Operation Payback was a coordinated, decentralized group of attacks on high-profile opponents of Internet piracy by Internet activists using the "Anonymous" moniker. Operation Payback started as retaliation to distributed denial of service (DDoS) attacks on torrent sites; piracy proponents then decided to launch DDoS attacks on piracy opponents. The initial reaction snowballed into a wave of attacks on major pro-copyright and anti-piracy organizations, law firms, and individuals.
- 1 Background and initial attacks
- 2 Attacks on the recording industry
- 3 Sarah Palin
- 4 Operation Avenge Assange
- 5 Criticism
- 6 Tools and communication
- 7 See also
- 8 References
- 9 External links
Background and initial attacks
In 2010, several Bollywood companies hired Aiplex Software to launch DDoS attacks on websites that did not respond to takedown notices. Piracy activists then created Operation Payback in September 2010 in retaliation. The original plan was to attack Aiplex Software directly, but upon finding some hours before the planned DDoS that another individual had taken down the firm's website on their own, Operation Payback moved to launching attacks against the websites of copyright stringent organisations Motion Picture Association of America (MPAA) and International Federation of the Phonographic Industry, giving the two websites a combined total downtime of 30 hours. In the following two days, Operation Payback attacked a multitude of sites affiliated with the MPAA, the Recording Industry Association of America (RIAA), and British Phonographic Industry. Law firms such as ACS:Law, Davenport Lyons and Dunlap, Grubb & Weaver (of the US Copyright Group) were also attacked.
Attacks on the recording industry
On September 21, 2010, the website of United Kingdom law firm ACS:Law was subjected to a DDoS attack as part of Operation Payback. When asked about the attacks, Andrew Crossley, owner of ACS:Law, said: "It was only down for a few hours. I have far more concern over the fact of my train turning up 10 minutes late or having to queue for a coffee than them wasting my time with this sort of rubbish."
When the site came back online a 350MB file, which was a backup of the site, was visible to anyone for a short period of time. The backup, which included copies of emails sent by the firm, was downloaded and made available on various peer-to-peer networks and websites including The Pirate Bay. Some of the emails contained unencrypted Excel spreadsheets, listing the names and addresses of people that ACS:Law had accused of illegally sharing media. One contained more than 5,300 Sky broadband customers whom they had accused of illegally sharing pornography, while another contained the details of 8,000 Sky customers and 400 Plusnet customers accused of infringing the copyright on music by sharing it on peer-to-peer networks. This alleged breach of the Data Protection Act has become part of the ongoing investigation into ACS:Law by the Information Commissioner's Office.
On September 30, the Leesburg, Virginia office of Dunlap, Grubb & Weaver law firm – also doing business as the "U.S. Copyright Group" – was evacuated by the police after an emailed bomb threat was received. It's believed the event could be connected to Anonymous. Non-related copyright or law firms sites, such as websheriff.com, were also attacked. These attacks were originally organized through an Internet Relay Chat channel. The attacks also became a popular topic on Twitter.
Australian pro-copyright organization
In September 2010, in an attempt to ensure that Portuguese citizens can’t access thepiratebay.org, Associação do Comércio Audiovisual de Portugal (ACAPOR) filed a complaint against The Pirate Bay. The complaint was filed with the General Inspection of Cultural Activities, which is part of the Portuguese Ministry of Culture. According to the movie rental association, The Pirate Bay is directly responsible for about 15 million illegal downloads in Portugal every year. By installing a Pirate Bay block on all ISPs, ACAPOR hoped to decrease the financial damage it claims The Pirate Bay causes.
On October 18, 2010, the ACAPOR website was defaced, presenting text from Operation Payback and a redirect to The Pirate Bay after a few seconds. In addition to defacing the website, a copy of the email database of ACAPOR was uploaded to The Pirate Bay. The leaked e-mails so far revealed ACAPOR's methods of denunciation, its dissatisfaction with the Portuguese government and justice system, its perception of the copyright debate as war, and its antagonism with the ISPs. ACAPOR claimed that "the business of ISPs is illegal downloading."
