. (flickr/Neubie)

Earlier this week the Izz ad-Din al-Qassam Cyber Fighters announced new distributed denial of service (DDos) attacks on U.S. banks, part of what they've referred to as Phase 2 of their "Operation Ababil." It appears that they have been true to their word.

As of 1:30 p.m. on Friday afternoon, virtually all of the most recent site outage reports on SiteDown.co, one of the largest website outage notification services, were for either Wells Fargo or Bank of America. Comments from Wells Fargo customers ranged from the questioning--"What idiots do you hire to manage to your website?" to the timely: "Did the mayans shut down wells fargo as well no world no monies (sic)."

The al-Qassam Cyber Fighters have repeatedly denied they are working for Iran, even though many security experts say the size of their attacks indicates state sponsorship. In various posts, usually published on Pastebin, the cyber attackers insist their efforts against American banks continue because Google will not remove the anti-Islam video Innocence of Muslims from the Internet in any country where they are not legally required to do so.

The actual impact on banks by the continued denial of service (four days of outages for Wells Fargo this week) is still unclear. A report by Bank Info Security about the first wave of attacks from the al-Qassam Cyber Fighters in October indicated that in addition to inconvenience and customer loss, there is a danger that DDoS outages could be distractions for real hack attacks, in which customer funds are covertly transferred away, possibly to support future cyber espionage.

Whatever is really going on with the Cyber Fighters, it is clear that some banks are still unprepared for their onslaught, and customers are angry. An anonymous user on SiteDown.com likely spoke for many, writing, "Unable to log on to Bill Pay; 4th day and counting; Wells: you need significant help here; do something quick!"

Wells Fargo, hit by al-Qassam Cyber Fighters DDoS attacks.

Denial of service elves Izz ad-Din al-Qassam Cyber Fighters issued a new statement Tuesday and apparently renewed DDoS attacks on American bank websites.

In a brief Pastebin post the hackers--who claim they are mainly motivated by outrage over the anti-Muslim video, Innocence of Muslims--acknowledged the horrific school shootings that took place in Newtown Connecticut on December 14th, but re-committed to their efforts against U.S. financial institutions:

Originally, we sympathize deeply with families of the schoolchildren victimized by the horrible happening of Sandy Hook Elementary school. It’s very clear that a system which its rulers and capitalists are the owners of weaponry big companies never care about occurrence of these events. The past week’s attacks, showed our ability in doing wideness attacks so efficiently and of course this is not all of the Izz ad-Din al-Qassam’s ability. The attacks will be persistent till eliminating injustice and stopping the insults to the prophet of mercy and removing the offensive film, and we are sure that we will reach to our goals.

Based on reports made to Sitedown.co of website outages, the al-Qassam Cyber Fighters have been true to their word. By 5:45 p.m. ET on Tuesday over 400 users had reported an outage at WellsFargo.com since 9:15 a.m. Other banks reporting outages Tuesday included Bank of America and Chase, but Wells Fargo seemed hardest hit.

The cyber-attackers also promised that this week's attacks "will be as wide as previous week" and that customers of the "5 major US banks" should prepare for more "sorrow" and "inaccessibility."

Bank of America, one of the victims of Operation Ababil (Screengrab)

The Izz ad-Din al-Qassam Cyber Fighters, who claimed credit for multiple DDoS attacks on American financial institutions like Bank of American and Suntrust, Inc., still steadfastly deny they were working for the Iranian government. Wired directs us to this interview with the hackers conducted in early November by researchers Flashpoint Global Partners, a security research firm.

The hackers always claimed in various Pastebin posts that their "Operation Ababil" was not motivated by a need to hurt the United States so much as they wanted to express outrage over the anti-Muslim film, Innocence of Muslims.

In their interview with Flashpoint, the hackers repeated the same sentiment, stating that they targeted banks to do “something proportional to what has happened against us. In the system where… religion and sacred things are not honorable, and only material, money and finance have value, this seems a suitable and effective… act[ion] and can influence governors and decision makers.”

Asked to respond to U.S. claims they were affiliated with Iran's military, al-Qassam said they weren't dependent on any government, just protesting "the insulting movie."

"But there are some ones," al-Qassam told Flashpoint, "who want to portray this action as political. So they are deflecting the issue to the side of their political leanings."

The Cyber Fighters may be telling the truth, but as Wired's Noah Schachtman noted, "some security researchers believed the attacks to be so sophisticated, they could’ve only been pulled off with government help."

For the time being it appears the Cyber Fighters have gone to ground and put their Operation Ababil on pause, as they haven't posted any claims of action on their Pastebin page for just over a month. We may not know what they’re up to until the next time someone tries to check their balance or load their bank’s website and gets only error messages in return.

Still from a trailer for Innocence of Muslims

Muslims protested at Google headquarters in London on Sunday, expressing outrage over the search giant's refusal to remove Innocence of Muslims from YouTube.

One of the men behind the event, Masoud Alam, told the Telegraph that there will be more protests "at the offices of Google and YouTube across the world." Muslims wish to ban the film, said Mr. Alam, because it is an "insult of the Prophet."

