Mt.Gox, the world's largest bitcoin exchange, has been downed earlier today by what appears to be a “strong DDoS attack”. “We are working hard to overcome it and will update when possible. It's c…
View post:
World's largest bitcoin exchange under DDoS attack
Distributed Denial of Service (DDoS) attacks are a widespread problem in the iGaming industry with hackers betting that they can make money from online gambling merchants by threatening to take down t…
Originally posted here:
The age of information highway robbery
Virtual currency in real trouble Bitcoin exchange Mt.Gox has been attacked and its servers briefly taken offline.…
See more here:
DDOS strikes BitCoin exchange Mt.Gox
The challenge with DDoS attacks like the one that hit Reddit is separating malicious traffic from legitimate, said security analyst Alex Horan. “If you wait until the traffic hits your site to make that distinction, it is too late. You are wasting processing time and bandwidth making that determination,” he said. Reddit got a black eye this week after being hit with a distributed denial of service (DDoS) attack Friday morning. The attacks left the site dark for a while and with spotty service well into the afternoon. “Having some technical difficulties right now. We’ll be back ASAP,” the @redditstatus Twitter feed reported before sunrise on the East Coast Friday morning. About 6:30 a.m., the site noted it was “working on mitigating a malicious DDoS attack.” Within 30 minutes, the site seemed to be up and running again but some of the functions were still hurting from the fallout. The Whys and Hows Alex Horan, senior product manager at Core Security, said the important point about DDoS is the initial ‘D’ for Distributed. In other words, Reddit could not easily distinguish between legitimate traffic and attack traffic. “If you wait until the traffic hits your site to make that distinction, it is too late. You are wasting processing time and bandwidth making that determination,” he said. “You need to work with the downstream Internet providers to make that distinction as close to the source of each of the nodes participating in the attack and drop the traffic there. This, in theory, could make the whole Internet faster, as less of this malicious traffic would make it to the shared information superhighway.” Horan said understanding the motive of the attackers is useful for the general community. Of course, he added, consumers shouldn’t necessarily change our behavior because of the threat of a DDoS. “It is important to learn the whys and the hows of these attacks and attackers so we can better anticipate what actions might provoke them,” he said, “so we can be forewarned — and technically what actions they will take so we can apply the right defenses — be forearmed.” Sending a Message? Richard Westmoreland, lead security analyst for the Security Operations Group at SilverSky, said DDoS attacks are normally launched to send some form of a message and can vary greatly in terms of their sophistication. “It has been widely speculated in federal circles that due to the sheer mass and complexity of these recent attacks that they are the result of an escalating cyber war with Iran. DDoS attacks have become the preferred and paid weapon for many politically motivated groups,” Westmoreland said. “This is both a scary and positive aspect to these types of attacks. The negatives are that they are perpetrated by professionals who have the skills and resources to effectively launch these attacks, and there is little that can be done to stop them. The consolation is that these attacks are generally shorter in duration before moving on to other targets.” For protection against your eCommerce site click here . Source: http://www.sci-tech-today.com/news/Reddit-Is-Targeted-with-a-DDoS-Attack/story.xhtml?story_id=10300BI2ZXIA&full_skip=1
View original post here:
Reddit Is Targeted with a DDoS Attack
Cyber attacks have become an alarming problem in recent months. Threats from China have been the main concern in America, but now a new type of hacker has surfaced. A group of Islamic internet hackers launched a distributed denial of service attack on the American Express website, temporarily shutting down the site for a few hours. As expected, this did not go over well with American Express cardholders. In a DDOS attack, site visitors are infected with a Trojan virus that redirects them to a site of the creator’s choice. Once a certain number of people visit that target site, the original site shuts down. The hackers were able to make this work successfully, but American Express’s security team quickly corrected the problem. Nevertheless, it shows how vulnerable American business is right now to Internet hackers. The hackers claimed that much of their motivation came from the YouTube video, Innocence of Muslims. Since its publication, that video has enraged the Islamic community and fueled their hatred of Americans. The cyber hackers vowed to continue their efforts until it was removed from the internet. The original video was in English, but there are now versions in Arabic, French, Spanish and other languages. It has been blocked in Indonesia, Saudi Arabia, Egypt and other Muslim states. The video was actually removed once before because of a slew of hate mail going towards the original uploader. It was re-posted shortly thereafter and has since received close to two million views. American Express is now taking extra precautions to ensure that similar events do not happen in the future. Source: http://www.lowcards.com/amex-website-hacked-islamic-attackers-11690
Read the original:
Amex Website Victim of DDoS Attack
The largest bitcoin exchange said Thursday it is fighting an intense distributed denial-of-service attack it believes is intended at manipulating the price of virtual currency, which has seen volatile price swings in the past few days. Mt. Gox, which is based in Tokyo, said the attacks have caused its worst trading lags ever and caused error pages to be displayed to traders, according to a post on Facebook. By its own calculation, 80 percent of the bitcoin trades in U.S. dollars are executed on Mt. Gox’s trading platform and 70 percent of all trades in other currencies. The lag of six or seven seconds before a trade is executed “is not acceptable,” said Gonzague Gay-Bouchery, marketing for Mt. Gox, in a phone interview. But he cautioned that Mt. Gox’s trading platform isn’t like those of the New York Stock Exchange or the Nasdaq. The price surge, which saw bitcoin hit as much as US$142 per coin on Wednesday, has caused malicious opportunists to try and game the system, according to Mt. Gox. Attackers have waited until bitcoin’s price hits a high, sell their bitcoins and then start a DDoS attack that destabilizes the exchange. They hope bitcoin