On October 7, 2010, they attacked the website of the Spanish copyright society, sgae.es. As of October 7, 2010, the total downtime for all websites attacked during Operation Payback was 537.55 hours.
Production companies SatelFilm.at and Wega-Film.at were hit by "drive-by" DDoSes on October 21, 2010, in response to their efforts to gain a court injunction against an ISP that refused to block a movie-streaming website, Operation Payback then knocked porn website Hustler.com offline the following day.
Musician and copyright advocate
|“||Make sure your brand is protected...Make sure there are no incursions. Be litigious. Sue everybody. Take their homes, their cars. Don't let anybody cross that line.||”|
|— Gene Simmons|
In response to Simmons' comments, members of Operation Payback switched their attentions to his two websites, SimmonsRecords.com and GeneSimmons.com, taking them both offline for a total of 38 hours. At some point during the course of this DDoS, GeneSimmons.com was hacked and redirected to ThePirateBay.org, In response to the attack Simmons wrote:
Some of you may have heard a few popcorn farts re: our sites being threatened by hackers.
Our legal team and the FBI have been on the case and we have found a few, shall we say "adventurous" young people, who feel they are above the law.
And, as stated in my MIPCOM speech, we will sue their pants off.
First, they will be punished.Second, they might find their little butts in jail, right next to someone who's been there for years and is looking for a new girl friend.
We will soon be printing their names and pictures.
We will find you.
You cannot hide.
This led to additional attacks and subsequently more downtime for his websites. Later, Simmons's message was removed from his website. More than one year later, in December 2011, a person supposedly known under the nickname "spydr101" was arrested in relation to the attack against GeneSimmons.com. He was charged with conspiracy and unauthorized impairment of a protected computer.
On October 26, 2010, LimeWire was ordered to disable the "searching, downloading, uploading, file trading and/or file distribution functionality" after losing a court battle with the RIAA over claims of copyright infringement. Not satisfied with the injunction, the RIAA announced its intention to continue the Arista Records LLC v. Lime Group LLC trial to recover damages caused by the program. In retaliation, members of Operation Payback announced that they would attack RIAA's website on October 29, despite the fact that the group typically does not hit the same target twice. On October 29, riaa.org indeed was taken offline via denial-of-service attack. After the attack, riaa.com and riaa.org sites were inaccessible in Europe. Operation Payback's main site was attacked later that day, and they subsequently moved their website from tieve.tk to anonops.net.
During the damages phase of the LimeWire trial, the RIAA attempted to switch from seeking statutory damages per-work to seeking them per-infringement, but did not quote a total damage amount, nor a method of calculating the number of infringements. The judge in the case rejected the proposal, holding that case law only supported statutory damages on a per-work basis for large-scale infringement, thus capping the potential award at $1.5 billion. On March 15, 2011, four days after the ruling, a report appeared on Law.com highlighting the judge's remark that the per-infringement award sought by the record companies might total in the "trillions"; the report estimated $75 trillion in its attention-grabbing headline (USA's nominal GDP in 2012-2013 was about $16–17 trillion). This figure was repeated in PC Magazine on March 23. An Operation Payback call-to-arms followed, citing the $75 trillion figure as if it were still being actively sought by the RIAA, and a DDoS attack on the RIAA website commenced on March 25.
November 5, 2010 attacks
Around October 28, 2010, the group set up a new website with the intention of coordinating protests around the world to raise awareness of their cause. The date for the protest activities were on November 5, the intended day of the Gunpowder Plot, with which Anonymous heavily affiliates through its use of Guy Fawkes masks.
The protest activity included an attack on the United States Copyright Office, after which the FBI launched an investigation. They later arrested one person accused of taking part in the attack on PayPal.
Hiatus and resumption of website attacks
On November 9, 2010, Operation Payback temporarily ceased attacking websites. The hiatus lasted about four months, ending with an early March 2011 attack that temporarily took down the website of BMI, a prominent collection society operating on behalf of music publishers. This was followed by the aforementioned second attack on the RIAA website.
