Author Archives: Enurrendy

Botnet-powered ballot stuffing suspected in 2nd referendum petition

‘Tiny fraction of the overall count’ however A petition for a second EU referendum in the UK has been hit by suspicions of computer automated ballot stuffing, possibly by politically motivated hackers.…

View article:
Botnet-powered ballot stuffing suspected in 2nd referendum petition

Inside the World of the Dark DDoS

This isn’t your grandma’s DDoS Today’s distributed denial of service attacks are different than the kinds that we saw at the dawn of the millennium when the threat emerged. They’re becoming more nuanced, and subtle – and they could result in a lot more than a downed web server.…

View article:
Inside the World of the Dark DDoS

Godless Android malware offers serious firepower to a botnet herder

One of the most concerning characteristics of the Godless malware is the ability to receive remote instructions on which app to download and install on mobile devices, without the user’s knowledge. This is called command and control (C&C). Being a DDoS subject matter expert, I believe this has the makings of something more insidious than malicious ads. Nearly one million infected Android devices connected to 4G LTE networks offers some serious firepower for a botnet … More ?

Visit site:
Godless Android malware offers serious firepower to a botnet herder

Anonymous Legion claims attack on Minnesota courts website

The international activist hacker group Anonymous Legion is claiming responsibility for an attack on the Minnesota Judicial Branch’s website that rendered it unusable for most of Wednesday. State officials became aware of the “distributed denial-of-service” (DDoS) attack about 8 a.m. Wednesday, around the same time Anonymous Legion e-mailed the Star Tribune. “Servers have also been penetrated and data has been secured, contrary to what they will tell you,” said Anonymous Legion’s e-mail. “This will occur frequently.” The group said the act was executed “collectively, through a global attack.” It is known for DDOS attacks on government websites, among others. The attack is similar to ones that interrupted the site last December. Last year’s attacks were traced to Asia and Canada. The state did not say Wednesday whether the attacks may be linked. “We are in the process of communicating with the FBI Cyber Task Force about this incident,” Beau Berentson, a spokesman for the state court administration office, said in a written statement. The website (www.mncourts.gov), visited by thousands every day looking to access court resources and information, was taken offline as the attack was investigated. Access to the site was restored around 5:15 p.m. “We have no evidence that any secure data has been inappropriately accessed,” Berentson said. Other online resources linked through the website are still functioning, including eFiling and eService, the Court Payment Center and remote access to district and appellate court records. The website was down for several hours from Dec. 21 to 31 in the previous attacks. “In a DDOS attack, an outside entity attempts to overwhelm an online resource with so much network traffic that it is no longer accessible to legitimate users,” State Court Administrator Jeff Shorba said in a January statement about last year’s attacks. “During these attacks, the Minnesota Judicial Branch did not experience any form of data breach or inappropriate access to court records, nor is there any evidence to suggest that the attackers attempted to gain access to Judicial Branch records or information.” Those attacks were reported to the federal government and Canadian authorities. “DDoS attacks are becoming increasingly common against high-profile websites in both the public and private sectors,” Shorba said in January. “While we cannot prevent these attacks from being launched, the Minnesota Judicial Branch is now better prepared to respond to these types of attacks in the future.” Source: http://www.startribune.com/minnesota-courts-website-attacked-again-by-hackers/384003231/

Continue Reading:
Anonymous Legion claims attack on Minnesota courts website

Central banks of South Korea and Indonesia bulk up security following DDoS attacks by hacktivists

The central banks of Indonesia and South Korea are reportedly bulking up security on their public-facing websites after being hit with cyberattacks and distributed-denial-of-service (DDoS) disturbances linked to notorious hacking collective Anonymous. In response to the attempted cyberattacks, Ronald Waas, deputy governor of Bank Indonesia (BI), told Reuters his institution was forced to block 149 regions that don’t usually access its website, including “several small African countries”. The central banks of Indonesia and South Korea are reportedly bulking up security on their public-facing websites after being hit with cyberattacks and distributed-denial-of-service (DDoS) disturbances linked to notorious hacking collective Anonymous. In response to the attempted cyberattacks, Ronald Waas, deputy governor of Bank Indonesia (BI), told Reuters his institution was forced to block 149 regions that don’t usually access its website, including “several small African countries”. As previously reported, a video statement posted to YouTube on 4 May by the group said: “We will not let the banks win, we will be attacking the banks with one of the most massive attacks ever seen in the history of Anonymous.” Later, the central bank of Greece admitted its website was taken offline for a short period of time. This was followed by other banks in countries including France, England, Scotland and Sweden. In June, the hackers announced that ‘phase three’ of the operation has started – dubbed Project Mayhem – and that the focus of the campaign would change to include major stock exchanges. In any case, the global banking system has been left shaken by a number of successful hacks, breaches and cyber-heists throughout 2016. In one attack, the Bangladesh central bank was targeted by a highly coordinated team of hackers that were able to steal a massive £81m via fraudulent money transfers. Source: http://www.ibtimes.co.uk/central-banks-south-korea-indonesia-bulk-security-following-ddos-attacks-by-hacktivists-1566836

Continue reading here:
Central banks of South Korea and Indonesia bulk up security following DDoS attacks by hacktivists

Botnet-powered account takeover campaign hit unnamed bank

A single attacker has mounted two massive account takeover (ATO) campaigns against a financial institution and an entertainment company earlier this year, and used a gigantic botnet comprised of home routers and other networking products to do it. “ATO attacks (also known as credential stuffing) use previously breached username and password pairs to automate login attempts. This data may have been previously released on public dumpsites such as Pastebin or directly obtained by attackers through … More ?

