What Is LOIC?

LOIC ("Low Orbit Ion Cannon") is an application developed by 4Chan-affiliated hackers designed to—when used en masse by thousands of anonymous users—launch Distributed Denial of Service (DDoS) attacks on websites. Like Visa.com and Mastercard.com, for instance.

It's a pushbutton application... The idea behind LOIC is that it can allow you to participate in attacks even if you've no clue how to hack. Just download a copy of LOIC (available for Windows, Mac, and Linux!), punch in the target information like a URL or an IP address and zap.

...that can be controlled by a central user... The Windows version of LOIC has a "Hivemind" feature that lets you point your copy at an Internet Relay Chat server, allowing someone else—say, the Anon Admins behind Operation Payback, the campaign that is currently striking out against Visa, Mastercard, and other financial organisations in retaliation for their decision to stop doing business with Wikileaks—to control at what site all connected LOIC clients are aimed. And because it takes thousands of LOICs all pointed at a single site to make a real impact, letting a central administrator press the big button of website destruction makes the whole network more effective.

Giving hackers control of your computer by choice? Sounds dangerous. But because the LOIC client is open source, the chances that a virus or backdoor into a user's own system could be a hidden payload is minimal.

...to launch a flood of killer internet packets... LOIC basically turns your computer's network connection into a firehose of garbage requests, directed towards a target web server. On its own, one computer rarely generates enough TCP, UDP, or HTTP requests at once to overwhelm a web server—garbage requests can easily ignored while legit requests for web pages are responded to as normal.

But when thousands of users run LOIC at once, the wave of requests become overwhelming, often shutting a web server (or one of its connected machines, like a database server) down completely, or preventing legitimate requests from being answered.

...with little risk to the user. Because a DDoS knocks everything offline—at least when it works as intended—the log files that would normally record each incoming connection typically just don't work. And even if they do, many LOIC users claim that another user was on their network or that their machine was part of a bot net—a DDoS client delivered by virus that performs like a hivemind LOIC, minus the computer owner actually knowing they are participating.


Comments

    It disappoints me to see articles like this on Gizmodo. Vandalism isn't cool and there are much better methods to make your voice heard.

      They are a tech blog covering tech news...deal with it.

      Listen hippie, unless you mean actual activism (standing up for your rights and fighting with force) the only "better methods to make your voice heard" are good for nothing more then a laugh.

      Lets take for example a peacefull parade in the street...sure you might look good, all united for a cause, but lets face the music - If you dont force someone's hand, there is little chance that someone who has been doing something wrong will simply have a change of heart because you're on the street.

      I want Julian Assange to be released from the farce of a trial, but i dont think that throwing flowers at people is going to make a difference, so ill help with the global push to ensure that the government becomes accountable to it's people!

      Fight for your freedoms or forever lose them.

      Eh it was interesting, and it's linked to current tech news so it perfectly fits Gizmodo's bill. It's not like the article reads "OMG LOIC is awesome! You should all join in!"

      Also considering Wikileaks got DDOSd to shit after the cables started being released (no doubt by a government body) I'm very interested to see news of the same methods being employed in favour of the site.

      Maybe I just don't care much for banks too, considering how immoral they always seem to end up being. Greed anyone? :/

        It goes beyond tech news when they're providing links to the program itself. That's the main thing I have issue with.

        @Sam

        It's an interesting informational piece for people that otherwise wouldn't follow this sort of thing and may be interested how a relatively small number of users can take down a major site. The fact it has a link is largely irrelevant...if someone wanted to use the app they could get on Google and find it in a few seconds anyway. Having a link doesn't mean Gizmodo is advocating DDOS attacks.

      Yeah, I only like seeing tech news on a tech news site if it's about lollipops and rainbows.

      We don't want reality here. We'd rather just watch Steve Jobs and pretend technology is used for nothing but touchscreens.

      Name 3 effective methods that are better?

      Write a letter to your local MP and demand action on the issue .... (laughs)!!

    Agree that this article shouldn't be on Gizmodo. Remember the people who got arrested for launched DDoS? I don't want to see in the future another person who gets arrested saying on TV, "I followed what Gizmodo told me.".

