Researchers at the University of Twente in the Netherlands report that the LOIC (Low Orbit Ion Cannon) software used in pro-Wikileaks Anonymous attacks discloses the identity of the user.
If hacktivists use this tool directly from their own machines, instead of via anonymization networks such as Tor, the Internet address of the attacker is included in every Internet message being transmitted. In the tools no sophisticated techniques are used, such as IP-spoofing, in which the source address of others is used, or reflected attacks, in which attacks go via third party systems. The current attack technique can therefore be compared to overwhelming someone with letters, but putting your address at the back of the envelop. In addition, hacktivists may not be aware that international data retention laws require that commercial Internet providers store data regarding Internet usage for at least 6 months. This means that hacktivists can still be traced easily after the attacks are over.
Here’s a PDF with details on the report. Attacks by “Anonymous” WikiLeaks proponents not anonymous utwente.nl