A UK based, Anonymous hacktivist affiliate–Fawkes Security has revealed that it took down the HSBC websites worldwide on Thursday night via DDoS attacks. The hacktivist group posted the information on Pastebin.com. Here’s what they wrote:

“As some of you may be aware HSBC bank suffered several DDoS attacks on the named sites in the past hours us.hsbc.com hsbc.co.uk hsbc.com hsbc.ca they were all brought down by #FawkesSecurity. Before any claim fags attempt to take ownership of this attack, the proof is all in our Twitter account, Targets, time and date :) @FawkesSecurity

We are Anonymous
We are legion
We do not forget
We do not forgive
Expect us”

This is exactly opposite to what all thought that the HSBC attack is done by Muslim hacktivists as part of a threatened extension of their campaign of denial of service attacks against US banks last month in protest against the controversial Innocence of Muslims video pulled from YouTube; but as the Anonymous affiliate has confirmed its actions, no doubts are left now. When asked about the same from HSBC, the bank responded that it managed to restore normal access to Internet banking services as all its affected websites (in the US, Canada and the UK) by 03.00 BST on Friday, 19 October. It stressed that customer data was never at risk.

HackANGLE editor Kyt Dotson says, “The name ‘Fawkes Security’ comes from the Anonymous meme of using a Guy Fawkes mask as their go-to emblem and device. As a group they’ve outed themselves as a cell of the hacktivist collective. Only a day ago, the new group even made a bomb threat  on Pastebin that would coincide with Guy Fawkes Day–November 5th. The bomb threat cited a US government building, high explosives, and TCP–the transmission control protocol that underlies all communication on the Internet.”

Read about the bomb threat at TechNewsDaily.

There are doubts that some purchases using debit cards issued by HSBC might also have been affected, but security experts believe that it was probably a mixture of brute-force flooding as well as more sophisticated application-layer attacks. Zombie bots are a likely source of the attack traffic, if recent experience is anything to go by, but this too remains unconfirmed.

And the worst part is that the Anonymous hacktivist group says that they’ll keep targeting the other banks in future, giving the reason that it’s their fault that the worlds’ economics are so messed up.