Category Archives: DDoS Vendors

US Officials Believe North Korea Was Involved In Sony Hacks

U.S. officials say they believe that North Korea’s government was involved in the large-scale hack of Sony servers, which led to the leak of troves of Sony data from emails to unreleased projects, according to the NYT. Federal cyber-security sources say that there is evidence indicating that the hack was routed through computers in Singapore, Thailand, Italy, Bolivia and Cyprus, ABC reports. While the hack resulted in a dump of Sony data, including email, confidential materials, and unreleased projects, it also specifically targeted The Interview , a movie featuring Seth Rogen and James Franco. The theory that North Korea was behind the attack was initially dismissed when North Korea publicly denied involvement, but official sources believe that the North Korean government was “centrally involved” in the attacks. The New York Times reports that officials aren’t going on the record, and are unsure whether or not the White House will publicly accuse Kim Jong Un and North Korea of the attack. The hackers’ methodology is highly reminiscent of tactics used by Anonymous — timed dumps of sensitive data, DDOS attacks, etc. — which have thus far clouded the investigation. The Interview , which depicts the assassination attempt of Kim Jong Un, was slotted to be released on Christmas Day until Sony was forced to pull the movie. Amid 9/11-referencing threats from the hacker organization, which called itself the Guardians of Peace, five of the major theater chains said they would not show the film, leading Sony to pull back entirely. Source: http://techcrunch.com/2014/12/17/us-officials-believe-north-korea-was-involved-in-sony-hacks/

Visit link:
US Officials Believe North Korea Was Involved In Sony Hacks

London teen pleads guilty to Spamhaus DDoS

Sentence will be passed in January next year A 17 year-old Londoner has pleaded guilty to a series of denial-of-service attacks against internet exchanges and the Spamhaus anti-spam service last year.…

See more here:
London teen pleads guilty to Spamhaus DDoS

London teen pleads guilty to SpamHaus DDoS attack

The London teen behind the massive denial-of-service attack (DDoS) on SpamHaus and Cloudflare has pleaded guilty. Technology blogger Brian Krebs reported over the weekend that 17-year-old Sean Nolan McDonough, also known by his hacker alias “Narko,” pleaded guilty on Dec. 10 to computer misuse and money laundering in connection with the attack. McDonough was arrested in September 2013 after he played a role in the March 19, 2013 DDoS attacks aimed at Spamhaus, a Dutch anti-spam group and international nonprofit. SpamHaus later moved its servers behind CloudFlare, which then pushed the attackers to devote their efforts toward the company’s network. The attack sent 85Gbps of traffic. The U.K. National Crime Agency told Krebs that, “court reporting restrictions are in place in respect to a juvenile offender, [and] as a consequence the NCA will not be releasing further detail.” Source: http://www.scmagazine.com/sean-nolan-mcdonough-narko-pleads-guilty/article/388387/

Read the article:
London teen pleads guilty to SpamHaus DDoS attack

Could Tor fall victim to a DDoS attack in 2015?

Tor users could be targeted by police next year as governments seek to combat crime and reduce political dissent, according to a researcher at the security firm Cloudmark. Andrew Conway claimed the anonymity network is “reasonably fragile”, with police able to unmask service providers by comparing traffic spikes, generated by distributed-denial-of-service (DDoS) attacks, from just a small number of endpoints. He added that the network was at risk of a complete shutdown if a government decided to launch a massive DDoS attack against it, which would overload the system with traffic. Conway said: “There are only a few thousand endpoints where Tor connects to the rest of the internet. Attacking those with a DDoS is well within the capability of many organisations and states.” “I think some oppressive regimes may decide that they have had enough of their dissidents using it and just want to shut the thing down, or some group in law enforcement may decide the same.” The security of Tor was called into question when the FBI arrested Blake ‘Defcon’ Benthall in November for his alleged work on the second iteration of Silk Road, an ecommerce site specialising in contraband that could only be accessed through Tor. Conway added that the police mole planted in the second Silk Road admin team was “probably” involved in the arrests that caused the first version’s collapse, and that he suspected they had used the DDoS and endpoint approach to monitor network traffic. Despite this, he said police are still unable to track down Tor user’s IP addresses, which would be necessary to identify those purchasing contraband online. “[Tor] still does give a level of anonymity for people looking for child pornography, but not if they are providing it,” he said. Source: http://www.cbronline.com/news/security/could-tor-fall-victim-to-a-ddos-attack-in-2015-4468576

Read the article:
Could Tor fall victim to a DDoS attack in 2015?