On December 8, 2010, U.S politician Sarah Palin announced that her website and personal credit card information were compromised. Palin's team believed the attack was executed by Anonymous, though Anonymous never commented about Palin as a possible target for any attack. In an interview with RT, an Anonymous member said, "We don't really care about Sarah Palin that much, to be honest. I don't really know what she’s trying to accomplish or what attention she is trying to gain. We personally don’t care about Sarah Palin." Palin's technical team posted a screenshot of a server log file showing the wikileaks.org URL Visa attacks had been denial of service attacks, but credit card data was not compromised. It is unknown whether Palin's card was compromised as part of a broad attack on Visa or a specific attack on the Palins. Palin's email was previously hacked while she was campaigning during the 2008 U.S. presidential election.
Operation Avenge Assange
In December 2010, WikiLeaks came under intense pressure to stop publishing secret U.S. diplomatic cables. Corporations such as Amazon, PayPal, BankAmerica, Swiss bank PostFinance, MasterCard and Visa either stopped working with or froze their customers' donations to WikiLeaks due to political pressures. In response, those behind Operation Payback directed their activities against these companies. Operation Payback launched DDoS attacks against PayPal, PostFinance and the Swedish Prosecution Authority. On December 8, 2010, a coordinated DDoS attack by Operation Payback brought down both the MasterCard and Visa websites. On December 9, 2010, prior to a sustained DDoS attack on the PayPal website that caused a minor slowdown to its service, PayPal announced on its blog that it would release the frozen funds in the account of the Wau Holland Foundation that was raising funds for WikiLeaks, but would not reactivate the account. Regarding the attacks, WikiLeaks spokesman Kristinn Hrafnsson denied any relation to the group and said, “We neither condemn nor applaud these attacks. We believe they are a reflection of public opinion on the actions of the targets.” On the same day, a 16-year-old boy was arrested in The Hague, Netherlands, in connection with the distributed denial-of-service attacks against MasterCard and PayPal. The boy was an IRC operator under the nickname of Jeroenz0r.
On December 10, 2010, The Daily Telegraph reported that Anonymous had threatened to disrupt British government websites if Assange were extradited to Sweden. Anonymous issued a press release in an attempt to clarify the issue.
The following is a list of sites and domains known to have been targeted:
|Swedish Prosecution Authority||aklagare.se||2010-12-07|||
|Borgstrom and Bodström||advbyra.se||2010-12-08|||
Operation Payback's attempt to take down Amazon.com was aborted after they failed to recruit enough users to their botnet; CNN noted that the massive Amazon website "is almost impossible to crash."
In late December, the FBI began to raid suspected participants in Operation Payback.
At the beginning of 2011, Operation Payback brought down Zimbabwean government websites after the Zimbabwean President's wife sued a newspaper for $15 million for publishing a WikiLeaks cable that linked her with the alleged trade in illicit diamonds. On January 27, 2011, five males aged between 15 and 26 were arrested in early morning raids in the U.K. on suspicion of involvement, and the FBI executed 40 search warrants the same day.
The United Kingdom Intellectual Property Office said that when its site was attacked, those responsible were depriving its citizens of access to information they have a democratic right to access. Other critics claimed the attacks restricted Gene Simmons' right to free speech.
A spokesman for the MPAA said, "It's troubling that these groups seem more concerned about the rights of those who steal and copy films, music, books, and other creative resources than the rights of American workers who are producing these products." 
There was also some criticism from the Pirate Party UK and United States Pirate Party, which in a joint public statement urged the group to "Immediately cease the Distributed Denial-of-Service (DDoS) attacks and to instead seek out a legal method to express your frustration and disquiet with the copyright industry, and their perversions of copyright law for personal gain.”
While acknowledging that the DDoS attacks on credit card and banking web sites serve as political protests, cyber experts said that Operation Payback has not done any long-term damage: most sites are back online, these attacks have not penetrated and brought down entire banking systems used to conduct transactions, and people are still continuing to use their credit cards to make payments. "This is more like a noisy political demonstration, like a mob surrounding a bank and refusing to let anyone in or out" said one cyber expert.
