Operation Ababil

From Wikipedia, the free encyclopedia

Operation Ababil was a series of cyber attacks starting in 2012, targeting various American financial institutions and carried out by a group calling itself the "Cyber fighters of Izz Ad-Din Al Qassam".


The cyber attacks, or more specifically denial of service attacks, were launched by the Cyber fighters of Izz Ad-Din Al Qassam also known as Qassam Cyber Fighters. The group announced[1] the attacks on September 18, 2012 on Pastebin where they criticized Israel and the United States and justified the attacks as a response to the Innocence of Muslims video released by controversial American pastor Terry Jones. Their targets included the New York Stock Exchange as well as a number of banks including J.P. Morgan Chase.[2] The result of the attacks was a limited disruption of the targeted websites. The attacks ended on Oct 23, 2012 because of the Eid al-Adha holiday[3] at which point they offered to speak to the media through e-mail.

Name of the group and operation[edit]

The group’s moniker, Izz ad-Din al-Qassam, was a Muslim preacher who lead in the fight against British, French and Jewish nationalist organizations in the Levant in the 1920s and 1930s.

Disputed origins of attacks[edit]

On September 21, 2012, the Washington Post reported[4] that the attacks originated not from a hacktivist group but from the government of Iran and cited U.S. Senator Joseph I. Lieberman as one who was a proponent of this idea. Lieberman told C-Span that he believed the Iranian government was sponsoring the group's attacks on US banks in retaliation for Western economic sanctions.[5] An early report by Dancho Danchev found the amateurish "outdated and virtually irrelevant technical skills" of the attack suspicious.[6] But Michael Smith, senior security evangelist at Akamai, found the size of the attacks—65 gigabits of traffic per second—more consistent with a state actor (such as Iran) than with a typical hacktivist denial of service attack which would be less than 2 gigabits/second.[7]

The controversial hacktivist, The Jester, claimed the Qassam Cyber Fighters had help with their attacks from the hacking group Anonymous.[8]

Phase two[edit]

On December 10, 2012, the Qassam Cyber Fighters announced[9] the launching of phase two of Operation Ababil. In that statement, they specifically named U.S. Bancorp, J.P. Morgan Chase, Bank of America, PNC Financial Services and SunTrust Bank as targets and identified events such as Hurricane Sandy and the 2012 US Presidential Election as reasons for the delay of phase two. This announcement also mentioned disrespect towards the Prophet Mohammed as motivation and denied the involvement of any nation state. It was during this time that media attention increased with one journalist observing,[10] "Operation Ababil stands out for its sophistication and focus, experts say." and allegations of involvement by Iran also increased.[11] On January 29, 2013, an announcement[12] was made that phase two would come to a conclusion due to the removal of the main copy of the video from YouTube. The announcement also identified additional copies of the movie also hosted on YouTube.

Phase three[edit]

On February 12, 2013, the Qassam Cyber Fighters issued a warning[13] that the other copies of the movie referenced in their January 29 posting should be removed. They followed this with a "serious warning"[14] and then an "ultimatum"[15] after the additional copies of the video were not removed. On March 5, 2013, they announced [16] the beginning of Phase 3 of Operation Ababil on their Pastebin page. This was followed by several of the financial institutions on their target list reporting website disruptions.[17]

See also[edit]


  1. ^ "Bank of America and New York Stock Exchange under attack". Retrieved 10 February 2013.
  2. ^ "Chase, NYSE Websites Targeted in Cyber Attacks". Archived from the original on 19 October 2012. Retrieved 10 February 2013.
  3. ^ "The 6th Week, Operation Ababil". Retrieved 11 February 2013.
  4. ^ Nakashima, Ellen (21 September 2012). "Iran blamed for cyberattacks on U.S. banks and companies". The Washington Post. Archived from the original on 20 June 2013. Retrieved 10 February 2013.
  5. ^ "Deconstructing the Al-Qassam Cyber Fighters Assault on US Banks". 2 January 2013. Analysis Intelligence. Archived from the original on 16 June 2019. Retrieved 19 September 2013.
  6. ^ Danchev, Dancho. "Dissecting 'Operation Ababil' - an OSINT Analysis". September 28, 2012. Retrieved 19 September 2013.
  7. ^ Gonsalves, Antone. "Bank attackers more sophisticated than typical hacktivists, expert says". September 28, 2012. CSO. Retrieved 19 September 2013.
  8. ^ "The Jester: Anonymous Hackers Helped Izz ad-Din al-Qassam DDOS US Banks". Retrieved 11 February 2013.
  9. ^ "Phase 2 Operation Ababil". Retrieved 11 February 2013.
  10. ^ "Group halts bank cyberattacks". Retrieved 11 February 2013.
  11. ^ Shachtman, Noah (27 November 2012). "Bank Hackers Deny They're Agents of Iran". Wired. Retrieved 11 February 2013.
  12. ^ "Operation Ababil Suspended due to removal of insulting movie". Retrieved 17 March 2013.
  13. ^ "Warning, Operation Ababil". Retrieved 17 March 2013.
  14. ^ "Serious Warning, Operation Ababil". Retrieved 17 March 2013.
  15. ^ "Operation Ababil, AlQASSAM ULTIMATUM". Retrieved 17 March 2013.
  16. ^ "Phase 3, Operation Ababil". Retrieved 17 March 2013.
  17. ^ "Bank Attackers Restart Operation Ababil DDoS Disruptions". Retrieved 17 March 2013.

External links[edit]