Image icon1.png

Channel mis-selling firewalls leads to DDoS attacks

The channel mis-selling firewalls to their customers as protection against DDoS (Distributed Denial of Service) attacks is partly to blame for the escalating number of attacks on enterprises. Dave Larson, CTO of Corero claims that tTraditional security solutions such as firewalls and IPS technology can’t handle the complexity of the modern DDoS attack – and even the more recent next generation firewalls can only provide a marginal benefit in fighting the attacks. Nevertheless, a survey conducted by Corero in 2013 had 40 percent of organisations stating they were relying on firewalls to protect them against DDoS attacks. “We see confusion in the market every day. DDoS protection vendors are fighting for mindshare with the end user community because there is still a vast misunderstanding about what DDoS is all about, and what it takes to eliminate the problem,” says Larson. “The problem is that firewall solutions are not well positioned to show the extent of the problem. Most organisations are shocked at the level and frequency of DDoS activity in their environment once they deploy a targeted in-line DDoS solution that is capable of exposing the threat.” He continues: “Proper DDoS protection is more than a ‘checkbox’ on a traditional security tool . Clicking the’DDoS on’ button on a firewall is not going to protect the business from the sophisticated and adaptive DDoS attacks that are taking down organisations, and distracting security teams from breach activity,” he explains. Larson concedes the channel is not deliberately advising customers to purchase the wrong protection, but “it is a matter of better education around why purpose built in-line appliance-based protection will allow their customers to properly defend against the modern DDoS attack landscape.” “There is no question that firewall technology is a tried and true security solution—a requirement for the majority of businesses. They key here is that that the channel can and should introduce dedicated DDoS protection as an additional layer to their overall security architecture. Implementing first line of defence technology to defeat DDoS at the very edge of the network allows all downstream technology infrastructure , like firewalls and intrusion prevention systems (IPS), to perform as intended. “There is a real opportunity for the channel to gain mind share , and ultimately revenue growth by understanding, and tapping into the DDoS market, this opportunity would complement the selling of traditional security solutions rather than replace them.” Source: http://www.channelpro.co.uk/news/8865/channel-mis-selling-firewalls-leads-to-ddos-attacks

View article:
Channel mis-selling firewalls leads to DDoS attacks

PTS calls for concerted action after TeliaSonera DDoS attack

Swedish postal and telecoms regulator PTS said it will call telecommunications operators to a meeting in January following two distributed denial of service (DDoS) attacks recently. TeliaSonera’s mobile and fixed internet traffic was affected on 09-10 December, but PT did not say when the other had taken place. The regulator said the latest offensives had even affected the operators’ infrastructure and critical systems, which is unusual. As such problems can hit any operator, PTS sees the need for a dialogue in the sector to identify what action can be taken to prevent any such problems in the future, and how operators and authorities can cooperate to mitigate the fall-out of an attack.   UPDATED: The high-profile hacking attack on Swedish internet giant Telia has been linked to a police raid on Pirate Bay, which experts say “provoked feelings” among hackers. UPDATED: The high-profile hacking attack on Swedish internet giant Telia has been linked to a police raid on Pirate Bay, which experts say “provoked feelings” among hackers. The attack has severely affected users of Telia’s online services with many struggling to get a steady connection on Friday. “It started just after 1 o’clock and seems to be the same kind of attack as before,” Henrik Johansson of Telia told the TT news agency. David Jacoby, chief researcher at data security firm Kaspersky Lab said the attack likely stems from a police raid earlier this week against the file-sharing Pirate Bay in Stockholm. Swedish cops briefly ground the site with its Swedish domain name before it come online again a few hours later with a different domain name. According to Jacoby the group that claims to be behind the Telia attack, Lizard Squad, is one of many underground groups involved in the anonymous Pirate Bay movement. “These attacks don’t come from nowhere. The Pirate Bay raid has provoked feelings in these groups,” Jacoby told the TT news agency. He added; “There will most likely be more similar attacks against film companies, games companies and public authorities,” he said. Twitter has already closed two accounts linked to the Lizard Squad in the wake of the attack. A previous attack over Tuesday and Wednesday also caused headaches for the company. A Telia spokesman told The Local at the time that the company had put “technical arrangements in place to ensure [an attack] won’t happen again”. Lateon Thursday, a well known hacking collective called Lizard Squad claimed responsibility for the attacks. It is understood that Lizard Squad was targeting gaming company Electronic Arts, which uses Telia for net connection. The group has a long history of carrying out DDOS attacks, which entails a website being bombarded with communication requests so that the servers become overloaded and the site crashes. The group has targeted XBox Live and the Playstation Network in the past, and even tweeted out a bomb threat to a plane carrying a Sony executive. Over five million Swedes use Telia to provide their home phones, TV and mobile services. The company is part-owned by the Swedish state. Sources: http://www.telecompaper.com/news/pts-calls-for-concerted-action-after-teliasonera-ddos-attack–1054899 http://www.thelocal.se/20141212/telia-hit-again-in-new-hacking-attack