Tools and communication
Operation Payback members used a modified version of the Low Orbit Ion Cannon (LOIC) to execute the DDoS attacks. In September 2010, a "Hive Mind" mode was added to the LOIC. While in Hive Mind mode, the LOIC connects to IRC, where it can be controlled remotely. This allows computers with LOIC installed on them to behave as if they were a part of a botnet. Utilising this tool, the coordinators of Operation Payback were able to quickly take down websites belonging to anti-piracy groups. Botnets of all sizes have also been used.
Members of Operation Payback reportedly used an IRC channel to communicate about which targets to select, after which "attack posters" were produced and posted on various imageboards (4chan/7chan/711chan/420chan/808chan). Media such as Twitter and Facebook were also been utilized for coordination, but on December 8, 2010, Operation Payback's Facebook page was removed and its official Twitter account was suspended. Additionally a federal court order forced Encyclopedia Dramatica to delete its Operation Payback article, which featured a detailed history of the operation, including personal information of some individuals associated with the companies attacked .
|Wikimedia Commons has media related to Operation Payback.|
- "Anonymous Wikileaks supporters explain web attacks". bbc.co.uk. BBC. 2010-12-10. Retrieved 2010-12-10.
- Chen, Adrian (2010-12-09). "The Top Three Myths About Anonymous". gawker.com. Gawker. Retrieved 2010-12-11.
- Bodmer, Kilger, Carpenter, & Jones, Reverse Deception: Organized Cyber Threat Counter-Exploitation, (2012) McGraw-Hill Osborne Media. ISBN 0071772499
- Leyden, John (2010-09-22). "4chan launches DDoS against entertainment industry". The Register. Retrieved 2010-10-22.
- "Activists target recording industry websites". BBC News. 2010-09-20. Retrieved 2010-10-27.
- enigmax (2010-09-18). "4chan DDoS Takes Down MPAA and Anti-Piracy Websites". TorrentFreak. Retrieved 2010-10-27.
- Corrons, Luis (2010-09-17). "4chan Users Organize Surgical Strike Against MPAA". Pandalabs Security. Retrieved 2010-10-22.
- enigmax (2010-09-19). "4chan to DDoS RIAA Next – Is This the Protest of the Future?". TorrentFreak. Retrieved 2010-10-27.
- Williams, Chris (2010-09-22). "Piracy threats lawyer mocks 4chan DDoS attack". The Register. Retrieved 2010-10-22.
- Leyden, John (2010-09-24). "Second piracy threat lawyers withstand DDoS attack". The Register. Retrieved 2010-10-22.
- Anderson, Nate (2010-09-30). ""Operation Payback" attacks to go until "we stop being angry"". Ars Technica. Retrieved 2010-10-23.
- Mennecke, Thomas (2010-09-29). "US Copyright Group and Web Sheriff Targeted in DDoS Attack". Slyck. Retrieved 2010-10-23.
- Leydon, John (2010-09-27). "Anti-piracy lawyers' email database leaked after hack". The Register. Retrieved 2010-10-22.
- Geere, Duncan (2010-09-27). "Leaked emails fuel anti-piracy scandal". Wired.co.uk. Retrieved 2010-09-27.
- enigmax (2010-09-25). "ACS:Law Anti Piracy Law Firm Torn Apart by Leaked Emails". TorrentFreak. Retrieved 2010-12-23.
- Emery, Daniel (2010-09-27). "Adult video-sharing list leaked from law firm". BBC News. Retrieved 2010-09-27.
- "'My details appeared on 'porn' list'". BBC. 2010-09-28. Retrieved 2010-12-23.
- Emery, Daniel (2010-09-28). "Fresh ACS:Law file-sharing lists expose thousands more". BBC News. Retrieved 2010-09-28.
- Emery, Daniel (2010-09-29). "BT embroiled in ACS:Law porn list breach". BBC News. Retrieved 2010-09-29.
- Emery, Daniel (2010-09-28). "ACS:Law could face £500,000 fine for porn list leak". BBC News. Retrieved 2010-09-28.