See the article here:
Botnet-powered account takeover campaign hit unnamed bank

Overwatch Servers Went Down After Alleged DDoS Attack

Infamous hacker group Lizard Squad is thought to be at it again, this time taking down Overwatch servers and leaving players unable to join and remain in a session. Over the past week, Blizzard has been experiencing some problems with Battle.net that have made it difficult for players to use the service as intended with games like Overwatch . Now, there’s word that these issues might have been caused by a DDoS attack launched by members of hacker group Lizard Squad. Some users are reporting that they are unable to log in to Battle.net. Others are able to enter, but find themselves kicked out of multiplayer matches in Overwatch for seemingly no reason. Ordinarily, issues like these would be brushed off as being part and parcel of the modern online experience. However, a suspicious tweet from a known Lizard Squad member has led to the group being implicated, according to a report from VG247. The above tweet is being taken as proof that Lizard Squad member AppleJ4ck was involved with the attack. Some Overwatch players responded to his post to vent their annoyance about the situation — to which AppleJ4ck responded, “in a way, I’m doing y’all a favor.” This is not the first time that Lizard Squad has targeted organizations within the video game industry. The group rose to prominence back in 2014, when a coordinated attack brought down the PlayStation Network and Xbox Live over Christmas, causing massive headaches for the companies involved. Of course, the attack was not an unmitigated success for the group, as the high-profile hack made Lizard Squad an immediate target for authorities. Just days later, a 22-year-old alleged to be a part of the organization was the subject of a raid by police in the United Kingdom. However, the strength of a group like Lizard Squad is the fact that they are spread all over the world. Individual members can be found and brought to justice, but it’s difficult to make a concerted attempt to stamp out its activity outright. If the situation is hard on the authorities, then it’s even more challenging for a company like Blizzard. The overwhelming popularity of Overwatch means its hard enough for the company to keep Battle.net afloat at the best of team, never mind when there are hackers on the prowl. Unfortunately, criminal elements like Lizard Squad are part and parcel of the modern online experience. Companies like Blizzard have to take these groups into consideration when operating a service like Battle.net — hackers have the power to ruin the experience for the rest of us, and the only defence is a robust level of security. Source: http://gamerant.com/overwatch-servers-down-ddos-attack-846/

More:
Overwatch Servers Went Down After Alleged DDoS Attack

Muslim Brotherhood’s Website Suffers DDoS Attacks and Data Leak

The official English language website of Muslim Brotherhood movement was forced to go offline after facing massive DDoS attacks! Earlier today, a hacker going by the handle of SkyNetCentral conducted a series of distributed denial-of-service (DDoS) attack on the official website of Society of the Muslim Brothers or Muslim Brotherhood (Al-Ikhwan al-Muslimun in Arabic) forcing the website to go offline despite using CloudFlare DDoS protection service. The hacker also conducted  DDoS attacks on the official website of Freedom and Justice Party, which is an Egyptian political party affiliated with Muslim Brotherhood. That’s not all, the attacker also managed to bypass site’s security and steal Al-Ikhwan al-Muslimun’s files from the database, ending up leaking it online for public access. Upon scanning the leaked data HackRead found it to be legit and never been leaked on the internet before. The data dump contains IP addresses, email conversation, comments and commenters’ names and IP addresses. It seems as if the hacker only managed to compromise some tables of the database without getting hold of any sensitive data. The only damage that can be caused is tracing the location of the commenters but that’s not a task just anyone can perform. Here is a screenshot from the leaked data showing comments and IP addresses: At the moment, the motive behind these attacks is unclear however after going through attacker’s profile it’s evident that they have been targeting Muslim Brotherhood, Council on American-Islamic Relations – CAIR and other similar organizations. Source: https://www.hackread.com/muslim-brotherhoods-website-suffers-ddos-attacks/

More here:
Muslim Brotherhood’s Website Suffers DDoS Attacks and Data Leak

Businesses receive another warning over the threat of DDoS attacks

We have all heard the stories of businesses which have suffered debilitating DDoS attacks and, in some cases, succumbing altogether. Take Code Spaces, the web-based SVN and Git hosting provider which suffered such an attack in June 2014 that it was forced to wave the white flag and cease trading after recovering all the data lost would cost too much. Now, a new piece of research from A10 Networks argues businesses face ‘sudden death’ from DDoS if caught unawares. The average company was hit by an average of 15 DDoS attacks per year, according to the survey of 120 IT decision makers, with larger organisations more badly affected. One in three (33%) respondents said they had encountered DDoS attacks of more than 40 Gbps, while one in five had suffered downtimes of more than 36 hours due to the attack. The average attack of those polled lasted 17 hours. More than half (54%) of respondents said they would increase their DDoS budgets in the coming six months, while multi-vector attacks were seen by the majority of those polled (77%) as the most dangerous form of DDoS threat in the future. “DDoS attacks are called ‘sudden death’ for good reason. If left unaddressed, the costs will include business, time to service restoration and a decline in customer satisfaction,” said A10 Networks CTO Raj Jalan. He added: “The good news is our findings show that security teams are making DDoS prevention a top priority. With a better threat prevention system, they can turn an urgent business threat into an FYI-level notification.” Previous research has examined the growing sophistication of DDoS threats. In April, Neustar argued that such DDoS issues were “unrelenting”, with more than seven in 10 global brands polled having been subject to an attack. Source: http://www.appstechnews.com/news/2016/jun/16/businesses-receive-another-warning-over-threat-ddos-attacks/

Continue reading here:
Businesses receive another warning over the threat of DDoS attacks