Category Archives: DDoS Vendors

‘Most sophisticated DDoS’ ever strikes Hong Kong democracy poll

Cloudflare claims tip-off allowed it to tip traffic into sinkholes One of the largest and most sophisticated distributed denial of service (DDOS) attacks has hit a controversial online democracy poll canvassing opinion on future Hong Kong elections.…

See the article here:
‘Most sophisticated DDoS’ ever strikes Hong Kong democracy poll

DDoS Attack Puts Code Spaces Out of Business

Days after Feedly and Evernote were briefly forced offline by hackers demanding a ransom payment, a code-hosting service was run out of business by a similar scheme. CodeSpaces.com closed its doors this week, following a security breach that began with a distributed denial-of-service (DDoS) attack, and ended 12 hours later after an attempt to extort money from the company. No stranger to DDoS attacks, Code Spaces thought it could handle the situation, but the situation quickly spiraled out of control. On Tuesday, an unauthorized person—not believed to be employed by the site—gained access to Code Spaces’s Amazon EC2 control panel. When the team fought back, the hacker deleted “most of our data, backups, machine configurations and offsite backups,” the company said. “Code Spaces will not be able to operate beyond this point,” an online notice said, citing the price of resolving the issue, as well as the expected cost of refunding paying customers. This week’s attack “will put Code Spaces in [an] irreversible position both financially and in terms of ongoing credibility.” “All that we have to say at this point is how sorry we are to both customers and to the people who make a living at Code Spaces for the chain of events that lead us here,” the company said. Users can expect more details once Code Spaces sorts out its customers’ needs. Those who have stored data on the site can email support@codespaces.com with an account URL, and if you’re lucky, some remaining crumbs will be returned. For more, watch PCMag Live in the video below, which the Code Spaces dilemma. It’s been a banner month for DDoS attacks: Evernote suffered a blow last week, but was back on its feet within a few hours. Feedly wasn’t so lucky, however. The RSS service was hit twice in two days, though the company promised user data remained safe. Similarly, Ancestry.com just recovered today from a three-day bout of DDoS, in which the site was overloaded with traffic and crashed. No user information was compromised. Source: http://www.pcmag.com/article2/0,2817,2459765,00.asp

Read More:
DDoS Attack Puts Code Spaces Out of Business

Code hosting Code Spaces destroyed by extortion hack attack

Cloud code hosting service Code Spaces is forced to shut down, as a DDoS attack coupled with an unsuccessful extortion attempt was followed by the attacker deleting most of its code repositories and b…

View original post here:
Code hosting Code Spaces destroyed by extortion hack attack

YOU’RE HISTORY: Ancestry.com goes titsup for TWO DAYS

Did dads storm site on Father’s Day? Some seem to think so The genealogy site Ancestry.com has been blasted off the internet after reportedly being hit by a DDoS attack.…

Read More:
YOU’RE HISTORY: Ancestry.com goes titsup for TWO DAYS

Five steps towards cyber breach preparation

Earlier this week, Domino’s Pizza became the latest victim of a breach and ransom demand. Recent DDoS attacks on Evernote and Feedly DDoS, along with the efforts of Cryptolocker and other tricks to ex…

Visit link:
Five steps towards cyber breach preparation

Image june-10-800x454.jpg

Hong Kong Voting Site Suffers DDoS Attack Before Civil Referendum

Just days before a citizen-led online referendum on voting rights, the technical platform that advocates had planned to use for the referendum suffered a massive DDoS attack. From June 20-22, citizens will be invited to vote on a referendum on constitutional reforms that would guarantee all citizens the right to vote in elections that determine who will be the city’s Chief Executive. To build a public consensus around a recent civil proposal on universal suffrage, the civic group “Occupy Central with Love and Peace” appointed the Public Opinion Programme at Hong Kong University and the Center for Social Policy Studies at the Hong Kong Polytechnic University to host the civil referendum on their servers. On June 13, 30 hours after HKU’s Public Opinion Programme (POP) tested their online system by accepting voter pre-registrations, the system endured the largest distributed denial of service attack in its history. Two of their hosting providers have since withdrawn their service for the project. The civil referendum has been criticized by pro-Beijing political groups, sparking controversy concerning channels for nomination. Many Hong Kongers feel that political party nomination and nomination by a nominating committee serve as a filtering mechanism for eliminating candidates who are undesirable for Beijing. According to a press release issued by HKU POP on June 16, the voting system is hosted by Amazon Web Services (AWS), Cloudflare and UDomain. All three web hosting services suffered from large scale DDoS attacks on June 14 and 15. AWS recorded 10 billion system requests with 20 hours, CloudFare recorded a 75Gb DDoS per second and UDomain 10Gb per second. As the scale of attack is tremendous, all three service providers were forced to temporarily suspend their services. An expert estimated that there could be at least 5,000 but possibly more than 10,000 computers involved in the attack. On June 16, Amazon decided to stop providing DNS hosting service to HKU POP and UDomain withdrew its security protection service. Cloudflare is now the only service provider to support the voting system. IT security expert Anthony Lai posted digital attack maps on his Facebook page, comparing the attack scale between June 10 and June 14 (see top), before and after HKU POP tested the voting system: Digital Attack Map on June 10. Destination Hong Kong. HKU POP is working on a solution to the voting system’s vulnerability. They are considering to using 125 telephone lines for voting, but this will not be able to accommodate the expected 70,000 votes in 12 hours. In 2012, the HKU POP was also attacked by DDoS when it hosted a mock universal suffrage poll for the chief executive election. Source: http://advocacy.globalvoicesonline.org/2014/06/17/hong-kong-voting-site-suffers-massive-ddos-attack-before-civil-referendum/