- Masnick, Mike (2010-09-03). "Hurt Locker Subpoenas Arrive With New Language... And Higher Demands". Techdirt. Retrieved 2010-11-28.
- Moore, Erika Jacobson (2010-09-30). "Investigators Track Leads In Bomb Threat At Leesburg Law Office". leesburg2day.com. Leesburg Today. Retrieved 2010-10-27.
- "Leesburg Police Investigating Bomb Threat". leesburgva.gov. 2010-09-30. Retrieved 2010-12-23.
- Ernesto (2010-10-01). "Anti-Piracy Law Firm Evacuated After Bomb Threat". TorrentFreak. Retrieved 2010-10-27.
- Winterford, Brett (2010-09-28). "Operation Payback directs DDoS attack at AFACT". iTnews. Retrieved 2010-12-23.
- Ernesto (2010-09-16). "Movie Rental Outfit Calls For Nationwide Pirate Bay Block". TorrentFreak. Retrieved 2010-12-23.
- Ernesto (2010-10-18). "Movie Rental Outfit Hacked, Emails Leaked, Redirected to The Pirate Bay". TorrentFreak. Retrieved 2010-12-23.
- Houston, Brian (2010-10-18). "ACAPOR Emails Leaked to The Pirate Bay". unitethecows.com. Retrieved 2010-12-23.
- Mitov, Pavel (2010-10-04). "A Look Into ACAPOR's Emails: Denunciation, Discontent and Education". Peer Authority. Retrieved 2010-12-23.
- Mitov, Pavel (2010-10-11). "Back to ACAPOR: The War and the ISP". Peer Authority. Retrieved 2010-12-23.
- Leydon, John (2010-10-04). "Ministry of Sound floored by Anonymous". The Register. Retrieved 2010-10-22.
- Leyden, John (2010-10-07). "Spanish entertainment industry feels wrath of Anonymous". The Register. Retrieved 2011-01-06.
- enigmax (2010-10-15). "MPAA Copy-Protected DRM Site Hacked By Anonymous". TorrentFreak. Retrieved 2010-10-27.
- Leydon, John (2010-10-18). "Notorious Anonymous hacktivists launch fresh attacks". The Register. Retrieved 2010-10-22.
- Mennecke, Thomas (2010-10-21). "Operation: Payback Hits SatelFilm.at with 'Drive By' DoS". Slyck News. Retrieved 2010-10-26.
- Mennecke, Thomas (2010-10-22). "Hustler Knocked Offline in Operation: Payback". Slyck News. Retrieved 2010-12-17.
- Lasar, Matthew (2010-10-05). "KISS frontman on P2P: "Sue everybody. Take their homes, their cars."". Ars Technica. Retrieved 2010-12-20.
- Halliday, Josh (2010-10-14). "Gene Simmons gets kiss of death from notorious web forum". The Guardian. London. Retrieved 2010-10-22.
- Mennecke, Thomas (2010-10-13). "Slyck News - Anonymous Strikes at KISS Frontman Gene Simmons With DDoS Attack". Slyck News. Retrieved 2010-10-20.
- Chalk, Andy (2010-10-19). "Gene Simmons Declares War on Anonymous". Escapist Magazine. Retrieved 2010-10-22.
- Mennecke, Thomas (2010-10-17). "Gene Simmons Directly Threatens Anonymous With Legal Action, Jail Time". SLYK. Retrieved 2010-10-12.
- Read, Max (2010-10-18). "Gene Simmons Doesn't Understand the Internet". Gawker. Retrieved 2010-10-20.
- Anderson, Nate (2010-10-18). "Gene Simmons vs. Anonymous: Who's the bigger tool?". Ars Technica. Retrieved 2010-10-20.
- laeknishendr (2010-10-18). "Gene Simmons vs Anonymous". Danger Nazi Zombies Ahead. WordPress. Retrieved 2010-10-20.
- "GeneSimmons.com Archive News". Gene Simmons. Archived from the original on 2011-01-07. Retrieved 2010-10-30.
