@DadSecurity creep responsible for DDoS… and swatting? Mumsnet founder Justine Roberts and another user were both targeted in swatting attacks at the apex of a series of hack attacks that may have led to the compromise of user logins at the high-profile, UK-based parenting site.…
Visit link:
Mumsnet founder ‘swatted by misogynist griefers’
A group callings itself @Dadsecurity claims it was responsible for the cyber and swatting attacks on the Mumsnet site Internet trolls have targeted the founder of the Mumsnet website launching a so-called ‘Swatting attack’, which resulted in armed police being called to her home. Justine Roberts, who set up the hugely influential parenting forum in 2000, claimed the site had to be temporarily shut down last week after a group calling itself @DadSecurity unleashed a cyberattack which overloaded its server. But then in a more sinister twist she said those responsible had made a malicious report to the Metropolitan Police, claiming an armed man had been seen prowling outside her home. As a result she claimed an armed police unit was scrambled to her address in the early hours of August 12. She alleged that the same thing had also happened to another Mumsnet user in which police were told gunshots had been fired at her home. Swatting attacks have become common in the United States, and take their name from the militarised Special Weapons and Tactics (SWAT) units called to deal with armed incidents. The Metropolitan Police said it was unable to provide details of the resources deployed in the incidents, but Ms Roberts, who is married to the Newsnight editor, Ian Katz, said it had left those on the receiving end “shaken up”. The group that claimed responsibility for the cyberattack used the Twitter account @DadSecurity, to brag about its actions, but the user has since been suspended. Describing what happened Ms Roberts wrote on the Mumsnet site: “On the night of Tuesday 11 August, Mumsnet came under attack from what’s known as a denial of service (DDoS) attack. “Our servers were bombarded with requests, which required our Internet service provider to massively increase server capacity to cope. “We were able to restore the site at 10am on Wednesday 12 August. Meanwhile a Twitter account, @DadSecurity, claimed responsibility, saying in various tweets, ‘Now is the start of something wonderful’, ‘RIP Mumsnet’, ‘Nothing will be normal anymore’ and ‘Our DDoS attacks are keeping you offline’.” But she said later that night they appeared to have taken one step further by making a malicious call to the police. She wrote: “An armed response team turned up at my house last week in the middle of the night, after reports of a gunman prowling around.” She explained that another Mumsnet user who challenged @DadSecurity on Twitter was warned to ‘prepare to be swatted by the best’ in a tweet that included a picture of a SWAT team. Ms Roberts wrote: “Police arrived at her house late at night following a report of gunshots. Needless to say, she and her young family were pretty shaken up. “It’s worth saying that we don’t believe these addresses were gained directly from any Mumsnet hack, as we don’t collect addresses. The police are investigating both instances.” Mumsnet is currently reviewing its online security and is asking all users to change their passwords in order to reduce the risk of any other hacks. Mumsnet has come in from criticism in the past from father’s groups, including Fathers4Justice, which claim it has an “anti-male agenda”. In 2012 Fathers4Justice launched a campaign which included a naked protest at companies that advertised with the website. Source: http://www.telegraph.co.uk/news/uknews/crime/11810790/Mumsnet-founder-targeted-in-Swatting-attack.html
Original post:
Mumsnet founder targeted in ‘Swatting attack’
