Category Archives: Security Websies

The Dirty hit by DDoS attack

The FBI is on the hunt for hackers who shutdown Nik Richie ‘s website The Dirty … and the reality star tells us he’s hemorrhaging money. The Dirty has been down for weeks after a team of hackers began hitting the site with a DDoS attack — which basically floods a server with so many requests it shuts down. Nik tells us he contacted FBI investigators and they’re on the case. Richie says he’s lost $250-300K this month alone in Super Bowl ads he couldn’t deliver. He’s also losing out because of cancelled appearances because he promotes them on his site. Nik is blunt … “These hackers are hypocrites. My website promotes free speech. F****** losers.” Source: http://www.tmz.com/2015/01/20/the-dirty-hacked-nik-richie-fbi-investigation-ddos-attack/

Continue Reading:
The Dirty hit by DDoS attack

French DDoS attacks spike after terror protest

The firm leveraged its Arbor Atlas initiative, which receives anonymised internet traffic and DDoS event data from 330 internet service providers (ISPs) worldwide, to view events in France in the days after the protest, which was in response to the Charlie Hebdo shootings that left 20 people dead. The magazine was targeted by ISIS sympathisers and others unhappy with the satirical magazine’s ridiculing of Islam, including its depiction of the Prophet Muhammed. The publication also satirised other religions. Comparing the DDoS attacks between January 3-10 and 11-18, the US security firm found that there were 1,342 unique attacks – an average of 708 attacks a day – during the two week period. However, the firm noted in a recent blog post that the number of DDoS attacks after the march rose by 26 percent with the average size of DDoS attack growing 35 percent. In the eight days prior to the attack, the average size was 1.21Gbps but this later increased to 1.64Gbps. The vast majority of these DDoS attacks were low-level although the number of attacks larger than 5Gbps did double in the days after the protest. Arbor reports that one attack measured as high as 63.2 Gbps on January 11. “This is yet another striking example of significant online attacks paralleling real-world geopolitical events, wrote Arbor’s threat intelligence and response manager Kirk Soluk. Speaking to SC after it first emerged that ‘thousands’ of French websites were facing cyber-attacks, Corero Network Security CEO Ashley Stephenson said that DDoS attacks were increasingly being used as an attack tool during international conflicts. “Whatever the motivation – cyber-terrorism, retaliation, religious incitement, radicalisation… It is clear that modern conflicts will be fought in the cyber-world as well as the real world,” he said via email. “The internet should be better protected against all of these associated cyber-threats. Increasingly we are seeing DDoS used as a tool in and around these conflicts and we should be prepared to institute increased cyber-security to protect this vital resource.” Last week, Admiral Arnaud Coustilliere, head of cyber-defence at the French military, said that about 19,000 French websites had faced cyber-attacks in the days after the shootings, although one source closely connected with the clean-up operation for some of these sites later told SC that hacking groups from Tunisia, Syria, Morocco, the Middle East and Africa had largely ignored DDoS as an attack vector because such attacks “didn’t work”. Instead, Gérôme Billois, senior manager of Solucom, said that these groups – also believed to often be ISIS sympathisers – had looked to scan thousands of websites to identify and exploit common WordPress, Joomla and other content management system (CMS) vulnerabilities. Source: http://www.scmagazineuk.com/french-ddos-attacks-spike-after-terror-protest/article/393796/

Read this article:
French DDoS attacks spike after terror protest

City of Fort Lauderdale Spends $430,000 on Cyber Security After DDoS Attack from Anonymous

