The Toronto Police Service website went down on Sunday evening after a Twitter user threatened to hack it. According to police, the site was the subject of a Distributed Denial of Service (DDoS) attack. Twitter user @AerithTOR claimed responsibility for the attack on the social networking site. A DDoS attack floods a website with several requests and if the website’s server cannot handle the volume of requests, the website crashes. @AerithTOR also suggested that they would be targeting the Conservative Party of Canada and Parliament of Canada websites. Both sites were online Sunday night. The Ottawa Police Service and Supreme Court of Canada websites went down on Saturday evening. The Ottawa police website was still down as of Sunday night. The City of Ottawa website was hacked Friday evening and replaced with a black screen and a dancing banana, along with a message attributed to @AerithXOR. @AerithTOR claimed this was his former account and said it had been suspended. The message the hacker left on Ottawa’s police website contained the name of an area police officer. The officer was involved with the investigation of an Ottawa teen who is alleged to have made calls reporting fake emergencies to emergency services agencies across North America. Toronto police were unavailable for further comment. The Toronto Police Services website remained offline on Sunday night. Source: http://www.thestar.com/news/crime/2014/11/24/toronto_police_service_website_down_after_ddos_attack.html
Tag Archives: ddos news
Anonymous pledges more attacks in Canada
The Anonymous hacker group that carried out Friday’s cyber attack on Ottawa’s City Hall has pledged attacks on eight more targets, including Ottawa Police and the Supreme Court. The group has taken responsibility for hacking Ottawa.ca, hijacking the site with a taunting image of a dancing banana, and naming an Ottawa police officer with the ominous message “You know what we want…” Anonymous launched the hacking campaign Operation Soaring Eagle two weeks ago, and claims they have already penetrated the Ottawa police server. The group taunted police to find a “digital footprint” left behind as proof of their capabilities, and threatened to deface the Ottawa police website, as well as publishing e-mail exchanges between officers and the home addresses of investigators. “For every one technical (expert) you think you have, we have 20.. 50.. 100.. Do you believe us now?” the group posted following Friday’s hack. “Are we serious enough? This is just the start, Operation Soaring Eagle will continue, until we see fit that it is completed. We will be taking over all ottawa police networks, shutdown communications on the internet, hijack domains, servers, and soo much more (sic). It all starts today (Friday).” Both Chief Charles Bordeleau and Supt. Tyrus Cameron were dismissive of Anonymous’ threats. “We’re investigating,” Cameron said Saturday, adding he doubts the hackers have infiltrated the Ottawa Police e-mail server and are prepared to post names and addresses of officers. “Police operations and systems continue to function normally.” Later, Anonymous carried through by posting the phone number and home address of the Ottawa police officer named during Friday’s cyber attack. The officer is one of the investigators in a massive joint investigation with the FBI that netted 60 charges against a Barrhaven teen in May. The teen is accused of “swatting,” which is a trend of making prank calls reporting fake bomb threats, hostage situations and active shootings, while impersonating another person, commonly an online gaming rival. Emergency personnel will then respond to the call in vast numbers ? often in SWAT teams ? only to discover the ruse on arrival. “(The officer) knows exactly why he forced this to happen,” Anonymous said Saturday. It is believed the group carried out the attack when new evidence that supposedly exonerates the Barrhaven teen ? and alleges another man in New Jersey is actually behind the swatting frame-up ? was ignored by investigators, as Anonymous alleges. Bordeleau would not comment on Anonymous’ claims. The family’s lawyer, Joshua Clarke, said his client has maintained his innocence “from the very beginning.” “While we don’t condone the actions and are in no way affiliated with Anonymous, we understand that this group exists and have chosen to assist my client,” Clarke said. A Twitter user under the handle Aerith, speaking on behalf of Anonymous, said the group offered information to Ottawa police that would prove the innocence of the teen. “Enough is enough. We offered to give (police) information on (the) real swatter… in exchange let (the Barrhaven suspect) go, they laughed… They questioned our skills… That young lad is innocent, this is just pure bull—-.” QMI Agency could not reach the New Jersey man named by Anonymous. Aerith said he was “happily going through every single (police) e-mail, and operation discussed in their e-mails, and preparing a press release.” The group also said it was planning on replacing the police home page with “a dancing hitler banana with ISIS logo just to piss off (Stephen) Harper.” In a lengthy anti-police and anti-establishment rant on Nov. 12, Anonymous warned that the hacker collective would be carrying out “DDoS attacks” targeting the servers of nine websites, notably Ottawa.ca, Ottawa Police and the Supreme Court. The group lists several other targets, including Guelph Hydro, the City of Waterloo, Telus, WindMobile, Koodo Mobile and Fido, though it is not immediately clear why those companies and institutions are targeted. On Saturday, after that first cyber-attack was verified, the group posted another message warning, “This is just the start… We will not rest.” The group signed off by warning of another attack coming on Monday, pledging, “We have a shocker planned.” Source: http://www.torontosun.com/2014/11/22/anonymous-pledges-more-attacks-in-canada
