Category Archives: DDoS Criminals

Wells Fargo Still Dealing with Distributed Denial of Service (DDoS) Attack

Hacktivists’ phase 2 distributed-denial-of-service attacks against U.S. banks appeared to subside Dec. 19. Only Wells Fargo reported online access issues, but the bank pointed out that outages were limited. A day earlier, the bank reported a more extensive DDoS hit. The hacktivist group Izz ad-Din al-Qassam Cyber Fighters Group on Dec. 18 posted an update on Pastebin , saying targeted banks could expect more distributed-denial-of-service attacks this week, resembling the magnitude of attacks waged against Bank of America, JPMorgan Chase, PNC Financial Services, U.S. Bancorp and SunTrust Bank a week earlier The group, however, did not name its targets in the Dec. 18 posting. But based on outage reports confirmed Dec. 18 and Dec. 19 by Wells Fargo, the bank apparently was one of those that Izz ad-Din al-Qassam has chosen to attack this time around. Wells Fargo spokeswoman Sara Hawkins said some bank customers may have experienced issues accessing their online accounts throughout the day Dec. 19. “We’re not seeing widespread impact, but we do recognize that some customers may have intermittent access to our website,” she said. On Dec. 18, however, Hawkins said the bank was seeing heavier than typical traffic. “We’re seeing an unusually high volume of traffic, which is creating slow or intermittent access to our website for some online customers,” she said. But none of the five banks named as targets in Izz ad-Din al-Qassam’s Dec. 11 announcement of the launch of a phase 2 DDoS campaign reported similar issues. Ten banks were targeted in the first campaign of DDoS attacks, which ran from mid-September until mid-October. Those banks included the five noted above as well as Wells Fargo, Regions Bank, HSBC Holdings, BB&T Corp. and Capital One. Among these, only Wells has reported additional outages allegedly linked to Phase 2. The others confirmed Dec. 19 that their sites remained unaffected. The hacktivist group claims it will continue its attacks on U.S. banks until a YouTube movie trailer, deemed to be offensive to Muslims, is removed. The Financial Services Information Sharing and Analysis Center on Dec. 12 issued an advisory , outlining precautions institutions should take as they prepare for more attacks. The FS-ISCAC notes that hacktivists’ warning that the second phase will be more severe should be heeded. For DDoS protection for your eCommerce site click here . Source: http://www.bankinfosecurity.com/wells-fargo-still-dealing-ddos-a-5370

Read this article:
Wells Fargo Still Dealing with Distributed Denial of Service (DDoS) Attack

Android botnet spreads SMS spam

Researchers from two security firms have detected widespread SMS spam campaigns aimed at making users download a new Android Trojan that ropes their devices into a mobile botnet for sending our more s…

See the original article here:
Android botnet spreads SMS spam

Top 7 security predictions for 2013

A seismic shift in who controls the Internet? Another Mac malware outbreak? Your smart TV being highjacked for a DDoS attack? Whatever 2013 may bring, it’s sure to be an interesting year. Here’s F-Sec…

Taken from:
Top 7 security predictions for 2013

To the Rescue: A Fully Managed Distributed Denial of Service (DDoS) Protection Solution

With its hosting DNA, DOSarrest understands the challenges of dealing with a distribute denial of service (DDoS) attack in a data center. We know, for example, that for every minute your website is reeling from a DDoS attack, thousands – or even hundreds of thousands-of dollars can be lost in the form of missed sales and credibility with your customers. In addition to lost revenue, you risk future losses due to the negative impact to your search engine optimization (SEO) ranking caused by a prolonged outage – a penalty from which it can take months to recover. To help avoid these problems, DOSarrest designed a cloud-based mitigation service that provides carrier-grade service and leaves your Web infrastructure intact. Because we created a multilayered defense system in each of its geo-distributed mitigation centers, we can handle the large Layer 2 and Layer 3 attacks all the way to the most sophisticated application layer incursions with relative ease. Expecting the Unexpected Given the relatively low barrier of entry for the committed attacker, a DDoS attack can be launched at anytime for a variety of reasons, unbeknownst to the victim. Because of this uncertainty, we had to design a mitigation service that could be implemented within minutes. By using a distributed architecture, we can provide both DDoS protection and added website performance for our customers. But this distribution presented some challenges we had to overcome. Given that we broadcast our customers’ content from several locations between Europe and North America, we needed to know how each location was performing. Ensuring Total Stability and Performance To solve this problem we developed – and are now in the process of rolling out – DOSarrest External Monitoring Service (DEMS) , a completely separate website monitoring service designed to ensure the highest degree of stability and performance for all the geographic regions from which we broadcast. Even some of the world’s largest content-delivery networks don’t supply this information to their customers. With DEMS , we can provide the first fully managed DDoS protection service, backed by a team of engineers on duty 24/7/365 in our Security Operations Center, which is capable of detecting and thwarting an oncoming attack before it has any effect. Our philosophy is to resolve issues that may arise on the first call or e-mail from our customers. There are no auto-replies here, as an experienced engineer responds to every inquiry, normally within 10 minutes. Jag Bains, CTO at DOSarrest Internet Security . To read more about the InformationWeek DDoS Special Report, download it here: http://www.informationweek.com/gogreen/121112fs