- Andrew Blankstein (2011-12-13). "'Anonymous' hacker charged in breach of KISS' Gene Simmons' website". Los Angeles Times. Retrieved 2011-12-13.
- Michael Martinez (2011-12-14). "Hacker tied to Anonymous charged with targeting GeneSimmons.com". CNN. Retrieved 2011-12-14.
- Serjeant, Jill (2011-12-13). "Alleged Gene Simmons website hacker arrested". Reuters. Retrieved 2011-12-13.
- Adegoke, Yinka; Stempel, Jonathan (2010-10-26). "Court shuts down LimeWire music-sharing service". Reuters. Retrieved 2010-10-26.
- Sandoval, Greg (2010-10-26). "Judge slaps Lime Wire with permanent injunction". CNET. Retrieved 2010-10-26.
- Morris, Chris (2010-10-29). "The Shared Enemy of Hollywood, Gene Simmons and Hustler". CNBC. Retrieved 2010-12-23.
- Mennecke, Thomas (2010-10-28). "Anonymous Planning DDoS Attack Against the RIAA". Slyck.com. Retrieved 2010-12-23.
- Hachman, Mark (2010-10-28). "'Anonymous' Plans DDoS Attack on RIAA on Friday". PC Magazine. Retrieved 2010-12-23.
- Mennecke, Thomas (2010-10-29). "RIAA and LimeWire Both are Offline". Slyck.com. Retrieved 2010-12-23.
- Hachman, Mark (2010-10-29). "'Anonymous' DDoS Attack Takes Down RIAA Site". PC Magazine. Retrieved 2010-12-23.
- Constantin, Lucian (2010-11-01). "Anonymous Attacks RIAA over LimeWire Shutdown". Softpedia. Retrieved 2010-12-23.
- Leyden, John (2010-11-01). "RIAA and Anonymous sites both downed by DDoS assaults". The Register. Retrieved 2010-12-23.
- Zorz, Zeljika (2010-11-01). "RIAA's sites downed by Anonymous DDoS attack". net-security.org. Retrieved 2010-12-23.
- "Opinion and order - Case 1:06-cv-05936-KMW -DCF Document 678" (PDF). 2011-03-10. Retrieved 2012-10-16.
- "Report for Selected Countries and Subjects".
- Albanesius, Chloe (2011-03-23). "P2P Music File Sharing Dropped After Limewire Shutdown, NPD Says". Retrieved 2012-10-16.
- "RIAA Targeted by Anonymous' Operation Payback". 2011-03-28. Retrieved 2012-10-16.
- Sandoval, Greg (2010-11-09). "FBI probes 4chan's 'Anonymous' DDoS attacks". CNET.com. Retrieved 2010-12-23.
- Sterling, Toby (21 July 2011). "Dutch give details on 4 'Anonymous' hacker arrests". The Sydney Morning Herald. Sydney. Fairfax Media. Archived from the original on 21 July 2011. Retrieved 21 July 2011.
- wconeybeer (2010-11-09). "Operation Payback takes a break… but for how long?". myce.com. Retrieved 2010-12-23.
- Anderson, Nate (2012-03-08). "Anonymous revives Operation Payback, wages war on "copywrong"". ArsTechnica. Retrieved 2012-10-16.
- Tapper, Jake (2010-12-08). "Exclusive: Sarah Palin Under Cyber-Attack from Wikileaks Supporters in 'Operation Payback'". abcnews.com. ABC News. Retrieved 2010-12-09.
- Phillips, Tom (2010-12-09). "Sarah Palin website hit by WikiLeaks Operation Payback DDoS attack". metro.co.uk. Metro. Retrieved 2010-12-09.
- Hudson, John (2010-12-09). "Is Palin Just Using 'Operation Payback' to Get Attention?". theatlanticwire.com. The Atlantic Wire. Retrieved 2010-12-09.
- "Exclusive: "Anonymous" speaks out about WikiLeaks payback". RT. 2010-12-10. Retrieved 2010-12-23.
