Cybercriminals are, once again, trying to swell the number of computers compromised by the Andromeda backdoor. This will allow them to control the machines and download additional malware at the behes…
View original post here:
The Andromeda botnet is ballooning once again
The recent story involving our favorite power-mad petrol head Jeremy Clarkson’s suspension from the BBC has us all on the edge of our seats, as this latest controversy not only puts his future on Top Gear on shaky ground, but jeopardizes the show’s future in general. Many people have shown him support, from an online petition to British Prime Minister David Cameron saying he’s a fan. Clarkson’s got friends in high places, it seems, but according to a report, he’s got friends in low places, too. To recap how this all started, Clarkson allegedly threw a punch at a Top Gear producer during a “fracas” over not being served the dinner he wanted after a long day’s shoot. This has resulted in his suspension from the BBC along with the final three episodes of the show postponed indefinitely. Among the buzz of supporters, The Mirror is reporting that the activist group Anonymous has threatened the BBC with a DDoS attack if Clarkson isn’t reinstated. This kind of internet attack overwhelms a website with traffic requests, effectively shutting it down. The report claims that an open letter to the BBC made these claims, branding the hacker mission as #OpBringBackClarkson saying “You don’t wanna piss off 300 million people…” and “BBC you are warned… DDOS cannons will fire if you don’t comply.” Sounds like Ol’ Clarkson has the might of internet justice behind him, doesn’t it? A closer look tells a slightly different story. First off, there’s hardly an official source for a group called Anonymous for the obvious reasons, so its hard to peg for sure when someone is speaking on the organization’s behalf. Usually, associated twitter accounts like @YourAnonNews, which has over a million followers, indicate what’s trending amongst the cabal, and #OpBringBackClarkson really isn’t up there. Like, at all. As of this writing, eleven people have used the hashtag on twitter. Eleven. Looking at many of the Anonymous-branded twitter accounts and websites reveal that their uproar is more focused on things like the recent Ferguson protests and other serious issues of violence across the globe. Nobody is really talking about their favorite car show host. The Mirror’s article posts what seems to be the one Anonymous-related twitter post regarding the incident, but its handful of followers and tweets, in comparison to sources like @AnonyOps make it seem like an Anonymous fan rather than the voice of a movement. Surely then, this “open letter” would have more information? It might if you can find it. For all this talk of an open letter, any searches and stories posted simply refer back to the original Mirror article, with no links going to the BBC-directed open letter. In fact, after searching for hours, the only way we found it was to tweet the author of the post himself, who shared with us this link: http://pastebin.com/Kau1eP6N The letter doesn’t say much else beyond what we quoted above, save for linking to the Change.org petition and the recanting of Anonymous “we are legion” maxim. Pastebin is a great way to anonymously post text, but it doesn’t really work as an open letter forum unless you get the word out, and none of the Anonymous people are doing that, just The Mirror. We’re wondering if the BBC has even seen this. Again, the tricky thing about dealing with a group called Anonymous is, well, they’re anonymous. We’re not suggesting that this threat is false, but the evidence indicating that it might be is sketchy at best. Source: http://www.digitaltrends.com/cars/anonymous-to-ddos-attack-the-bbc-site-over-clarkson/
Continued here:
Anonymous to BBC: Bring back Clarkson, threatens DDoS attack
AntPool, BW.com , NiceHash, CKPool and GHash.io are among a number of bitcoin mining pools and operations that have been hit by distributed denial-of-service (DDoS) attacks in recent days. The incidents appear to have begun in the first week of March. For example, on 11th March, AntPool owner Bitmain sent an email to customers disclosing the DDoS attacks and advising external pool users to set up failsafe pools in the event of an outage. According to many of the companies affected by the incidents, those behind the attacks demanded payment in bitcoin in return for stopping the attacks. BW.com alerted customers via its official blog to possible service disruptions owing to oattacks, but did not say whether or not a ransom notice had been sent. Other pools took to Bitcoin Talk to warn users about the DDOS attacks. GHash.io operator CEX.io suggested that affected pools are seeing escalating DDoS threats, and said that the source of recent attacks on its pool came with increasing ransom demands. A spokesperson for CEX.io told CoinDesk: “The attack has been conducted by a hacker who has already DDoSed CEX.IO in October, 2014. Previously, he demanded 2 BTC for stopping the attack. This time, the payment has been raised to 5 to 10 BTC.” At least one other mining pool, NiceHash, also reported sustained DDOS attacks last fall. The alleged source of the DDOS attacks, operating under the