Read more here:
Hong Kong Voting Site Suffers DDoS Attack Before Civil Referendum

Feedly suffers second round of DDoS attacks after perpetrator tried to extort money

Update 7.26am PST (June 12) After initially giving the all-clear for business to resume, Feedly has announced that it’s currently suffering a second round of DDoS attacks. The company says in a blog post: “We are currently being targeted by a second DDoS attack and are working with our service providers to mitigate the issue. As with yesterday’s attack, your data is safe. We apologize for the inconvenience and will update this blog post as more information is available or the situation changes.” Update 3:40PM PT: Feedly has posted on its blog that it has neutralized the DDoS attack as of 3:07PM PT. “You should now be able to access your feedly from both feedly.com, mobile apps and third party applications. Our ops team is closely monitoring the situation in case the attacks resume. It might take a few hours for some of the 40 million feeds we poll to be fully updated. We would like to re-iterate that none of your data was compromised by this attack.” Original post below: If you’ve been having issues accessing your RSS feed via Feedly today, well, there’s a good reason for that. Feedly has announced that it’s currently suffering a DDoS (distributed denial-of-service) attack, with the perpetrator(s) attempting to garner money from the company to make it stop. “We refused to give in and are working with our network providers to mitigate the attack as best as we can,” explains Edwin Khodabakchian, founder and CEO of Feedly. Feedly is assuring its users that their data remains safe, and access will be restored once the “attack is mitigated.” Other companies have been affected by a DDoS too, as Feedly alludes to when it says “we are working in parallel with other victims of the same group and with law enforcement.” Just yesterday, Evernote reported it had been subjected to a similar attack, though it was quickly restored. It’s not clear whether this is directly related to the current attack on Feedly. We’ll update here when we receive any updates. Source: http://thenextweb.com/insider/2014/06/11/feedly-suffers-ddos-attack-perpetrator-tries-extort-money/

More here:
Feedly suffers second round of DDoS attacks after perpetrator tried to extort money

RSS Reader Feedly is Being Held Hostage By a DDOS Attack

Feedly, one of the most popular post-Google Reader RSS readers, has been unavailable for hours due to a denial of service attack against the site. According to a post on Feedly’s blog, whoever is perpetrating the attack is trying to extort money from the company, but it “refused to give in.” Feedly is currently working on infrastructure changes that will prevent this kind of thing from happening in the future. I have long been of the opinion that denial of service attacks – the process of flooding a website with so many requests for web pages that it essentially becomes overwhelmed and stops working – doesn’t really qualify as hacking. It doesn’t grant the person doing it with access to anyone’s data. In fact, it doesn’t really have any effect on the data at all. It’s more like a sit-in, effectively shutting down a business by blocking access. Don’t get me wrong, it’s a nuisance. If I were the owners of Feedly, I’d be apoplectic. But I think if no data is stolen or damaged, the punishments for these types of behaviors generally exceeds the seriousness of the crime. Extortion, on the other hand, is a different thing entirely. Here’s hoping Feedly is back on its feet soon. Source: http://www.onthemedia.org/story/rss-reader-feedly-being-held-hostage-ddos-attack/