- Rowland, Kara (2008-09-19). "Hacker wanted to 'derail' Palin". The Washington Times. Retrieved 2010-12-23.
- Correll, Sean-Paul (2010-12-06). "Operation:Payback broadens to "Operation Avenge Assange"". pandasecurity.com. Panda Security. Archived from the original on December 8, 2010. Retrieved 2010-12-09.
- Mackey, Robert (2010-12-06). "Latest Updates on Leak of U.S. Cables, Day 9". NYTimes.com. The New York Times. Retrieved 2010-12-07.
- Tencer, Daniel (2010-12-06). "Hackers take down website of bank that froze WikiLeaks funds". The Raw Story. Retrieved 2010-12-07.
- Weaver, Matthew; Adams, Richard (2010-12-07). "WikiLeaks US embassy cables: live updates". The Guardian. London. Retrieved 2010-12-07.
- Rashid, Fahmida Y. (2010-12-06). "PayPal, PostFinance Hit by DoS Attacks, Counter-Attack in Progress". eWeek.com. Retrieved 2010-12-07.
- Weisenthal, Joe (2010-12-08). "Cyberwar: Now Hackers Have Taken Down Mastercard.com As Revenge For Julian Assange". Business Insider. Retrieved 2010-12-23.
- Addley, Esther; Halliday, Josh (2010-12-09). "WikiLeaks supporters disrupt Visa and MasterCard sites in 'Operation Payback'". guardian.co.uk. London: The Guardian. Retrieved 2010-12-09.
- Horn, Leslie (2010-12-08). "'Anonymous' Launches DDoS Attacks Against WikiLeaks Foes". pcmag.com. PC Magazine. Retrieved 2010-12-09.
- Jardin, Xeni (2010-12-08). "Continuing pro-WikiLeaks DDOS actions, Anonymous takes down PayPal.com". boingboing.net. Boing Boing. Retrieved 2010-12-09.
- Muller, John (2010-12-08). "Updated Statement about WikiLeaks from PayPal General Counsel, John Muller". thepaypalblog.com. PayPal. Archived from the original on 2011-01-07. Retrieved 2010-12-09.
- Vasquez, Bertrand (2010-12-08). "PayPal Vows to Release WikiLeaks Funds, Account to Remain Blocked". erictric.com. Retrieved 2010-12-09.
- "Statement on DDOS attacks". wikileaks.ch. WikiLeaks. 2010-12-09. Archived from the original on December 10, 2010. Retrieved 2010-12-09.
- The CNN Wire Staff (2010-12-09). "Pro-WikiLeaks hackers change target to PayPal". edition.cnn.com. CNN. Retrieved 2010-12-09.
- Cluley, Graham (2010-12-09). "Dutch boy arrested for WikiLeaks-related DDoS attacks on Mastercard and PayPal". nakedsecurity.sophos.com. Sophos. Retrieved 2010-12-09.
- Parket, Landelijk (2010-12-09). "16-jarige jongen aangehouden vanwege WikiLeaks-aanvallen". om.nl (in Dutch). Retrieved 2010-12-09.
- Ernesto (2010-12-10). "Anonymous' Operation Payback IRC Operator Arrested". TorrentFreak. Retrieved 2011-01-07.
- Swinford, Steven (2010-12-10). "WikiLeaks Hackers Threaten British Government". telegraph.co.uk. London: The Daily Telegraph. Retrieved 2010-12-10.
- Nixon, James (2010-12-10). "Who are Anonymous? And what do they want?". thinq.co.uk. Retrieved 2010-12-10.
- Cohen, Noam (December 10, 2010). "Web Attackers Find a Cause in WikiLeaks". The New York Times. Retrieved 11 December 2010.
- Halliday, Josh (2010-12-15). "WikiLeaks: Police to investigate Anonymous online attacks". London: The Guardian. Retrieved 2011-01-06.
- Correll, Sean-Paul (2010-12-04). "'Tis the Season of DDoS – WikiLeaks Edition". PandaLabs. Retrieved 2011-01-07.