After getting hacked by cyber activist group Anonymous last month for its homeless laws, the City of Fort Lauderdale beefed-up its cyber security network with a hefty $430,000 worth of improvements. But city officials say it wasn’t the Anonymous attack that made them spend almost half a million dollars on computer upgrades – they were planning on doing it anyways. Back on December 1, hacktivists attacked the city’s main website – fortlauderdale.gov – and the Fort Lauderdale PD’s website – flpd.org – with a distributed denial-of-service (DDoS) hack, which bombarded the websites with so much traffic that they had to shut down. The attack only lasted a few hours, however, and the sites were back up by evening.   In a video warning of the attack, a masked hacker wearing the Guy Fawkes mask that has become synonymous with Anonymous demanded that the city drop the three controversial ordinances in the next 24 hours. “It has come to our attention that Mayor John P. Seiler has become an embarrassment to the good law-abiding citizens of Fort Lauderdale,” the hacker says. “You should have expected us, Mayor John Seiler.” City officials hope the new upgrades will be able to prevent this and other types of attacks in the future. But Seiler is quick to point out that these plans were in the works before a group of hackers in plastic masks made good on a threat to shut down an entire city’s web presence if laws against feeding homeless people weren’t struck down. “Certainly, Anonymous probably expedited the work that needed to be done and probably exposed some areas that needed to be addressed,” Seiler tells the Sun-Sentinel . “I wouldn’t say that [the expense] was all tied to Anonymous in any way, shape, or form.” The vast majority of Fort Lauderdale’s computer upgrade bill is going for consulting and oversight. From the Sentinel : City manager Lee Feldman broke down the emergency expenses: $366,989 for specialized security consulting and oversight services; $45,398 for software licenses to manage and control computer activities; and $17,907 for hardware to strenghten the computer infrastructure. The City of Fort Lauderdale is just one of the latest victims of Anonymous’ DDoS attacks. Past victims include credit card giants Visa and Mastercard, as well as online payment system Paypal, which lost almost $6 million in 2010. The reason for the hack was because Visa, Mastercard, and Paypal decided to stop allowing people to donate to Wikileaks via its systems. Two of the three hackers, who are from the United Kingdom, were caught and sentenced to prison terms of seven months and eighteen months. And Fort Lauderdale isn’t the first city to be targeted by Anonymous DDoS attacks, either. That distinction is shared with Albuquerque’s police department, whose website was crashed in March, 2014 in retaliation for the police-killing of James Boyd, an unarmed, mentally ill homeless man who was shot to death. Source: http://blogs.browardpalmbeach.com/pulp/2015/01/city_of_fort_lauderdale_spends_430000_on_cyber_security_after_hacktivst_group_anonymous_attack.php

View article:
City of Fort Lauderdale Spends $430,000 on Cyber Security After DDoS Attack from Anonymous

LizardSquad’s DDoS tool falls prey to hack, exposes complete customer database

If you conceive a fire, you better prepare yourself to stray away from its flames. Maybe LizardSquad failed to learn this elementary lesson and underestimated the consequences that a rising popularity brings along. LizardSquad, the hacker group that earned its fame from Playstation and XBox web portals hack, last month mentioned the intentions behind its notorious activities saying that it just wanted to catch a little attention for its tool dubbed “Lizard Stresser”. Lizard Stresser is a tool developed by Lizard Squad which holds the potential to execute similar DDoS attacks that the group made on PlayStation and Xbox websites. Now reports have surfaced that the tool that was supposed to hack other websites, has fallen prey to a powerful attack, revealing all of the customer’s information who registered themselves to get access to the tool. Well, Lizard Squad isn’t the only player in this arena, that’s evident. A copy of the Lizard Stresser customer database obtained by KrebsOnSecurity says that it has more than 14,241 registered users during its first month of operation. Another interesting fact noticed from the hack and the leak is that Lizard Squad saved all registered usernames and passwords were in plain text. The registered clients are now under a potential threat as much as the sites they paid to take down. Their identities are not a secret anymore. Source: http://thetechportal.in/2015/01/18/lizardsquads-ddos-tool-falls-prey-hack-exposes-complete-customer-database/

Read this article:
LizardSquad’s DDoS tool falls prey to hack, exposes complete customer database

19,000 French websites hit by DDoS, defaced in wake of terror attack

Since the three day terror attack that started in France on January 7 with the attack on satirical newspaper Charlie Hebdo, 19,000 websites of French-based companies have been targeted by cyber attack…

