Category Archives: DDoS News

Sad-sack Anon calling himself ‘Mr Cunnilingus’ online is busted for DDoSing ex-bosses

Electronics tutor’s taunts come back to haunt him An electronics technician pleaded guilty on Wednesday to orchestrating distributed denial of service (DDoS) attacks on a former employer and other organizations – and to unlawfully possessing a firearm as a former felon.…

Link:
Sad-sack Anon calling himself ‘Mr Cunnilingus’ online is busted for DDoSing ex-bosses

IoT malware targeting zero-day vulnerabilities

Once it became evident that IoT devices can be relatively easily enslaved in botnets and that even their limited power can be used for a variety of nefarious purposes, it was open season for malicious actors. First, they targeted IoT devices with default or weak passwords, and manufacturers and users began changing them. Then they used known vulnerabilities, and IoT vendor increased their efforts to push out patches. Now, some of the botmasters are making … More ?

More here:
IoT malware targeting zero-day vulnerabilities

2017 Forrester Wave: DDoS Mitigation Solutions report

In their 36-criteria evaluation of DDoS mitigation providers, Forrester identified 11 of the most significant ones — Akamai Technologies, Arbor Networks, Cloudflare, F5 Networks, Fortinet, Huawei Technologies, Imperva, Neustar, Nexusguard, Radware, and Verisign — and researched, analyzed, and scored them. The Forrester Wave: DDoS Mitigation Solutions, Q4 2017 report features information designed to help you: Gain critical insights into the growing DDoS mitigation solution market Identify the ideal DDoS mitigation solution for your company’s needs … More ?

Read the original:
2017 Forrester Wave: DDoS Mitigation Solutions report

Return of Necurs botnet brings new ransomware threat

The Necurs botnet has returned to the top ten most prevalent malware during November 2017, as cybercriminals used it to distribute a new form of ransomware, according to Check Point. Researchers found that hackers were using Necurs, considered to be the largest spam botnet in the world, to distribute the relatively new Scarab ransomware that was first seen in June 2017. The Necurs botnet started mass distribution of Scarab during the Thanksgiving holiday, sending over … More ?

Link:
Return of Necurs botnet brings new ransomware threat

Will IoT botnets catapult the industry toward security regulation in 2018?

Attackers demonstrated the power of an IoT-fueled botnet in 2016 when the Mirai botnet took down major websites like Reddit, Twitter and GitHub. Despite the damages, no significant changes to the IoT industry occurred. As a matter of fact, consumers continue to purchase and deploy IoT devices with little care outside the guarantee that the device works and the price tag is cheap. Manufacturers continue to pump out new IoT devices at a rapid pace, … More ?

Read more here:
Will IoT botnets catapult the industry toward security regulation in 2018?

DoS scum attacked one-third of the ‘net between 2015 and 2017

Even CHARGEN services are hosed, daily, says CAIDA study One-third of Internet hosts with IPv4 addresses were subject to denial of service attacks in the last two years.…

Visit link:
DoS scum attacked one-third of the ‘net between 2015 and 2017

Anonymous Attacks Spanish Government Sites

Hacktivist group Anonymous has been firing up its DDoS cannon again, this time aiming it at Spanish government websites, in support of Catalan independence. The group claimed to have taken offline the website of the constitutional court, which ruled the Catalonian referendum illegal last week. It also defaced the website of the Spanish Ministry of Public Works and Transport with a “Free Catalonia” message. A statement from the group had the following: “In the name of all the Catalan independence and democracy, Anonymous Catalonia asks all the Anons of the world who are in favour of the freedom of expression […] and peaceful dialogue to persist in the #FreeCatalonia operation until 29 October 2017.” Various accounts associated with the disparate group have been tweeting messages with #opCatalunya and #FreeCatalonia, claiming “big attacks are coming”, although the government sites in question appear to be back to normal now. “We wish to state that the Catalan people’s desire to express their will via a referendum is the majority view and cuts across all strata of society and is in keeping with the civic, peaceful and democratic determination expressed in the multitudinous demonstrations held by organised society in favour of its right to decide,” noted another Anonymous branded video. Stephanie Weagle, VP at Corero Network Security, argued that DDoS attacks continue to function as an effective disrupter of businesses and in some cases help to distract IT teams while information is stolen. “In order to effectively protect their networks, prevent disruptions to customer operations, and better protect against service outages, downtime and potential data theft, companies need real-time visibility and mitigation of all DDoS attack traffic targeting their networks, regardless of size or duration,” she added. “Traditional security infrastructure will not stand up to these service interrupting attacks—a dedicated layer of DDoS mitigation is required to eliminate the DDoS threat. Source: https://www.infosecurity-magazine.com/news/anonymous-attacks-spanish/