By next spring, researchers are expected to unveil new tools enabling organizations like the Defense Department a rapid response to distributed denial-of-service attacks. The Pentagon has in mind a three-pronged counterattack against a decades-old form of cyber assault that continues to paralyze government and industry networks, despite its low cost of sometimes $10 a hit. Beginning next spring, military-funded researchers are scheduled to produce new tools that would quickly enable organizations to bounce back from so-called distributed denial-of-service attacks. A recovery rate of at most 10 seconds is the goal, according to the Defense Department. Today, attackers have a relatively easy time aiming bogus traffic at computer servers to knock them offline. One reason is that computer systems often are consolidated, making for a wide target area. Another weakness is the predictable behavior of systems that support Web services. And finally, certain types of DDoS attacks that evince little malicious traffic go undetected. Researchers chosen by the Defense Advanced Research Projects Agency will attempt to deny attackers such openings through a three-year program called Extreme DDoS Defense, according to Pentagon officials. The tentative start date is April 1, 2016. The stability of agency operations, banking, online gaming and many other daily activities are at stake here. A DDoS attack against Estonia in 2007 allegedly orchestrated by Russian-backed hackers downed government and industry Internet access nationwide for two weeks. More recently, crooks have begun offering Luddites DDoS-for-hire services at subscription rates of $10-$300 a month, according to journalist Brian Krebs. Lizard Squad, a major provider, allegedly was behind several persistent attacks on online gaming services Xbox and PlayStation. A string of 2011 cyber assaults against Wall Street banks, including Capital One and SunTrust Banks, was attributed to Iranian hackers. Just this month, at the annual Black Hat security conference in Las Vegas, Trend Micro researchers said they observed attackers trying to overpower systems in Washington that monitor the physical security ofgas pumps. Luckily, the devices were fake “honeypot” traps. “Responses to DDoS attacks are too slow and manually driven, with diagnosis and formulation of filtering rules often taking hours to formulate and instantiate. In contrast, military communication often demands that disruptions be limited to minutes or less,” DARPA officials said in an Aug. 14 announcement about the new program. The funding level for the project was not disclosed but multiple grants are expected to be awarded. Interested researchers must submit proposals by noon Oct. 13. XD3 will endeavor to thwart DDoS attacks by “dispersing cyber assets” in facilities and on networks, officials said. Currently, the problem is that cloud computing arrangements and other critical infrastructure systems “rely heavily on highly shared, centralized servers and data centers,” they added. The new tools also will try “disguising the characteristics and behaviors of those assets” to complicate the planning of DDoS launches, officials said. The trick with so-called “low-volume” DDoS attacks is they do not look like traffic overloads. The external computer messages seem benign but are actually exhausting a system’s memory or processors. One workaround here might be sharing information among systems that then can “decide collectively whether attacks have occurred, and/or to determine what mitigations might be most effective,” officials said. One group of XD3 researchers will be assigned to inspect the designs for unintended security holes. Anyone wanting to be a reviewer must hold a top-secret clearance, according to the contract rules. “The objective of design reviews is the proactive identification of weaknesses and vulnerabilities that would reduce the effectiveness of DDoS attack detection or mitigation,” officials said. The idea also is to “apprise performers of potential DDoS attack methods or features that they might not have considered.” Source: http://www.defenseone.com/ideas/2015/08/pentagon-wants-wage-war-denial-service-cyber-attacks/119196/
Read More:
The Pentagon Wants To Wage War on DDoS Cyber Attacks
We all know the damage that DDoS-for-hire services can inflict on websites and organizations behind them. What is less known is that a simple move like making PayPal seize the accounts through whic…
View the original here:
How to sabotage DDoS-for-hire services?