Continued here:
Anonymous pledges more attacks in Canada
Bahrain newspaper’s website brought down by DDoS attack
The website of Bahrain’s leading Arabic newspaper was brought down in a massive malicious attack yesterday (Saturday), the day the country went to the polls. And though the Akhbar Al Khaleej website was put back on line and accessible throughout the region and the rest of the world, it was still inaccessible in parts of Bahrain as of this evening. The website www.akhbar-alkhaleej.com was the target of a DDoS (distributed denial of service) attack, under which a malicious software or system generated thousands of requests every few seconds to the site, causing it to collapse under the weight of the traffic and become unavailable to users. “The US-based Peer1, which is one of the world’s leading hosting providers, informed us that the website was under attack, after which our engineers managed to restore services by changing the site’s IP address,” said a spokesman for Bahrain’s North Star Technologies, which manages the newspaper’s site. He continued: “However, it was still inaccessible from some parts of Bahrain as Batelco’s DNS server grappled to route traffic to the site’s new IP address.” Batelco has acknowledged it has issues with its sever and was working hard to resolve the matter, he said, adding that the telecommunications operator was endeavouring to restore full access to the site “before the end of the day”. The oldest and most respected Arabic daily newspaper in Bahrain, Akhbar Al Khaleej has been forthright in condemning the political unrest that has gripped Bahrain since 2011 and was previously targeted by hackers. Yesterday’s elections for 40 seats at the Council of Representatives, parliament’s lower house, attracted a voter turnout of 51.5 per cent. Bahrianis also voted to elect Municipal Councillors and the turn out was 53.7 per cent. Elections are held every four years. Source: http://www.tradearabia.com/news/MISC_270100.html
Read this article:
Bahrain newspaper’s website brought down by DDoS attack
2015 DDoS attacks to come from Vietnam, India and Indonesia
Vietnam, India and Indonesia might not have the most advanced Internet infrastructure, but they do have a large number of insecure smartphones coming online, making them the big botnet sources for next year’s distributed denial of service attacks, according to a report released today by Black Lotus Communications, a DDOS mitigation vendor. “They have a lot of young people just getting their smartphones, specifically Android smartphones,” said Frank Ip, the company’s vice president of business development. These new users are more susceptible to phishing, and are less aware of how to secure their devices, he added. “We’ve been seeing that trend in the last two quarters,” he said. A single smartphone is already a powerful computing device, he said, and when combined with wireless networks in extremely large numbers, they can add up to a significant threat. In 2014, however, China was the single biggest source of DDOS attacks, the report said, followed by the United States and Russia. Again, the reason China was in the lead because of the available number of potentially vulnerable devices. “It’s nothing about a particular nation state,” Ip said. “And it doesn’t mean that the attack initiator is in China. It could be carried out by somebody anywhere in the world.” China has bandwidth, he said, and, as a developing nation, many people are going to Internet Cafes to surf the web. “Because of a lack of controls, a lot of those are using illegal copies of Microsoft, and there are a lot of infections from malware,” he said. “It’s a very popular place to do a botnet.” The motives for the attacks are straightforward — money. “We don’t see a lot of vandalism, or political attacks,” said Ip. “The majority of attacks are financially motivated, like extortion.” Criminals start out with a small attack against a company, and send a ransom note to the IT department. Most people know better than to pay, but a few do, especially because the amounts are usually low. At first. “If you start paying them once, they’ll come back to you against because they know you’re an easy target,” Ip said. However, if the hackers know that a company is prepared to deal with the attacks, they’ll move on to other targets. Black Lotus dealt with more than a million separate DDOS attacks so far this year, Ip said. However, the bulk of them took place early this year — nearly half a million in the first quarter, more than quarter million in the second quarter, and just above 200,000 in the third quarter. Some of that is due to hackers learning that the particular companies that RedSeal works with are defended, and moving to more vulnerable targets. In addition, the security community publishes botnet information and networks get more effective at shutting down or blocking the botnets. There is also a seasonal factor to DDOS attacks, Ip said, so the downward trajectory might not continue for the fourth quarter. “It’s the high season for shopping,” he said. “That triggers more of the attacks.” The report also showed a change in the style of attack, with the average attack bit volume increasing, while the average attack package volume