name DD4BC, is believed to be behind a number of attacks on digital currency websites and services in the past year. Incidents tied to DD4BC include an attack last year on the digital currency exchange Bitalo that resulted in the posting of a 100 BTC bounty. Following the recent DDOS threats, Bitmain contributed an additional to the bounty. Disruptions likely to continue Affected pools say they have moved to boost in-house defense mechanisms in light of the attacks, but some have warned that future outages may likely occur. Bitmain said that its other services, including the cloud mining platform HashNest, may also be affected in the coming days. Operators that responded to press queries say they have refused to pay the ransoms and will continue keeping their pools open despite the risk of future DDoS attacks. Some of the pools have conceded that resolving the situation will be difficult owing to the capabilities believed to be possessed by the source of the attacks. Bitmain’s Yoshi Goto noted that the attacks appear to be systematic and acknowledged that it remains unclear when the situation will be completely resolved. “It is a cat and mouse game now but we will do our best,” he said. CoinDesk will continue monitoring the developments and post updates as they become available. Source: http://www.coindesk.com/bitcoin-mining-pools-ddos-attacks/
See more here:
Bitcoin Mining Pools Targeted in Wave of DDOS Attacks
Feminist blog Femsplain was taken offline earlier today by a distributed denial of service (DDoS) attack, according to the site’s founder, Amber Gordon. She tells The Verge that the site was offline for roughly three hours before service returned intermittently late Sunday afternoon on the East Coast. The timing seems far from random: today is International Women’s Day. In a tweet, Gordon — best known online as @missambear — shared a screenshot showing the massive influx of traffic from the DDoS attack. Such attacks overwhelm the servers that host websites with a avalanche of requests. According to Gordon, these sorts of attacks are not rare. “We constantly have people attacking us and attempting to bring our website down. It’s unfortunate but the reality of our mission.” She added in comments to The Verge that prior attacks are “never to this severity and I think it’s because it’s International Women’s Day.” Social media accounts taking credit for the attack used the hashtag #internationalwomensday, suggesting the harassment is tied to today’s date. The blog started up late last year as a place for women to discuss topics from online harassment to Gamergate. It has a group of female contributors who publish stories to the site. It also shares reader submissions. Gordon says that “our community is so vocal about supporting us that tons of people were sending messages out on social media to raise awareness that this was happening.” She added, “unfortunately it happened on a day that’s meant to celebrate women.” Source: http://www.theverge.com/2015/3/8/8171269/ddos-attack-targets-femsplain-on-international-womens-day
Excerpt from:
DDoS attack targets Femsplain on International Women’s Day
The increase in the frequency, volume and sophistication of DDoS attacks has helped boost the awareness of these threats among Asia-Pacific (APAC) enterprises. New analysis from Frost & Sullivan fi…
Read the original:
A proactive approach to DDoS attack prevention
Authorities in China have broken up an international online gambling operation based in Hunan province. China’s official press agency Xinhua quoted Chinese police saying they’d detained 19 individuals following a two-month investigation. A further eight individuals have been targeted for arrest over their roles in the operation of the Shenbo Sun City website, whose servers were based outside the country. Police said the operation earned a profit of RMB 1.4b (US $$223m) between May 2013 and Oct 2014. Police have frozen approximately 1,000 bank accounts across China containing around RMB 200m. This marks China’s second major bust of 2015, having taken down a similarly large operation in Shandong province in January. Over in South Korea , authorities have arrested two ‘cyber security experts’ accused of targeting an online gambling site with distributed denial of service (DDOS) attacks. Intriguingly, the hackers were hired by another illegal online gambling operator intent on eliminating his competition. The Korea Times quoted the National Police Agency saying a man named Yang, the owner of an online security company, was paid a hefty KRW 1b (US $911k) since May 2014 to target the online gambling operator’s competitor on multiple occasions. Neither site operator was publicly identified by police. On Sept. 25, Yang reportedly hacked into 12k computers and commanded them to spam the targeted site with messages in order to crash its servers. Yang told police he’d agreed to don the black hat because his legal sources of income were “unstable.” Police are continuing to investigate to determine what other DDOS attacks Yang and his henchman might have launched. Source: http://calvinayre.com/2015/03/03/business/korean-gambling-site-ddos-attack-on-competitor/
Continue reading here:
China online gambling bust; Korean site orders DDoS attacks on competitor
