Tag Archives: ddos

Image DDoSMatic.png

India accounts for 26% of top DDoS traffic

Majority of DDoS traffic in 2014 originated from India, says a new research from Symantec. Of the top 50 countries that witnessed the highest volume of originating DDoS traffic, India accounted for 26 percent of all DDoS traffic, followed by the USA with 17 percent, the research said. The results prove India has a high number of bot infected machines and a low adoption rate of filtering of spoofed packets, but may not imply that people behind the attacks are located in India because DDoS attacks are often orchestrated remotely. However, the study indicates that India is emerging as a hotbed to launch these attacks, potentially because of the low cyber security awareness, lack of adequate security practices and infrastructure, said Tarun Kaura, director, Technology Sales at Symantec India. The year 2014 saw an increase in the compromise of Linux servers, including those from cloud providers. These high bandwidth servers are then used as part of a botnet to perform DDoS attacks. The so-called “Booter” services can be hired for as little as INR 300 ($5 USD) to perform DDoS attacks for a few minutes against any target. Longer attacks can be bought for larger prices. They also offer monthly subscription services, often used by gamers to take down competitors. As the most attacked sector globally, the gaming industry experiences nearly 46 percent of attacks, followed by the software and media sectors While it’s not happening on a broad scale now, it’s likely we’ll see an increase in DDoS attacks originating from mobile and IoT devices in the future, Symantec said. DDoS attacks make an online service unavailable by overwhelming it with traffic from multiple sources. A Domain Name Server (DNS) amplification attack is a popular form of DDoS, which floods a publically available target system with DNS response traffic. Symantec’s research indicates that DNS amplification attacks have increased by 183 percent from January to August 2014. Motivations behind DDoS Attacks include hacking and financial blackmail with the threat of taking the business offline personal grudge. It also acts as a diversion technique to distract IT security response teams while a targeted attack is conducted. Source: http://www.infotechlead.com/2014/10/24/india-accounts-26-top-ddos-traffic-symantec-26196  

Originally posted here:
India accounts for 26% of top DDoS traffic

More than 70 Hong Kong government websites ‘under DDoS attack from Anonymous hackers’

Over 70 government websites have been targeted this month by cyberattacks believed to have been directed by hackers operating under the banner of Anonymous, a brand adopted by activists and hackers around the world. Commerce secretary Greg So Kam-leung told lawmakers that no information had been stolen or altered from the official websites, which had been intermittently inaccessible after surges of requests to access them. By Wednesday, eight men and three women had been arrested by police in connection with the cyberattacks, on suspicion of accessing a computer with criminal or dishonest intent, So said. “Attacks launched by the hacker group partly originated from Hong Kong, and partly from other regions outside Hong Kong,” he said. “Since the group can be joined by any netizen, [the attack] could be originated from all over the world and it is hard to find out their nationalities.” Internet users identifying themselves as Anonymous hackers issued a warning to the government and police force on October 2 after tear gas was fired at pro-democracy demonstrators in the city. A number of official sites were made inaccessible on October 3 by distributed denial-of-service (DDoS) attacks. During such attacks, website infrastructure is overwhelmed by a huge number of requests to access the site, ultimately making the site inaccessible. The attacks can also slow down website functionality. But So said the cyberattacks had not impacted significantly on the government’s online services, and emphasised that security had not been compromised. The website of the pro-democracy newspaper Apple Daily has also been the target of sustained cyberattacks in recent weeks, coinciding with a blockade of its offices in Tseung Kwan O by pro-Beijing protesters. No group has claimed responsibility for those cyberattacks, which followed similar attempts to make the Apple Daily website inaccessible in June during the Occupy Central electoral reform referendum. An attempt to block access to the referendum’s online polling system was described by one internet security expert as “the most sophisticated ever”. So mentioned that some individual local websites had also come under attack, but such actions had not had a “significant impact on the city’s economic activities”. Police are still investigating those cases, he said. Source: http://www.scmp.com/news/hong-kong/article/1622171/more-70-hong-kong-government-websites-under-attack-anonymous-hackers

Taken from:
More than 70 Hong Kong government websites ‘under DDoS attack from Anonymous hackers’

DDoS Attacks: Legitimate Form of Protest or Criminal Act?

A basic premise of a democratic society gives its citizens rights to participate in debate and effect change by taking to the streets to demonstrate. In the U.S., this is enshrined in the Bill of Rights under the First Amendment. But what happens when we all effectively live, work, shop, date, bank and get into political debates online? Because online, as Molly Sauter points out in her book  The Coming Swarm , there are no streets on which to march. “Because of the densely intertwined nature of property and speech in the online space, unwelcome acts of collective protest become also acts of trespass.” Sauter argues that distributed denial of service (DDoS) attacks are a legitimate form of protest. Or at least one that needs to be examined in a larger context of lawful activism, rather than hastily and disastrously criminalized under the Patriot Act. Sauter is currently doing her Ph.D. at McGill University in Montreal after completing her Masters at MIT. Prior to attending MIT she worked as a researcher at the Berkman Center for Internet and Society at Harvard. So she’s been thinking about civil disobedience and digital culture for a while, although she admitting during a recent phone interview that “adapting and re-writing a Masters thesis into a book during the first year of doctorate study is not recommended.” As Sauter examines in  The Coming Swarm , DDoS campaigns are not new. In fact they’ve been used for almost 20 years in support of various political movements from pro-Zapatista mobilization to immigration policy in Germany and, most notably, at 2010 G20 in Toronto. “Guiding this work is the overarching question of how civil disobedience and disruptive activism can be practiced in the current online space,” she told PCMag. “Actions that take place in the online sphere can only ever infringe on privately held property. The architecture of the network does not, as of yet, support spaces held in common.” The book also delves into extensive technical discussion on the evolution of simple denial-of-service attacks, where a single computer and Internet connection breaches a firewall, floods a server with packets, and overloads the system so that it malfunctions and shuts down. According to Sauter, it was the switch to distributed denial-of-service attacks that really got the authorities’ attention. Mainly because the distributed nature of attack, using zombie machines to hide the original source of the activists’ IP addresses and often effect malware, made detection almost impossible. It was then that the nature of digital debate was re-framed as a criminal act rather than civil disobedience. Source: http://www.pcmag.com/article2/0,2817,2469400,00.asp

More:
DDoS Attacks: Legitimate Form of Protest or Criminal Act?