    Vandalism is illegal. Full stop. Not some fancy "heroic" act to voice out your "views" with.

      useing the public as human mine detectors is llegal, torture is, imprisonment without trial.... www
      sowhyiswikileaksagoodthingagain dot com

      Education isn't the same as advocating. In university we got told how you could modify email headers...doesn't mean the university was telling us all to then use that information to develop spamming applications.

    Like what ????

    Well, something like this where they're trying to knock out Visa and Mastercard I'm not that opposed to.

    The thing is how long before this gets abused and they start targeting random website because some girl called the controller and loser?

    Giving such power to the likes of 4chan? That's crazy.

      if you read the article, 4chan developed this, it wasn't gifted to them.

        Yes I know that.

        What I meant is why would anyone put this on their computer and let their bandwidth be used by the likes of 4chan users?

        At least you know (trust) what [email protected] is doing with your computer.

    it seems the authorities are using unconventional methods to go after wikileaks and its personnel. some kind of non-lethal retaliation is warranted, IMHO.

    Visa & MasterCard: KKK Is A-OK, But Wikileaks Is Wicked

    http://www.techdirt.com/articles/20101207/09264812164/visa-mastercard-kkk-is-a-ok-wikileaks-is-wicked.shtml

    apparently one can donate to the KKK using visa and/or mastercard. but not wikileaks.

    Remembering that this site is more blog than journalism, I still think that Gizmodo needs to be careful publishing articles such as this that can be conceived as suggesting a DDoS attack on certain websites.
    Whatever Gizmodo and our (the readers) opinions may be, DDoS is still an illegal activity.
    That being said, it is certainly interesting news that such a program has been released.

      this program has been around for AGES!! it has only recently recived media attention.

      seriously guys, for Gizmodo readers i am supprised!

    Here is a web based LOIC Version and it works http://tiny.cc/92xi8

    Have fun!

    The little wiki fans are making a lot of noise and having a good time saying 'fire, fire, fire,' but they really aren't doing very much in the way of harm. A bunch of noisy kids in black masks are holding a march and smashing some shop windows. Big deal. It's kabuki, not war. If they had any guts, they wouldn't be anonymous.

    Crikey, did I stumble onto some weird newbie site? Given this is Gizmodo I would assume some of you guys have heard of Google right? It's not like it's a hard program to find.

    The Wikileaks saga is finally waking people up to the fact there's a bit more to the internet than benign blogs and boring trivia, it is a place where people have started re-defining the rules of society around what can be said and done.

    There is no longer a central power capable of shutting down discourse, there are work-arounds available for just about every online and real-life scenario out there at a mouse-click.

    People are able to mobilize so quickly in great numbers that governments will eventually have to listen, I'd just be thankful they're not targeting key IT infrastructure... yet.

    I don't know about y'all but I think that is one awesome name: LOIC - Low Orbit Ion Cannon

    Gizmodo is sharing the tech side of this story; something that I've been wanting to see more of. News articles related to the latest WikiLeaks happenings just hop over explaining how the DDoS attacks are done. So, I am actually grateful to Gizmodo for giving me [some] insight. Not because I now want my home computer to be part of a bot-net (I prefer to pass on such ideas) but because, from a tech perspective, it's just awesome stuff. Downloading LOIC would be neat for personal fascination, especially since it's open source. Besides, I always dreamed of getting a Low Orbit Ion Cannon for Christmas ;-)

    Chill out people and enjoy the show!

    It's awesome to see the internet has truly matured into a tool that can be used to affect government. Targeting VISA/MC, AnyBank etc is an effective and real method of instilling change. Peaceful protests, as mentioned above, are useless. If you are the target of public dissent and all the public do is stand outside your house and 'say' nasty things, then you don't really give a toss, you sneak out the back door and carry on with life. If bricks and cocktails come flying into your home and threaten your existence, you WILL rethink your strategy. JA is being threaten physically! He will be forced into jail or just wind up dead. Why be nice to a government that uses these measures on citizens. The US did not email Saddam and say, can you please stop being an a**hole? No, they bombed his nation, publicly hung him (truly sick!!!) and are still killing thousands of his innocent civilians. Milosevic went to the hague and was poisoned. Don't be nice to a**hole governments. Hit them. And hit hard. It's the only way. Hurting their financial institutions financially works. Period. Rock on Giz, you're the best.

Join the discussion!

Trending Stories Right Now