An industry warning has been issued to businesses and Software-as-a-Service providers advising that attackers are currently exploiting a vulnerable Google Maps plugin installed on Joomla servers to launch distributed denial of service (DDoS) attacks. “Vulnerabilities in web applications hosted by Software-as-a-Service providers continue to provide ammunition for criminal entrepreneurs. Now they are preying on a vulnerable Joomla plugin for which they’ve invented a new DDoS attack and DDoS-for-hire tools,” said Stuart Scholly, senior vice president and general manager at the Security Business Unit, Akamai Technologies. “This is one more web application vulnerability in a sea of vulnerabilities.” The vulnerability found in the Google Maps plugin for Joomla allows the platform to act as a proxy, enabling attackers to process fake requests and return the proxy results to a targeted user in the form of a DDoS attack. The source of the attack remains anonymous as the hack-related traffic appears to come from the Joomla servers. Figures released in February 2014 showed that Joomla, the second most frequently used online content management system after WordPress, had been downloaded over 50 million times. Working with Phishlab R.A.I.D, Akamai’s Prolexic Security Engineering and Research Team (PLXsert) were able to match the DDoS signature traffic coming from a number of Joomla sites, suggesting that the vulnerable plugins are currently being used to execute a large amount of reflected GET flood DDoS attacks. The research has also found that the attack vector is being advertised over popular DDoS-for-hire websites. PLXsert identified over 15,000 supposed Joomla reflectors online. Despite many of the vulnerable plugins having been patched, removed or reconfigures, many of the servers remain open to attack. Reflection techniques to conduct DDoS attacks are extremely common, with 39% of all DDoS traffic employing reflection to bounce malware off third-party servers and to hide the attackers’ identity. Source: http://thestack.com/ddos-attacks-vulnerable-google-maps-plugin-020315
Read this article:
DDoS attacks enabled via vulnerable Google Maps plugin
Cops analysing command and control server … in Hampshire Euro cybercrime cops have taken down the RAMNIT botnet, which has infected 3.2 million computers worldwide, including 33,000 in the UK.…
View post:
Europol shuts down darn RAMNIT botnet
Evgeniy Bogachev accused of GameOver ZeuS botnet crimes The US State Department and the FBI, have stumped up $3m in reward money for the arrest of Evgeniy Mikhailovich Bogachev, the 30-year-old Russian man accused of stealing over $100m with his malware.…
Link:
Red or alive, you’re coming with me: Feds offer $3m reward for ‘CryptoLocker baron’
There are only the sites and services Internet which are subject to known denial of service attacks – common phones, whether mobile or not, are also subject to suffering such blows. That’s what the site revealed The Register that, on Monday (23), brought the story of TNT Instant Up, a device created by hackers Eastern Europe just facing this purpose. Sold on the Internet by values ??ranging between $ 500 and $ 1,200, the equipment uses an interconnected system of SIM cards and modems to bomb one or more numbers linked. Calls are empty and only serve to clog the lines, preventing legitimate users are able to access them The idea here is basically the same as any attack DDoS :. Prevent the use services. But, here, they are not removed from the air, but only end up congested and unusable for the duration of the attacks. The practice is being called TDOs, short for Telephone Denial of Service , or denial of telephone service. The problem is that in the new modality, the results would be much more dangerous . While most of the scams of this type cause financial losses to affected companies and inconvenience to its users, it TDOs would be able to, for example, block emergency services. Furthermore, the TNT Instant up would be simple enough to literally anyone could use it. In a demonstration video freely available on YouTube, one of tool vendors shows up with various cell at the same time, with numbers that are entered from a running software on a computer. Trading in the “merchant” happens ICQ or email and the product is sent by mail as any conventional electronic. The FBI would have identified at least two circumstances in which a device such as TNT Instant Up was used to prevent user access to health service plan or emergency lines. Nevertheless, did not identify crimes that were being made in relation to the attack and that would justify blocking the line and trying to prevent citizens to contact the police, for example. According to the information of IntelCrawler , a provider of systems and security solutions, as well as in denial of service attacks on the web, there are ways to protect against this new type of coup, unless, of course, disconnect the line to phone stops ringing nonstop. An alternative that simply does not exist for emergency services, especially now become more of a tool target that can be used by anyone, whatever her intent. Source: http://www.unlockpwd.com/hackers-create-tool-that-ddos-attacks-on-telephone-lines/
Originally posted here:
Hackers create tool that DDoS attacks on telephone lines