Taken from:
19,000 French websites hit by DDoS, defaced in wake of terror attack

Anonymous launching DDoS attack against the Montreal Police for Their Treatment of Homeless People #OpSafeWinterMTL

Members of the hacktivist collective Anonymous have launched new protests in reaction to the dismantling of a homeless camp at Viger Square in downtown Montreal as part of a project they started last year dubbed #OpSafeWinterMTL. The group has executed one distributed denial of service (DDoS) attack against the Service de Police de la Ville de Montréal (SPVM) and occupied the square for a short time; members are calling for a permanent moratorium on police winter raids of homeless encampments. On January 7, without warning and in the middle of a cold snap—temperatures had dropped under -22 degrees Fahrenheit during the night—city crews bulldozed the encampment while SPVM officers watched. Last week, in an interview with the CBC, Montreal police spokesman Laurent Gingras argued that it’s a matter “of cleanliness, of public health,” and that the City had mostly collected garbage and soiled needles. “There was some good stuff in there,” said Jacques, 49, who returned to Viger Square on Monday after camping at the site for about three months. CBC’s footage from the dismantling clearly shows bulldozers piling up mattresses, blankets, pillows and sleeping bags. “This is all they have,” an Anonymous activist told VICE, outraged at how the Montreal government destroyed and confiscated all their belongings—including winter gear provided by Op Safe Winter Montreal activists on December 23. “This has nothing to do with public health, it has to do with aesthetics,” the activist said. “What’s actually a hazard is still on the floor,” They pointing out that used syringes were still lying around in a corner of the destroyed encampment site. The encampment is located in the lower downtown area, right across the street from the new Centre Hospitalier Universitaire de Montréal (CHUM) construction site and half a kilometer from City Hall and the tourist-friendly Old Montreal—leading some to believe that the camp’s removal had more to do with optics than public health and safety. Brutally removing the homeless population is nothing less than “an act of war against the poorest of the poor,” the activist told VICE. “The encampment was tolerated for a long time,” another Anonymous activist added, saying there was no reason to dismantle it in the middle of winter. SPVM Commander Vincent Richer insisted, however, that “the interventions that were made, in the context of extreme cold weather, were made with regards to the safety and health of homeless people.” He also noted that interventions with homeless people were made in partnership with health services and with the Old Brewery Mission, and that the material the city bulldozed was soiled and caught in the ice. In response to the city’s raid on the Viger Square homeless encampment, Anonymous launched a call for an occupation of the site and threatened the city of Montreal with attacks on its cyber infrastructure. “Anonymous will not stand by and allow the SPVM (Montreal police) and the City of Montreal to attack homeless camps in the middle of winter,” the hacktivist group stated in a January 11 press release. “We love this camp,” said one #OpSafeWinterMTL activist. “We want to help. We’ve got people ready to build a kitchen,” the other added. Two SPVM officers came by early Monday afternoon and took down all the signs that had been put up around the square. They told the activists that the occupation would not be tolerated. “Encampments have always been forbidden,” an officer named Fradette told both activists before she and her partner went to check out the site where homeless people had already started setting up a new camp. When the activists were told they would be evicted by nightfall, Anonymous launched a DDoS attack on the SPVM’s website, and successfully brought it down just before 5 PM. In recent years, Montreal police have been criticized for their questionable handling of the homeless population. A year ago an SPVM officer was caught on video threatening to tie a homeless man to a pole in the biting cold of January. A 2012 study showed that homeless people counted for 25 percent of all tickets gave out by the SPVM in 2010—a 7 percent increase from 2006. At Viger Square, Jacques told VICE, “Every week we get harassed by police… That’s not right.” SPVM officers have also been involved in the killing of several homeless men in mental health crises. A public coroner’s inquiry was launched this week into the shooting of Alain Magloire, who was gunned down on February 3, 2014, just a few blocks north of Viger Square. With an estimated homeless population of around 30,000, the homelessness crisis in Montreal is serious. In an attempt to alleviate the problem, last fall the city adopted an action plan on homelessness, which includes “reinforcing the exercise of citizenship.” “Raiding encampments and destroying precious cold weather gear belonging to the homeless is an act of war against the poorest of the poor,” Anonymous declared in its statement on Sunday, accusing Montreal of neglecting the needs most vulnerable population. The action plan adopted in September 2014 does involve creating a position of “homeless people’s protector” who would engage in regular consultation with homeless people and launch public consultations into issues of social profiling by the SPVM. But the watchdog for homeless people’s rights has yet to be appointed—and apparently Anonymous is attempting to step into that role instead. Source: http://www.vice.com/read/anonymous-has-targeted-montreal-police-for-their-treatment-of-the-homeless-283