Continue reading here:
Anonymous Attacks Spanish Government Sites

CERT issues cyber attack warning for India

Malware Reaper is acquiring internet-connected devices for coordinated attack, say State Cyber Police Mumbai: The Maharashtra Cyber Department is in the process of issuing a State-wide advisory outlining steps to prevent potential targets from falling prey after the New Delhi-based Computer Emergency Response Team (CERT) said it has received intelligence inputs about a massive cyber attack on several countries, including India. The CERT is the country’s central cyber security agency. Maharashtra Cyber Police officers confirmed to The Hindu that the attack would be similar to the Distributed Denial of Service (DDOS) attack that hit the State last year. In July 2016, The Hindu had reported how small and medium Internet Service Providers were under attack from unknown parties, who were pinging their servers incessantly to the point where the servers crashed, denying service to their clients and causing loss of revenue. According to sources, the imminent DDOS attack, which is believed to be on a much larger scale, is being readied using malware known by two names, Reaper and IoTroop, and is currently taking over thousands of machines connected to the internet to be used for a synchronised attack on the target servers. Maharashtra IG (Cyber) Brijesh Singh said, “Mirai had acquired five lakh devices. The Reaper malware has already affected two million devices worldwide, and is acquiring 10,000 devices per day. It seems to be targeting CCTV camera systems and Digital Video Recorders connected to the internet.” Bot attack A Cyber Police officer said, “It’s difficult to say at this point exactly who the targets are, but we have enough information to indicate that machines connected to the internet, including cell phones, laptops, CCTV cameras and other devices, are susceptible. A large number of such machines are being hacked and turned into bots as we speak. Our cyber intelligence network indicates a lot of abnormal behaviour on the internet, consistent with hacking of devices.” A bot, or robot, is an automated programme. In this kind of cyber attack, hackers use malware to infect devices to turn them into bots that do their bidding. Sources said the perpetrators of Reaper are currently creating a huge network of bots, called a botnet in cyberspeak. In October 2016, a malware known as Mirai had executed multiple DDOs attacks on servers of Dyn, a leading domain name service provider, affecting several popular websites including Twitter, Netflix and Reddit. Cyber Police officers said Reaper is amassing bots on a much larger scale than Mirai. “Once the botnet is ready as per the perpetrators’ requirements, they simply have to command the bots to ping servers of the target all at once, resulting in a server crash. Depending on the size of the company or industry targeted, it will result in massive losses of revenue.” A possible way to execute the attack would be that the bots are pre-programmed to strike on a particular day. This possibility is also being probed, officers said. Superintendent of Police Balsing Rajput, Maharashtra Cyber Police, confirmed that intelligence inputs about Reaper have been received. “We are working on the information and will soon be coming out with an advisory regarding the same.” Source: Malware Reaper is acquiring internet-connected devices for coordinated attack, say State Cyber Police Mumbai: The Maharashtra Cyber Department is in the process of issuing a State-wide advisory outlining steps to prevent potential targets from falling prey after the New Delhi-based Computer Emergency Response Team (CERT) said it has received intelligence inputs about a massive cyber attack on several countries, including India. The CERT is the country’s central cyber security agency. Maharashtra Cyber Police officers confirmed to The Hindu that the attack would be similar to the Distributed Denial of Service (DDOS) attack that hit the State last year. In July 2016, The Hindu had reported how small and medium Internet Service Providers were under attack from unknown parties, who were pinging their servers incessantly to the point where the servers crashed, denying service to their clients and causing loss of revenue. According to sources, the imminent DDOS attack, which is believed to be on a much larger scale, is being readied using malware known by two names, Reaper and IoTroop, and is currently taking over thousands of machines connected to the internet to be used for a synchronised attack on the target servers. Maharashtra IG (Cyber) Brijesh Singh said, “Mirai had acquired five lakh devices. The Reaper malware has already affected two million devices worldwide, and is acquiring 10,000 devices per day. It seems to be targeting CCTV camera systems and Digital Video Recorders connected to the internet.” Bot attack A Cyber Police officer said, “It’s difficult to say at this point exactly who the targets are, but we have enough information to indicate that machines connected to the internet, including cell phones, laptops, CCTV cameras and other devices, are susceptible. A large number of such machines are being hacked and turned into bots as we speak. Our cyber intelligence network indicates a lot of abnormal behaviour on the internet, consistent with hacking of devices.” A bot, or robot, is an automated programme. In this kind of cyber attack, hackers use malware to infect devices to turn them into bots that do their bidding. Sources said the perpetrators of Reaper are currently creating a huge network of bots, called a botnet in cyberspeak. In October 2016, a malware known as Mirai had executed multiple DDOs attacks on servers of Dyn, a leading domain name service provider, affecting several popular websites including Twitter, Netflix and Reddit. Cyber Police officers said Reaper is amassing bots on a much larger scale than Mirai. “Once the botnet is ready as per the perpetrators’ requirements, they simply have to command the bots to ping servers of the target all at once, resulting in a server crash. Depending on the size of the company or industry targeted, it will result in massive losses of revenue.” A possible way to execute the attack would be that the bots are pre-programmed to strike on a particular day. This possibility is also being probed, officers said. Superintendent of Police Balsing Rajput, Maharashtra Cyber Police, confirmed that intelligence inputs about Reaper have been received. “We are working on the information and will soon be coming out with an advisory regarding the same.” Source: http://www.thehindu.com/news/cities/mumbai/cert-issues-cyber-attack-warning-for-india/article19920037.ece