Continue Reading:
RSS Reader Feedly is Being Held Hostage By a DDOS Attack

Evernote struck by DDoS attack

The popular online notes and web clippings saving service Evernote has suffered disruption after coming under cyberattack. The firm said it was hit by a distributed denial of service attack that began on Tuesday. Some members were temporarily unable to synchronise their filings from one device to another while it continued. The California-based company announced last month that it had more than 100 million users. Distributed denial of service (DDoS) attacks are caused by what can be thousands of computers sending huge amounts of data to a target’s servers in an effort to overwhelm them. This sometimes involves hijacked PCs – whose owners may be unaware of their involvement – in what is known as a botnet. This is not the first time the storage service has been compromised. In 2013 it said hackers had managed to access user names, email addresses and encrypted passwords. However, it appears that the latest cyber-assault is more limited. Spokeswoman Ronda Scott told the BBC that the cyber-assault, caused by an unknown perpetrator, began at 14:25 local time [22:25 BST] on Tuesday and had not yet ended. “We continue to mitigate the effects of the attack, but have successfully returned Evernote to service,” she added. “As is the nature of DDoS attacks, there was no data loss, and no accounts were compromised.” Source: http://www.bbc.com/news/technology-27790068

More:
Evernote struck by DDoS attack

Anonymous takes aim at World Cup sponsors

Hactivist group Anonymous has announced plans to launch a DDoS attack on the sponsors of the football World Cup, which opens in Brazil later this month. Reuters – interviewing Che Commodore, a masked member of Anonymous – says that preparations for the distributed denial of service attack are now under way. “We have a plan of attack. We have already conducted late-night tests to see which of the sites are more vulnerable – this time we are targeting the sponsors of the World Cup,” he said. The main sponsors of the World Cup include Adidas, Budweiser, Coca Cola and Emirates Airlines. Reuters quotes Che Commodore as claiming that a test attack earlier this week allowed Anonymous to break into the Brazilian Foreign Ministry’s server and access dozens of confidential documents, as well as steal several email accounts. The newswire adds that in response to the claims, a Foreign Ministry official told Reuters that 55 email accounts were accessed and the only documents that were obtained were attached to emails and those from the ministry’s internal document archive. Can Anonymous carry out its threat? Tim Keanini, CTO with Lancope, says that, regardless of threat profile, an event of this magnitude must have a heightened level of readiness to a physical or cyber security related event. “By the time a group like this makes a public announcement, much of the infiltration phase has already been done. These threat actors are smart and they don’t start to show their cards until they are well into the operational phase of their campaign,” he explained. Keanini said that events like the World Cup require hundreds of interconnected businesses and every one of those businesses need to be prepared. “If your business is connected to the Internet you should be prepared for cyber security events because it is likely to have already happened, you just don’t have the tools and technique to detect it,” he noted. Sean Power, security operations manager with DOSarrest, meanwhile, said that Anonymous is a face that any hacktivist can masquerade behind. “The composition of a team from one OP to the next will vary greatly – with a predictable effect on the sophistication of the attack. That being said, under normal operation any event as much in the public eye should be wary of DoS attacks, if threats have already been levied, that concern should be increased, not dismissed out of hand,” he explained. Ryan Dewhurst, a senior engineer and web security specialist with RandomStorm, told SCMagazineUK.com that Anonymous has already stated that they used targeted phishing emails to install malware on victim’s machines and gain access to government documents. “I believe they will use a mixture of both sophisticated and non-sophisticated attacks. However, they have also stated that they will be carrying out Distributed Denial of Service (DDoS) attacks against the World Cup sponsors,” he said. “Anonymous’ DDoS attacks, in the past, have worked by getting many Anonymous members to run software, most likely their infamous Low Orbit Ion Cannon (LOIC) tool, which attempts to flood their target with an overwhelming amount of traffic. The LOIC tool is most likely being run by the majority of the group members who have less technical skill, whereas the more sophisticated attacks are most likely carried out by the most skilled members of the group which would be fewer in number,” he added. Dewhurst says that Anonymous – if indeed it is this group and not another group of hacktivists using its name – are always going to go for the easiest targets, as these are also the least risky for them to attack, while still achieving their goals. “If their less risky methods are unsuccessful they will begin to increase the sophistication of the attack, however this also increases the risk of them eventually being caught,” he explained. David Howorth, Alert Logic’s vice president, say there are lessons that can be learned from Anonymous’ latest campaign, which means that companies should review their security practices assuming an attack could take place. IT security professionals, he advises, must be vigilant and ensure that all employees are aware of the company’s internal security policy and best practices, practice good password security, as well as making sure that all systems and applications are up-to-date and patched. “Make sure you have expertise that can monitor, correlate and analyse the security threats to your network and applications across your on-premise and cloud infrastructure 24×7 for continuous protection – this should be done now, as the hackers are already testing the vulnerabilities in the infrastructure in preparation for their attacks,” he went on to say. Source: http://www.scmagazineuk.com/anonymous-takes-aim-at-world-cup-sponsors/article/349934/

Read the article:
Anonymous takes aim at World Cup sponsors