More here:
To the Rescue: A Fully Managed Distributed Denial of Service (DDoS) Protection Solution

Feds smash international cybercrime ring with Power of Facebook

Ad-men and G-men form potent globo force The FBI have said that with the help of Facebook, they’ve taken down an international crime gang who went on an $850m botnet spree.…

Link:
Feds smash international cybercrime ring with Power of Facebook

Researchers uncover Tor-powered Skynet botnet

Rapid7 researchers have recently unearthed an unusual piece of malware that turned out to be crucial to the formation of an elusive botnet – dubbed Skynet by the researchers – whose existence has been…

Follow this link:
Researchers uncover Tor-powered Skynet botnet

U.K. hacker convicted for taking part in Anonymous attacks

22-year-old Christopher Weatherhead from Northampton, U.K., has been convicted on Thursday on one count of conspiracy to impair the operation of computers for his involvement in the DDoS campaign agai…

Follow this link:
U.K. hacker convicted for taking part in Anonymous attacks

Gameover gang uses Cutwail botnet to swell its own

The hackers behind the Gameover variant of the popular Zeus banking Trojan have rented the massive Cutwail botnet in order to send out millions of fake emails carrying the malware, warns Dell SecureWo…

See more here:
Gameover gang uses Cutwail botnet to swell its own

Most Americans uninformed about DDoS attacks

Whether motivated by an extreme form of free expression or criminal intent, distributed denial-of-service attacks (DDoS attacks) are increasingly commonplace worldwide. Yet there remains a universal m…

Original post:
Most Americans uninformed about DDoS attacks

Distributed Denial of Service ‘DDoS’ Attacks From Anonymous Cost PayPal £3.5 Million of Damage

The distributed denial of service attack (DDoS) from hacktivist Anonymous has cost PayPal more than €4.3 million . The attack which was named Operation Payback were initially aimed at companies that opposed internet piracy, but switched to companies like Mastercard, Visa and PayPal after they refused to process payments to WikiLeaks . After that attack PayPal -the global leader in online money transfer and payments has paid around £3.5 million defend and arm itself against such kind distributed denial-of-service (DDoS) attacks. In a report BBC said that more than one hundred skilled employees from eBay, PayPal’s parent company, spent almost three weeks working on DDoS-attack-related issues and that PayPal had bought software and hardware to defend itself against further attacks. In all, the total cost of this work came to £3.5 million. This details have been revealed in a court case at Southwark Crown Court where a defendant, Christopher Weatherhead (studying at Northampton University when who allegedly took part in the campaign), is facing charges of conspiring to impair the operation of computers. He has pleaded not guilty to conspiring to impair the operation of computers between 1 August 2010 and 22 January 2011. Sandip Patel , prosecuting, said the group caused PayPal “enormous economic harm” . Mr Patel said they used distributed denial of service, or DDoS, which flooded the targets computers with enormous amounts of online requests. Target websites would crash and users would be directed to a page displaying the message: “You’ve tried to bite the Anonymous hand. You angered the hive and now you are being stung.” Mr Patel said: “This case, simply put, is about hackers who used the internet to attack and disable computer systems – colloquially described as cyber-attackers or vandals.” He said Mr Weatherhead, who used the online name Nerdo, posted plans on an Internet Relay Chat (IRC) channel encouraging an attack on PayPal. He said PayPal was the victim of a series of attacks “which caused considerable damage to its reputation and loss of trade”. Source: http://www.voiceofgreyhat.com/2012/11/DDoS-Attack-From-Anonymous-Cost-PayPal-3.5-Million.html?utm_source=dlvr.it&utm_medium=identica

Continue Reading:
Distributed Denial of Service ‘DDoS’ Attacks From Anonymous Cost PayPal £3.5 Million of Damage