Some in attendance on Sunday said they want to expand their protests:

Sheikh Siddiqui, a barrister from Nuneaton, said he wanted to form a coalition with the Church of England, Catholics, Jewish groups, Trade Unions and even Conservatives to encourage their ranks to join his "campaign for civility".

"We want everyone in society to recognise these people are wrecking our fragile global society. We want the Church, the Synod, Jewish groups and establishment figures involved," he said.

The Telegraph quoted a YouTube spokesperson, who admitted that the company's efforts to "create a community everyone can enjoy" is challenging, "because what's OK in one country can be offensive elsewhere."

Google and YouTube are holding fast to what they see as a free-speech issue and has clearly stated that they will not remove or block the video in any country where it is considered protected speech.

Muslims have apparently protests online as well. Muslim Cyber Fighters continued a fourth week of well-organized denial of service attacks on American financial institutions last week, taking the websites of Regions, Capital One and SunTrust banks offline for several hours a day.

Muslim cleric Izz ad-Din al-Qassam (Wikimedia)

If customers of Regions Bank were having trouble reaching the institution's website Thursday, they could thank the Izz ad-Din al-Qassam Cyber Fighters, who returned earlier this week for the fourth week of Operation Ababil.

Operation Ababil is an ongoing effort by cyber-attackers who say they plan to keep knocking American banks offline until Innocence of Muslims has been taken off the web. While Google has blocked the video in countries where its bigoted content is illegal, the search giant has said it will not block the video in the U.S., citing laws that protect freedom of speech.

Some experts think Iran is behind the Qassam Cyber Fighters, but the group has denied this.

Their Pastebin from October 8th added new reasons for their outrage:

A number of cyber-attacks toward the American banks planned and executed during the past weeks. Those attacks were a response to an insulting film against the great prophet of Islam which was made and broadcast on the Internet according to Zionists will and Americans management. All Muslims and free-minded people around the world protested this absurd action but their complaints were not addressed. If these protests were done by your fans any film was immediately removed from internet. For instance, at the same time with the Queen of England family's complaint against an insulting photo published in the French magazines the photo was removed immediately. But you did not care about the demands of Muslims and called the fighter groups' activities terrorist attacks.

You are insulting the prophet of Islam, what do you expect from Muslims? Do they have the right to confront or retaliate? Do you have a respectable thing that can be insulted in retaliation?

The Cyber Fighters concluded that "respectable thing" was banks. So they listed their targets and a timeline for the attacks:

Tuesday 10/9/2012 : attack to Capital One Financial Corp site, capitalone.com
Wednesday 10/10/2012 : attack to SunTrust Banks, Inc, suntrust.com
Thursday 10/11/2012 : attack to Regions Financial Corp site, regions.com
Weekends: planning for the next week' attacks.

The Cyber Fighters were careful to note that they weren't hacking everything. They referred to "recent Trojan-based attacks" that targeted "electronic money transfers" and stated that their activities were "only against the insulting movie mentioned above."

Operation Ababil has been documented in both Arabic and English. English posts often appear to be translations from the Arabic, but the most recent Arabic post seemed to reveal a sentence the attackers chose to leave out of the English version:

Sorry of the customers of these banks because the attacks caused interruption of banking operations, and we invite them to join the rest of the world in these activities [...]

Capital One, attacked on Tuesday, was still having problems Thursday. Sun Trust Banks was also knocked offline Wednesday, as promised.

As has been this group's practice, these cyber attacks will occur for eight hours each day, beginning at 10 a.m. EDT.

Muslim cleric Izz ad-Din al-Qassam (Wikimedia)

The Izz ad-Din al-Qassam Cyber Fighters have returned with a new declaration published on Pastebin and a new set of targets. If you park your money with Wells Fargo and can’t reach the bank’s website, you apparently can blame the hackers and their Operation Ababil.

The group's Pastebin post renewed their call for the anti-Muslim video Innocence of Muslims to be removed from the web. They also refuted allegations their actions have been state-sponsored by Iran, stating that they "strongly reject the American officials' insidious attempts to deceive public opinion."

The Cyber Fighters went on to give a timetable for their attacks and urged others to join the fight:

We shall attack for 8 hours daily, starting at 2:30 PM GMT, every day. We repeat again the attacks will continue for sure till the removal of that sacrilegious movie.

We invite all cyberspace workers to join us in this Proper Act. If America's arrogant government do not submit, the attack will be large and larger and will include other evil countries like Israel, French and U.Kingdom indeed.

Several large financial institutions can expect to go the way of WellsFargo.com, which was timing out for users accessing the page from multiple locations on Tuesday afternoon.

The bank acknowledged the problem and posted the following on its Twitter account around 4 p.m. ET:

We apologize to customers who may be experiencing limited access to @wellsfargo.com & online banking. We are working to quickly…

— Wells Fargo (@WellsFargo) September 25, 2012

resolve this issue. Customers can still access their accounts through our ATMs, stores and by phone at 800-956-4442.