- Esther Addley and Josh Halliday (2010-12-08). "Operation Payback cripples Mastercard site in revenge for WikiLeaks ban". London: The Guardian. Retrieved 2010-12-31.
- Mills, Elinor (2010-12-08). "Facebook, Twitter boot WikiLeaks supporters after Visa attack". news.cnet.com. Cnet. Retrieved 2010-12-09.
- Prodhan, Georgina (2010-12-11). "WikiLeaks supporters' group abandons cyber attacks". Reuters. Archived from the original on 2011-01-07. Retrieved 2011-01-07.
- Mutton, Paul (2010-12-09). "Operation Payback aborts attack against Amazon.com". netcraft.com. Netcraft. Retrieved 2010-12-10.
- Perez, Sarah (2010-12-09). "Operation Payback Targets Amazon; Wikileaks Cables Found in Kindle Book Store". readwriteweb.com. ReadWriteWeb. Retrieved 2010-12-09.
- "Update on PayPal site status". 2010-12-09. Archived from the original on 2011-01-07. Retrieved 2011-01-07.
- Maclean, William (2010-12-10). "Activists target Dutch website after boy arrested". Reuters. Archived from the original on 2011-01-07. Retrieved 2011-01-07.
- Lazaran, Ian (2010-12-10). "We're Temporarily Moving Back to Blogger As We're Under Attack". conservatives4palin.com. Archived from the original on 2011-01-06. Retrieved 2011-01-06.
- McMillan, Robert (2010-12-30). "FBI raids ISP in Anonymous DDoS investigation". Computerworld.com. computerworld.com. Retrieved 2010-12-30.
- "WikiLeaks supporters attack Zimbabwean sites". The Sydney Morning Herald.
- "Five arrested over 'Anonymous' web attacks". BBC News. 27 January 2011. Retrieved 30 January 2011.
- Savage, Charlie (2011-01-27). "F.B.I. Warrants Into Service Attacks by WikiLeaks Supporters". The New York Times. Retrieved 2011-01-30.
- cmumusicnews (2010-11-01). "RIAA site goes down following LimeWire win". thecmuwebsite.com. Retrieved 2010-12-23.
- enigmax (2010-11-20). "Pirate Parties Use Influence to Halt Anonymous Operation Payback". torrentfreak.com. TorrentFreak. Retrieved 2010-12-23.
- "WikiLeaks cyber backlash all bark, no bite: experts". The News International. Agence France-Presse. 2010-12-11. Retrieved 2015-01-10.
- Constantin, Lucian (2010-09-27). "Anonymous DDoS Tool Gets Botnet Capabilities". Softpedia. Retrieved 2010-10-22.
- "Operation Payback flyer from mpaa.org attack". 2010-09-17. Retrieved 2010-10-29.
- Anonymous (2010-11-18). "p2pnet talks with Operation Payback". p2pnet.net (Interview: Transcript). Interview with Jon Newton. Retrieved 2010-12-23.
- Rötzer, Florian (2010-12-08). "Facebook und Twitter gegen "Operation Payback"". heise.de (in German). Retrieved 2010-12-08.
- Isaac, Mike (2010-12-08). "Facebook and Twitter Suspend Operation Payback Accounts". blogs.forbes.com. Forbes. Retrieved 2010-12-09.
- Tate, Ryan (2010-12-09). "Noose Closes Around Pro-WikiLeaks Vigilantes". gawker.com. Valleywag. Retrieved 2010-12-09.
- Ragan, Steve (2010-12-09). "Anonymous keeps the cannons firing while pressure mounts". The Tech Herald. p. 1. Retrieved 2010-12-23.
- Weaver, Matthew; Tran, Mark (2010-12-09). "WikiLeaks cables: Shell, Operation Payback and Assange for the Nobel prize - as it happened". The Guardian. London. Retrieved 2010-12-23.
- AnonOps – Main coordination website for Operation Payback (Disfunctioning)
- AnonOps IRC Network – Main IRC network where anonymous resides on
- Pandalabs.pandasecurity.com – Chronicle of all Operation Payback events