decreasing. This shows that attackers are moving away from simple attacks based on large numbers of messages to more complex attacks using multiple vectors. This includes “both application layer attacks and SYN flood attacks blended together,” the report said. During the first quarter of the year, there were NTP DrDoS attacks of record-breaking bit volumes, but, over time, attackers could no longer find as many vulnerable NTP daemons with which to amplify their attacks. A DrDos attack, or distributed denial-of-service, is one where requests are sent to computers that will reply to those requests — except that the return address is spoofed, and instead of replying to the attacker, the replies are sent to the target. Source: http://www.csoonline.com/article/2849230/business-continuity/next-years-ddos-attacks-to-come-from-vietnam-india-and-indonesia.html
Read More:
2015 DDoS attacks to come from Vietnam, India and Indonesia
DDoS attacks continue to fall in size and frequency
The newest up-and-coming countries of origin for DDoS attacks will be Vietnam, India and Indonesia in 2015, according to Black Lotus. While these countries don’t have the necessary bandwidth to lau…
View article:
DDoS attacks continue to fall in size and frequency
Asian mobiles the DDOS threat of 2015, security mob says
Beware traffic from hacked Vietnam, India and Indonesia fondleslabs Vietnam, India and Indonesia will be the distributed denial of service volcanoes of next year due to the profieration of pwned mobiles, according to DDoS security bod Shawn Marck.…
More here:
Asian mobiles the DDOS threat of 2015, security mob says
Fasthosts outage blamed on DDoS attack
Fasthosts’ five-hour collapse today has been blamed on a Distributed Denial of Service attack and a security flaw spotted on its Windows 2003 shared web server kit. The company explained the torrid morning it had suffered in an emailed statement to The Register . Earlier today, after we reported that Fasthosts had gone titsup, Reg reader x2uk suggested that the firm had been targeted by hackers. “Some of our customers’ domains seem to have been shifted onto their DNS overnight which may mean something nefarious is afoot,” he told us. Fasthosts finally responded to our questions just as it was telling its biz customers on Twitter that the service was coming back to life. It said: As a result of a denial-of-service attack, Fasthosts shared hosting customers experienced a loss of DNS performance, and as a result, periods of website downtime. In accordance with its procedures, Fasthosts acted swiftly to resolve the root cause, and has now implemented measures to return the majority of its hosting customers back to full performance. We apologise for any disruption incurred by our customers this morning as a result of this issue. If any customer has outstanding issues, we ask that they contact our technical support team who will assist them. Incredibly, the company’s strife didn’t end there: it has also been battling a serious security hole in its Microsoft servers. Fasthosts said: As a result of our routine and extensive security monitoring, Fasthosts today identified a vulnerability specific to part of its Windows 2003 shared web server platform. The small affected proportion of our large hosting platform was immediately isolated, and work is being undertaken to investigate and fix the issue as swiftly as possible. As a precautionary measure, some shared hosting servers on this specific platform have been taken offline, resulting in a small proportion of our hosting customers experiencing downtime. All efforts are being focused on returning this platform to service. Fasthosts added that “the security of our customer data remains of paramount importance to us.” It claimed to have “excellent levels of security monitoring, systems and resources to keep our customers’ data safe from threats.” However, the company made no mention of compensation for businesses affected by Monday morning’s outage. “We apologise unreservedly for the inconvenience caused to those customers affected today, and we remain committed to providing the highest possible standards of service,” Fasthosts said. Source: http://www.theregister.co.uk/2014/11/17/fasthosts_outage_blamed_on_ddos_hack_attack_and_windows_2003_vuln/
Follow this link:
Fasthosts outage blamed on DDoS attack
#OpKKK: Anonymous launches DDoS attacks on KKK websites
Anonymous claims it has taken down several Ku Klux Klan websites and Twitter accounts as part of what internet hacktivists describe as a “cyber war”, inspired by KKK threats of using “lethal force” against Ferguson protesters. Anonymous listed the KKK websites it put offline Sunday night on its Twitter feed, with reports on the attacks coming with the hashtag #OpKKK. The group has acknowledged, though, that its anti-KKK action was not running smoothly enough. “ A lot of the sites being DDOS’d in #OpKKK seem to be going down, coming up, going back down, coming back up, etc ,” Anonymous explained. The hacktivists have also announced having taken over two KKK Twitter accounts @KuKluxKlanUSA and @YourKKKCentral. “ Based on the direct messages sent from and to this account, we can confirm that this account was run by an official Klan member ,” the group posted at one of the hacked accounts, promising more details in a statement coming in a few hours. The group is targeting the Ku Klux Klan over fliers it distributed among residents of the St. Louis area. The leaflets described protesters in Ferguson as “terrorists” and warned the KKK was ready to use lethal force against them. READ MORE: Missouri KKK: We will use ‘lethal force’ against Ferguson protesters The hacktivists reacted to the threats by releasing a video, announcing the launch of a “cyber war” on the KKK. “ DDos attacks have already been sent and have infiltrated your servers over the past 2 days… d0x’s have also been launched on leaders of the KKK. All information retrieved will be given to the public ,” the video says. The online attacks by the Anonymous come as tensions rise in St Louis, where a decision by a grand jury is expected any day now, though the date of the verdict has not been announced. The ruling will determine whether criminal charges will be brought against white police officer Darren Wilson, who shot unarmed black teenager Michael Brown, killing him. On Sunday, a crowd of demonstrators staged a peaceful protest in St. Louis, marking 100 days since the fatal shooting. Protesters lay down on chalk-marked areas, pretending to have been shot. Source: http://rt.com/usa/206067-anonymous-hacks-kkk-accounts/
See the original article here:
#OpKKK: Anonymous launches DDoS attacks on KKK websites
DDoS Attack Against Svenska Spel
The debate about Sweden’s restrictive online gambling legislation is heating up, as Gustaf Hoffstedt , from the country’s Moderate Party, proposed a motion to the Swedish Parliament to modify the current law in favor of an open and regulated market. After the European Commission (EC) decided to refer the country to the European Court of Justice to finally define whether Sweden’s monopoly on gambling is in conflict with EU laws or not, the pressure for a legislative change now comes from inside the country. “Sweden’s monopoly only exists on paper, therefore it is natural to change this to a licensing system where more operators can apply for a license in Sweden,” Hoffstedt said. “The companies that meet the highest standards should, on application, be given a license to operate in Sweden.” Hoffstedt believes that a change in the legislation is needed since it’s time for Sweden’s authorities to face the fact that the gambling monopoly in the hands of the State-controlled Svenska Spel did not work as initially expected. Especially as a large number of Swedish citizens regularly play on rooms that should not be reached from within the country. “When we talk about foreign gaming companies, these are in fact, in many cases, Swedish companies, since Sweden is one of the leading export nations in the gaming industry with companies like Unibet and Betsson ,” Hoffstedt explained to GamingIntelligence . “The current gaming law forces these companies to operate abroad. It is easy to see that a business policy that forces world-leading Swedish companies to leave the country can hardly be regarded as successful.” Similarly to the EC, the member of Sweden’s Moderate party believes that the country’s gambling monopoly did not succeed also in protecting players from the perils of compulsive gambling. “Compulsive gambling is a medical diagnosis, but today only 30 of the 290 municipalities provide specialised gambling treatment,” he stated. Hoffstedt parliamentary motion is only the last chapter of a long debate that many believe will soon result in the opening of Sweden’s gambling market. Also Sweden’s Minister of public administration Ardalan Shekarabi agrees with Hoffstedt on the fact that the country should rethink its approach to gambling and allow more companies to join an open, yet regulated, market. In a comment reported by PokerNews in October, Shekarabi explained how he believes it will be the government’s intention to “accelerate the work that is currently taking place to find a licensing system which can be implemented in Sweden.” Right when the Parliament was busy discussing the possibility to end the state-controlled gambling monopoly, things did not go too well for the country’s monopolistic company Svenska Spel. With a note published on the company’s website on Nov. 13, Svenska Spel’s press officer Johan Söderkvist announced that “the poker room had to temporarily shut down because of DDoS attacks.” “Svenska Spel has undergone several targeted denial of service attacks, known as DDoS attacks,” the note explains. “Given the major disruptions caused by the attacks, it has been decided to temporarily shut down the poker room. Cancelled games will be refunded according to Svenska Spel’s terms and conditions,” the note continued. “Svenska Spel has filed a police report the incident.” Heavy DDoS attack against Svenska Spel were also reported on Nov. 2, when the poker room was forced to cancel the inaugural event of its 2014 Swedish Masters . Source: http://www.pokernews.com/news/2014/11/ddos-attacks-against-svenska-spel-continue-19823.htm
Originally posted here:
DDoS Attack Against Svenska Spel
The Bitcoin Forum At Bitcointalk.org Went Offline Due to DoS attack
Bitcointalk.org, the Bitcoin Forum, is currently offline with the official explanation being a DOS attack. In the past, Bitcointalk.org has faced hacks, man-in-the-middle attacks, and DDOS. According to isitdownrightnow, a service that tells you the status of websites worldwide, bitcointalk.org has been down since at least 17:00 PT. This is corroborated by the first reports on twitter of the bitcointalk.org outage: In the meantime, users can use Bitcointa.lk, which stores all of the Bitcointalk.org messages and has an additional list of features, as well. Bitcointalk confirms the DoS attack: Source: https://www.cryptocoinsnews.com/bitcoin-forum-bitcointalk-org-currently-offline-due-to-dos/
Read More:
The Bitcoin Forum At Bitcointalk.org Went Offline Due to DoS attack