See original article:
PTS calls for concerted action after TeliaSonera DDoS attack

Carbon Poker Crash and Possible DDoS Attacks Highlight Need for Legalization

Recent happenings at what was considered one of the more reliable and trustworthy offshore online poker rooms, Carbon Poker, is simply furthering the case for regulated online poker in the United States. Anyone calling for a ban of online gambling in the U.S. should pay particular attention to what has taken place at Carbon Poker over the past couple weeks, as these are the types of online poker operators that will survive a federal online gambling ban. If Sheldon Adelson gets his way, regulated sites like WSOP.com would be forced to shut down and sites like Carbon would continue to fill the void. In the past couple weeks the site experienced several significant problems that have left many players concerned about the safety of their accounts and their personal information, as well as with the overall integrity of the games at the site. Server crash leads to data breach The first issue occurred during one of the biggest tournament days in Carbon Poker’s history. On November 23, the Main Event of the Carbon Poker Online Poker Series, along with dozens of other tournaments at the site, were running when the Carbon Poker servers’ crashed, bringing everything to a screeching halt. Site-wide server crashes are rare, but they do happen. Unfortunately for Carbon, this was not a typical server crash, which is bad enough in its own right. According to multiple reports by poker players on social media sites and on the poker forums, the server crash not only caused widespread disconnections, but also caused hole cards to change mid-hand for players still able to log in and play, and even more worrisome, customers were inexplicably able to gain access to other players’ accounts when they tried to log back on to the site. Players reported that this first of its kind (to my knowledge) technical glitch, not only allowed them access to other Carbon Poker’s players accounts, but they were capable of gambling with those funds (including players that were active on the site when the servers crashed), as well as being able to see the accountholders sensitive personal information. A DDoS superuser? As concerning as the server crash and data breach were, things got even worse this weekend when, after several days of unexplained and consistent disconnect issues, widespread rumors began to take hold that targeted DDoS attacks were behind the ongoing technical issues, and were being used to win pots. Following pages of frustration over the ongoing disconnects, the DDoS rumors took hold with an out of left field (something that is not uncommon on 2+2) accusation: I found the hacker that is disconnecting the server. He builds big pots and once he min-raises he crashes the server and scoops the pot. His username is L4ss3m4jj4n. He did it to me a few times and took quite a bit from me at PLO. I then followed him and watched him do it to others. I emailed support so lets see what happens.” And from there it escalated: “Guys, I would normally say this is just somebody coming up with a wild conspiracy theory, but this is serious, everybody should open up this table, it’s table 24 in the $215/125k, something is super super fishy about the way L4ss3m4jj4n is playing, every disconnect has benefited him so far, it seems too obvious if you watch it for a few of the disconnects.” “second time i’m witnessing him betting in big pot and a disconnect taking place.” “Kh8s9d7h board he checks, phat1cat bets 1888 into 3750, l4ss3m4jj4n minraises to 3776 and disconnect.” In addition to the forum gossip, the potential DDoS superuser was also discussed/mentioned on social media by well-known poker players and poker commentators. Click here and also here. As the story began to unfold, over 100 players started monitoring this person’s play as it was being live-streamed on Twitch.com, and at the same time were furiously contacting Carbon Poker customer support en masse to have something done about the situation. You can read a good summary (for those that can’t handle 200 pages of 2+2 posts) of what took place at Carbon Poker/Merge Gaming here. It should be stated, that whether this was a concerted DDOS attack by some nefarious player(s), or if the sites are simply experiencing ongoing technical issues is unclear. What is clear is that unregulated sites make it much harder for players to be treated fairly and properly compensated when these things occur. It also shows the inability of players on unregulated sites to take their grievances to a regulatory body that oversees the site. The important takeaway is, if these types of issues are occurring at Carbon Poker, considered one of the top unregulated online poker sites still serving the U.S. market, what is happening at the other, more suspect, operators? Source: http://www.pokerupdate.com/news/networks-and-rooms/12083-carbon-poker-crash-and-possible-ddos-attacks-highlight-need-for-legalization/