holders will panic and sell, causing the price to drop. The attackers can then buy the cheaper bitcoins and try the attack again when the price floats higher. The latest DDoS attack started last night Japan time and intensified around 5 a.m. this morning, Gay-Bouchery said. Mt. Gox uses a Florida-based security vendor, Prolexic, to fend off attacks, but “they have been slower than usual to catch what happened,” he said. Gay-Bouchery said he wasn’t sure when the attacks would subside. He warned bitcoin traders not to panic or invest more money than they’re willing to lose. Traders should also use Mt. Gox’s options for two-factor authentication in order to prevent their accounts from being hacked. Mt. Gox is in the midst of a major technical overhaul of its exchange. Gay-Bouchery said Mt. Gox is rebuilding its trading platform from the ground up. The system is in testing now, but Mt. Gox hopes to have it live by the end of the year. “It takes a lot of time to make something bulletproof,” he said. “We cannot release something half-baked.” The trading platform will be separated from the front-end website, which will make it immune from the problems it has faced in the last few days, he said. Mt. Gox doesn’t release much information on its systems in order not to tip off hackers. Mt. Gox has seen a surge in people applying to trade on its platform. In 2012, between 9,000 to 11,000 people signed up per month, Gay-Bouchery said. In January, those numbers doubled, and in February, the numbers tripled. The exchange saw more than 60,000 people sign up in March, which has caused delays in verifying accounts. Mt. Gox will raise trading limits if people supply identification to comply with anti-money laundering rules. The exchange is also working with external companies to streamline the verification process and beefed up its internal account verification team to more than 20 people. “I really would like to stress that people trust us with a lot of money right now,” Gay-Bouchery said. “We want to do everything by the book. We may appear slow in many respects but we are taking our time to do it right.” For DDoS protection click here . Source: http://www.networkworld.com/news/2013/040413-mt-gox-under-largest-ddos-268385.html?page=1
See the article here:
Mt. Gox under largest DDoS attack as bitcoin price surges
Lurking in the shadows for nearly a decade, DoS and DDoS attacks are making a resurgence. Several high-profile assaults on the world's leading financial firms and other industries have recently been e…
Read More:
DoS attacks expose enterprise infrastructure vulnerabilities
Crooks blasting public-safety phone lines with calls The US Department of Homeland Security (DHS) has cautioned public-safety call centers against the rise of so-called telephony denial of service (TDoS) attacks, which it says have the potential to cripple local telephone exchanges.…
Read the article:
Call centers under attack in targeted cyber-blackmail scheme
American Express confirms it was hit by a distributed-denial-of-service attack that disrupted online-account access for about two hours during the late afternoon on March 28. AmEx spokeswoman Amelia Woltering says the card brand is still investigating the attack. She did not confirm whether the strike was linked to Izz ad-Din al-Qassam Cyber Fighters, the hacktivist group that’s been targeting U.S. banking institutions since mid-September. But that group claims credit for this attack, as well as an unconfirmed attack against Bank of America, according to updates posted to a blog and on Twitter March 28. “The Bank of America and American Express have gotten out of reach today due to Izz ad-Din al-Qassam group’s attacks,” the blog posting says. “The Qassam group’s attacks to these banks have caused the banks to be unable to offer service to their customers and this [will] lead to their protests.” The attack began about 3 p.m. ET on March 28, Woltering says, and caused intermittent disruptions. She says there is no evidence to suggest that customer data or account information was exposed or compromised during the attack. “Our site experienced a distributed-denial-of-service (DDoS) attack for about two hours on Thursday afternoon,” AmEx says in a statement. “We experienced intermittent slowing on our website that would have disrupted customers’ ability to access their account information. We had a plan in place to defend against a potential attack and have taken steps to minimize ongoing customer impact.” Big Week for DDoS The attack comes just days after news of the Spamhaus DDoS attack , which caused a ripple effect that adversely affected online activity. That attack saw unprecedented traffic of 300 gigabytes per second, three to five times greater than the biggest attacks against U.S. banks, says Dan Holden, an online security expert for DDoS-mitigation provider Arbor Networks. Still, the European attack – a strike against The Spamhaus Project , a Geneva-based not-for-profit organization dedicated to fighting Internet spam operations – is not believed to be related to the attacks on U.S. banks. “The DNS reflection attacks [like the one used against Spamhaus] can consume a great deal of bandwidth, but they are different than what we’ve seen against the banks,” Holden says. “These guys would not be able to do the sophisticated, targeted attacks that are being launched against U.S. banks.” The attacks against U.S. banks, experts say, are much more complex and sophisticated, and their intensity has escalated in the last week. Earlier this week, TD Bank and Keybank confirmed their online banking sites had been hit by DDoS attacks, and industry experts say hacktivists’ attacks waged during this so-called third campaign are becoming increasingly sophisticated. Izz ad-Din al-Qassam Cyber Fighters, the hacktivist group taking credit for attacks against U.S. banking institutions, in an update posted to the online forum Pastebin on March 26, says it most recently targeted BB&T, PNC Financial Services Group, JPMorgan Chase & Co., Citibank, U.S. Bancorp, SunTrust Banks, Fifth Third Bancorp, Wells Fargo & Co., and others. Since Feb. 25, when the group launched its third phase of DDoS attacks , weekly updates have appeared on Pastebin on Mondays and Tuesdays about previous-week targets. The hacktivist group says its attacks are in protest of a YouTube movie trailer deemed offensive to Muslims. For DDoS protection click here . Source: http://www.bankinfosecurity.com/ddos-strikes-american-express-a-5645
Read this article:
DDoS Attack Strikes American Express site
The DDoS attacks mounted against Spamhaus over a week ago have escalated in the last few days, reaching a never previously experienced level of some 300 gigabits per second at peak hours, says Akamai.
Read More:
Massive DDoS attack targets Spamhaus