A million low end, pirate boxes still spewing malware relic. Three Dutch researchers have crunched data gleaned from efforts to battle the Conficker bot and declared anti-botnet initiatives all but useless for clean up efforts.…
More here:
Anti-botnet initiatives USELESS in sea of patch-hating pirates
The technology is vulnerable to exploit in launching a breed of DDoS attack which reflects and amplifies traffic. A flaw in BitTorrent clients can be exploited to allow single attackers to harness extra juice in launching DDoS attacks on a vast scale. At the USENIX conference in Washington, D.C., researchers from City University London unveiled ways that BitTorrent-based programs including uTorrent, Mainline and Vuze are vulnerable to distributed reflective denial-of-service (DRDoS) attacks. Specifically, cyberattackers can exploit protocols used by BitTorrent — a popular way of sharing large files online through peer-to-peer networking — to reflect and amplify traffic from other users in the system. In a paper dubbed “P2P File-Sharing in Hell: Exploiting BitTorrent Vulnerabilities to Launch Distributed Reflective DoS Attacks,” the research team says the protocol family used by BitTorrent — Micro Transport Protocol (uTP), Distributed Hash Table (DHT), Message Stream Encryption (MSE))and BitTorrent Sync (BTSync) — are all vulnerable to exploit. During testing, over 2.1 million IP addresses were crawled and 10,000 BitTorrent handshakes were analyzed within a P2P lab test environment. The City University London researchers were able to assault a third-party target through traffic amplified up to a factor of 50 times, and in case of BTSync, up 120 times the size of the original request. This means that a lone attacker could exploit the system to conduct attacks on websites and companies far more debilitating than their actual computational power. City University London DRDoS cyberattacks hook in slave machines to participate in distributed denial of service (DDoS) attacks without user consent or knowledge. Traffic requests sent from victim systems are redirected which sends additional traffic to the target. In turn, this can result in websites and online services unable to cope with a flood of requests, denying access to legitimate users and taking sites offline until the flow of traffic dissipates — all caused with fewer slave machines and without the cost of hiring out a botnet. The BitTorrent protocols do not include processes to prevent IP address spoofing, which means an attacker can use peer-discovery methods including trackers, DHT or Peer Exchange (PEX) to collect millions of possible amplifiers for their DRDoS attacks. The researchers said: “An attacker which initiates a DRDoS does not send the traffic directly to the victim; instead he/she sends it to amplifiers which reflect the traffic to the victim. The attacker does this by exploiting network protocols which are vulnerable to IP spoofing. A DRDoS attack results in a distributed attack which can be initiated by one or multiple attacker nodes.” In addition, “the most popular BitTorrent clients are the most vulnerable ones,” according to the team. In March, code repository GitHub suffered a debilitating DDoS attack, the largest in the website’s history which lasted for days. Believed to originate from China, the DDoS attack involved a wide combination of attack vectors, sophisticated techniques and the use of unsuspecting victim PCs to flood GitHub with traffic in order to push GitHub to remove content from anti-censorship organization Greatfire.org and publication the New York Times. Source: http://www.zdnet.com/article/bittorrent-exploits-allow-lone-attackers-to-launch-large-ddos-attacks/
Follow this link:
BitTorrent exploits allow lone hackers to launch large DDoS attacks
Malformed .MOV files can murder your movies Two Borg assimilators have discovered five denial of service vulnerabilities in Apple’s QuickTime.…
Read More:
Use QuickTime … and become part of the collective
El Reg and NewsThump also briefly vanished into the abyss Large chunks of the intertubes, including popular programmers’ hangout Stack Overflow, were blanked from view earlier this afternoon after a hiccup at cloud hosting and DDoS mitigation outfit Cloudflare.…
View post:
Cloudflare hiccup nudges Stack Overflow and others offline
Corbyn camp urges us to ‘get registering’ – we couldn’t agree more, Jeremy The intermineable registration process for voters for the new Labour Party leader’s election did not terminate this noon, as was planned, due to the party website dropping offline, following an effective, if accidental, DDoS attack from a flood of well-meaning visits generated by eager, if incredibly tardy, new supporters. The party website now informs visitors that “this morning we understand that some people have had problems trying to join or register as a supporter of the Labour Party. We are extending the deadline to join or register and be able to vote in the Leadership elections until 3pm.” If you are experiencing problems with the website, you can also register as a supporter with a £3 text. Text SUPPORT to 78555 and wait for a further text tomorrow on how to complete registration. According to the Guardian – which is live-Tweeting the event, now for another three hours – the party’s fear of entryists has resulted in “at least three of the camps” getting “in touch with each other to discuss their concerns about the running of the contest”. No accounts connected to Corbyn’s opponents have tweeted about the extension. Source: http://www.theregister.co.uk/2015/08/12/labour_party_wesbite_ddosd_by_mob_wanting_to_vote_for_new_leader/
Continue reading here:
Labour Party website DDoS’d by ruly democratic mob
Crims aim to cause just enough chaos to get in and out Hackers reportedly swamped Carphone Warehouse with junk traffic as a smokescreen, before breaking into systems and stealing the personal details of 2.4m customers .…
Read the article:
Hackers hid Carphone Warehouse breach with DDoS smokescreen – report