See the original post:
Carbon Poker Crash and Possible DDoS Attacks Highlight Need for Legalization

Fort Lauderdale websites DDoSed after Anonymous threats over feeding ban

Turns out the whole thing was pointless anyway Municipal websites in Fort Lauderdale, Florida suffered a distributed denial of service attack on Monday after Anonymous promised to disrupt the city’s activities following the passing of local laws outlawing the feeding of homeless people.…

Taken from:
Fort Lauderdale websites DDoSed after Anonymous threats over feeding ban

The Conversation hit by DDoS Attack

Academia-meets-journalism website the Conversation was hit by a denial of service hacker attack this morning, preventing it from posting new articles or sending its daily email for around eight hours. The cyber attack was targeted at the site’s domain name server DNSimple and affected hundreds of sites across the world. It is believed to be related to the Cyber Monday sales which were going on in the US and UK at the time. In a note in today’s newsletter, sent at 2pm as opposed to the regular 6am, managing editor Misha Ketchell wrote: “Apologies for the long delay in sending today’s newsletter. Our website has been down since shortly after 6am thanks to a “denial of service” attack on our domain name server, DNSimple. “If that’s got you scratching your head, you’re not alone. A denial of service attack is easy enough to understand: it’s where malevolent hackers inundate a server with so many requests it ceases to function. “What’s confounding is why anyone would do something so pointless. In this case we think we’ve been caught up in a targeted attack to coincide with the Cyber Monday sales events in the US, as David Glance explains here. “For now the worst appears to be over and we are working on ways to ensure it doesn’t happen again. Thanks for your patience.” DNSimple is still currently experiencing issues across some of its domains due to the attacks, which are explained in more detail in a piece on The Conversation. Source: http://mumbrella.com.au/conversation-hit-denial-service-hackers-morning-265908

Link:
The Conversation hit by DDoS Attack

DDoS attack takes down X-Box Live, FBI warns businesses of new hacking threats

Cyber Monday appears to be a good time for cyber attacks. A group calling itself Lizard Squad said it has taken down Xbox Live. The outage started Monday night and has gamers complaining that they can’t access their systems. The group posted a message to Twitter Monday evening: Cyber Monday appears to be a good time for cyber attacks. A group calling itself Lizard Squad said it has taken down Xbox Live. The outage started Monday night and has gamers complaining that they can’t access their systems. The group posted a message to Twitter Monday evening: The group appears to have launched a DDOS (distributed denial-of-service attack), a fairly common way to take a site offline. Gaming sites said the Lizard Squad has been attacking gaming services for several months, including Play Station, Destiny and several EA games. The group made similar threats to bring the sites down at Christmas. Meanwhile, the FBI is warning businesses that hackers are using malicious software to launch a series of attacks on the U.S. Over the weekend, Sony Pictures Entertainment was hacked, resulting in five films, including the company’s new version of “Annie” being leaked online. The FBI sent out a confidential five-page memo to businesses Monday warning of the possibility of similar attacks, CNBC reported. The Sony attack is believed to have come from North Korea, which had threatened retribution for an upcoming film about its leader Kim John-un. North Korea has complainedthe film, “The Interview” – which includes a plot to assassinate the leader – was state-sponsored “terrorism.” North Korea has appealed to the United Nations to stop distribution of the film. The FBI is investigating the attack. Source: http://www.al.com/news/index.ssf/2014/12/ddos_attack_takes_down_x-box_l.html

Read More:
DDoS attack takes down X-Box Live, FBI warns businesses of new hacking threats