See original article:
Anonymous launching DDoS attack against the Montreal Police for Their Treatment of Homeless People #OpSafeWinterMTL

LizardSquad's DDoS service is powered by hacked home routers

When the Sony Playstation and Microsoft Xbox Live gaming networks went down over Christmas and were kept offline for several days afterwards, the hacker collective that calls themselves LizardSquad to…

View the original here:
LizardSquad's DDoS service is powered by hacked home routers

German government sites faced DDoS attacks

A German official says Chancellor Angela Merkel’s website and several other German government sites have been blocked, and a pro-Russian organization has claimed responsibility. A pro-Russian organization calling itself CyberBerkut claimed on its website Wednesday to have blocked the official sites of Merkel and the German Parliament ahead of a visit to Berlin by Ukrainian Prime Minister Arseniy Yatsenyuk. Merkel has been a leading figure in attempts to calm the Ukraine crisis. Merkel spokesman Steffen Seibert said several government websites were unreachable Wednesday morning because of a “serious attack clearly caused by a multitude of external systems” — what is known as a distributed denial of service, or DDoS, attack. Seibert says the attack is still being analyzed, and he did not say who was believed to be responsible. Source: http://www.nytimes.com/aponline/2015/01/07/world/europe/ap-eu-germany-merkel-cyberattack.html?_r=0

Read More:
German government sites faced DDoS attacks

Scandinavian banks hit with DDoS attacks

The new year started poorly for Finnish bank OP Pohjola Group and its customers: the latter have been prevented from executing their online banking transactions by a DDoS attack that targeted the bank’s online services starting on the last day of 2014. “OP’s services experienced some problems on New Year’s Eve due to data communications disruptions. The disruptions were caused by a denial-of-services attack. The attack flooded OP’s data communications systems and prevented customers’ banking. During the disruption, online services were not available and cash withdrawals could not be made from ATMs. There were also some difficulties in card payments,” the bank shared on the second day of the attack. “The disruption was detected at about 16.30 on New Year’s Eve. The services started to function again at times and were completely restored and available to customers after midnight. Nevertheless, further disruptions are possible as the corrective measures are still ongoing and the security level of data traffic has been raised for the time being. Customers abroad may still have difficulties in logging in to OP’s online services.” The attack is still ongoing, and OP’s services were not the only target. The Finnish division of the Nordea bank and the Danish Danske Bank have also experienced online service slow-down or disruption. While the latter is yet to comment on the matter, Nordea has confirmed they have been targeted by unknown DDoS attackers and have called in the police to investigate. The cause of the attack is still unknown, they said. Nordea’s customers were still able to use the online banking service, but the service was slowed down. OP Pohjola Group’s customers, on the other hand, were unable to use the service altogether for many hours during the last six days, as the bank managed to restore it occasionally. They, along with its service company Tieto, are cooperating with the authorities and investigating the attack. In the meantime, the bank has set up a telephone service number that can be used by customers who cannot access their online services and have urgent banking business. They have also pledged to compensate customers for any fees they many have incurred and losses they may have suffered as a result of their inability to access the bank’s online services during the attack. Source: http://www.net-security.org/secworld.php?id=17785

Read this article:
Scandinavian banks hit with DDoS attacks