— Wells Fargo (@WellsFargo) September 25, 2012

Muslim Cyber Fighters say they will also target the following:

Wednesday 9/26/2012 : attack to U.S. Bank site, www.usbank.com
Thursday 9/27/2012 : attack to PNC site, www.pnc.com

Past cyber-attacks for which this group claims responsibility struck Bank of America and JP Morgan Chase.

While the problems for the larger banks were intermittent, the Wells Fargo attack seems to have been the most effective so far, indicating the group may be improving their methods.

Seriously not kidding. (Photo: flickr.com/maionese_paty

Well, there's at least one Google executive that might want to hop on the next plane out of Sao Paolo--and it's not because someone's cheesed off at Orkut's seeming frumpy sister status within the company's social strategy.

Reuters reports that a regional Brazilian elections court wants the company's top man in Brazil arrested immediately, as YouTube wouldn't remove a video deemed defamatory of a local mayoral candidate.

"You can do that?!" -- every political candidate in America right now.

A spokesperson told Reuters that Google isn't taking the command lying down:

"Google is appealing the decision that ordered the removal of the video on YouTube because, as a platform, Google is not responsible for the content posted to its site," the company said through a spokesman in Brazil.

This, of course, is not a new party line for the company. In the U.S., you can send a takedown notice to YouTube if you suspect a video infringes on your copyright, and the company polices for content that's outright illegal or objectionable (i.e., child porn). But otherwise it's largely hands off and God bless. Google is blocking the controversial "Innocence of Muslims" trailer only in countries where it's banned, for example.

And in America, of course, you can say just about anything short of "my opponent is a goat-romancing sonofabitch" and get away with it. (You could definitely say that, actually.)

Brazil, however, apparently takes the dignity of its political process very, very seriously. This isn't even the first time this has happened this month--previously, an electoral court elsewhere in the country ordered the arrest of a different Google exec, for a video about another candidate.

Five bucks says the thought of decamping to Brazil and becoming a small-town mayor just flickered across Mitt Romney's mind.

Screengrab from a site defaced by Sizzling Soul.

Protests against anti-Muslim "film" Innocence of Muslims have been violent and continue in several countries, but they have not yet exploded into sustained military conflict. However, religiously motivated hackers are waging active war online. While DDoS (Directed Denial of Service) hits against large, well-known sites owned by financial instutions may have been sponsored by Iran, independent Muslim hackers appear to be targeting a slew of small websites with wickedly effective full-blown hacks and defacements.

A hacker calling himself Sizzling Soul and claiming membership in a hacker collective dubbed the Pakistan Cyber Army has taken down more than 80 sites in the name of the Prophet. Many of of those sites remain under his control and are displaying his message:

100 %
Attempting Bypass…
Code broken!
A message for Boobish People:
Dont Try To Insult Our PROPHET (P.B.U.H)
Why You People Always Try To Attack Our Religion?
You Made An Insulting Movie Of PROPHET(P.B.U.H)”
Damn
This Is Totally Insane,.
You Are Provoking The Anger Of PeaceFull Muslims!
Stop This
Otherwise You WOn’t Be Able To Stop Us
This Is Just A Warning For You….
If You Don’t Stop,Next Attack Will Destroy Yours Whole Cyber Space
If You Want Some Then Come And Get Some…

As HackRead notes, most of Sizzling Soul's victims are "small and local businesses, such as banks, chemical factories" as well as pages related to gaming and the auto industry.

Sizzling Soul has listed his hits on Pastebin. We could joke about the hacker choosing easy targets, but going after so many small establishments could add up to a minor but noticeable hit on multiple local economies.

Sizzling Soul isn't the only cyber attacker working this angle. A hacker with the handle Rude_Thunder has slammed over 100 sites and posted his own list on Pastebin, stating the web pages were "defaced for insulting the holy Prophet."

Since Google will not completely remove Innocence of Muslims from the web, we suspect you should just change your passwords now and hang on for more bumpy rides to come, Boobish People.

Still from a trailer for Innocence of Muslims

Google will not delete an inflammatory video currently playing a role in Muslim protests around the world, in spite of a take-down request from the White House.

The search giant is only censoring Innocence of Muslims in India, Indonesia, Egypt and Libya, where violent and deadly protests have broken out following the video's translation into Arabic. Reuters reports on the company's legalistic explanation for not just wiping the video completely from the web:

Google said [it] was further restricting the clip to comply with local law rather than as a response to political pressure.

"We've restricted access to it in countries where it is illegal such as India and Indonesia, as well as in Libya and Egypt, given the very sensitive situations in these two countries," the company said. "This approach is entirely consistent with principles we first laid out in 2007."

Innocence of Muslims was online for some time before the offensive, dubbed-in English dialogue in the clip was translated to Arabic. Since then protesters have been attacking U.S. embassies in heavily Muslim countries, the worst assault ending with the deaths of four American foreign service officials in Benghazi, Libya earlier this week, including the U.S. Ambassador to Libya, Christopher Stevens.

Police in California are currently investigating whether the film's alleged creator, ex-con Nakoula Basseley Nakoula, may have somehow violated his parole when he produced the video.