Read the original post:
CERT issues cyber attack warning for India

DDoS Attack Pulls Down Bitcoin Gold Website

Ever since the initiation of the hard-fork resulting into a new cryptocurrency – Bitcoin Gold (BTG) – from the bitcoin blockchain, the BTG website has been constantly under DDoS attacks and has not resumed operations ever since. Earlier in the day, a new hard fork in the Bitcoin blockchain network gave rise to a new cryptocurrency Bitcoin Gold (BTG) and ever since then the official website has been constantly under DDoS attacks. This new hard-fork which resulted into a derivative cryptocurrency of the popular Bitcoin, has been aimed for establishing a fair platform different from the Bitcoin network which is alleged to have been dominated by large companies. The existing bitcoin mining process requires high-end powerful computing hardware which is quite a lot expensive and certainly not affordable to ordinary miners. As a result the mining process is said to have got centralised into the hands of large companies. With Bitcoin Gold, the miners aim to democratise the mining process by bringing Bitcoin’s inherent value proposition of having a decentralised mode of operation. The first step of the Bitcoin Gold initiation was to take a “snapshot” of the bitcoin blockchain while creating a replica with new set of rules. Moreover, the BTG technical team has decided to release the cryptocurrency absolutely free for all those who are holding bitcoins at the time of fork. Soon after the process was initiated the BTG developer team had started reporting issues pertaining to DDoS attacks on the website. And even hours after the initiation process the attacks seem to have stopped nowhere denying enthusiasts to keep any track of the newly generated BTG cryptocurrency. Adding to the woes, the additional fact is that the new blockchain hasn’t turned public yet and the explorer and tracking tools have not been released yet. Owing to the controversial and divisive nature of cryptocurrency projects such as the Bitcoin Gold, the denial-of-service attacks have been a common phenomenon in occurrence. Jack Liao, LightningAsic CEO, who is said to be the brain behind the BTG’s creation has been quite vocal and critical about the existing mining process of Bitcoins targeting several companies which are profiting from the mining process. His open criticism could possibly be a reason for such attacks. However, in addition to this, there are other reasons attributed to the cause of criticism for Bitcoin Gold. Few developer channels are quite skeptical about BTG using a process in which the BTG will be privately created before being publicly available as an open-source project. Another cause of concern with the Bitcoin Gold is that it has not solved the risk of a “replay attack” which could possibly increase transaction complications when two completely incompatible version of the bitcoin blockchain will be unable to distinguish from each other. At the press time Bitcoin Gold (BTG) is trading at $262, according to the CoinMarketCap Index. The price of Bitcoin (BTC) took a slight hit after the hard fork, losing more than $300 of its all-time max value of  $6,000 per-coin. The Bitcoin Gold is still in the development process and we have yet to hear any official from its developer technical team regarding the future plans and its modus operandi. Source: https://www.coinspeaker.com/2017/10/24/ddos-attack-pulls-bitcoin-gold-website/

See the original article here:
DDoS Attack Pulls Down Bitcoin Gold Website