International Middle East Media Center back on-line after DDoS Attack

The website of the International Middle East Media Center (IMEMC) is back online after the Palestinian news service, under the auspices of the Palestinian Centre for Rapprochement between People, was forced off-line by a DoS attack and apparently let down by Hosting provider Bluehost. IMEMC and other new media came under increased attack during the Gaza war, while mainstream media were bleeding viewers, listeners and readers to new, alternative and independent news services. A several hundred percent increase in readers of news about the Gaza war may, ultimately, have prompted the UK parliament’s recognition of Palestine. The IMEMC website is under constant attack of one sort or the other, but these attacks increased significantly since the Gaza war, said the editor-in-chief Saed Bannoura to nsnbc. IMEMC’s website ultimately succumbed to a DoS attack on October 14, after the end of armed hostilities, but against the backdrop of the Swedish recognition of Palestine and the UK parliament’s yes vote to the recognition of Palestine on October 13. IMEMC, nsnbc, and a number of other new, independent or alternative media experienced a marked increase for the Palestine – Israel discourse. While nsnbc only registered a minor increase in daily readers, it noticed a marked increase in the number of read articles pertaining Palestine, Israel, and the related international discourse. IMEMC, which specifically covers Palestine and the Palestinian – Israeli discourse, experienced a significant increase in its number of readers and read articles. Saed Bannoura noted that IMEMC also experienced an increased interest in IMEMC’s Facebook page and Twitter account, adding, however, that there was a particular increase in interest for the IMEMC website. Bannoura said: “Our readership increased from two million hits per month to ten million hits per month … We have seen more and more reprints of our articles, and also, Abby Martin of Russia Today, was repeatedly quoting the IMEMC website, our statistics and our reports in her TV coverage” Saed Bannoura noted that IMEMC and other independent media often have people on the ground where major mainstream media are merely repeating the reports from establishment news agencies. It is noteworthy that the IMEMC website succumbed to the DoS attack on October 14, one day after the UK Parliament voted in favor of the recognition of Palestine and only two days after nsnbc published an article that documented an unprecedented level of harassment of alternative media, including IMEMC, nsnbc, Voltairenet, New Eastern Outlook, Land Destroyer Report, Infowars, Drudge Report and others. Mainstream media like the BBC, CNN and other were increasingly forced to adjust their coverage. This ”adjustment” and the flight away from the mainstream to alternatives is likely to have been a significant contributing factor to the landslide in public opinion in the UK, that led to the recognition of Palestine by the UK parliament. Speaking about the decades-long vilification of Palestinians and the misrepresentation of the Palestinian – Israeli discourse in Blockbuster Hollywood movies and mainstream media, Saed Bannoura said: “Well, it’s an unfortunate reality that most of the international media agencies are largely corporate owned and line-up with corporate lobbies. Therefore their coverage is poor to none, regarding Palestine issues, especially when it comes to Palestinian rights”. Another aspect of the involvement of strong corporate and government interest in media coverage is that alternative, internet-based media, are dependent on Hosting providers who often are in direct or indirect corporate relationship with, or dependent on business with major corporations which are known for their cooperation with intelligence agencies. One example is the well-documented cooperation between Google, Microsoft, Apple, and the U.S.’ National Security Agency. IMEMC’s now previous Hosting service, Bluehost, said Saed Bannoura, let IMEMC down when it was subjected to the DoS attack instead of providing any actionable help. Bannoura stressed, “that is their job, that is what we are paying them for”. It is noteworthy that Bluehost has a partnership with SiteLock, which also was involved in a harassment case pertaining nsnbc and others. October 18, nsnbc attempted to contact Bluehost via chat and phone. A sustained attempt to acquire the contact details of a media spokesperson or anyone who could speak on behalf of Bluehost failed. Also repeated direct calls to its violation of terms of service department were consistently answered by an answering machine, saying, “I’m sorry, that’s not a valid extension. Thank you for calling”. IMEMC has migrated the website to another hosting provider for now. Editor-in-chief Saed Bannoura agrees that alternative, new, and independent media could and maybe ought to form some kind of alliance with regard to negotiating with safe and ethical hosting service providers. The IMEMC website is on-line again, but the new media are likely to remain vulnerable as long as they don’t stand united against censorship and harassment. Source: http://www.imemc.org/article/69429

Visit link:
International Middle East Media Center back on-line after DDoS Attack

Reflection DDoS Attacks Using Millions of UPnP Devices on the Rise

After successful in launching reflection and amplification Distributed Denial-of-Service (DDoS) attacks by abusing various protocols such as DNS, NTP and SMTP, hackers are now abusing Simple Service Discovery Protocol (SSDP) – part of the UPnP protocol standard – to target home and office devices, researchers warned. SSDP is a network protocol based on the Internet Protocol Suite that comes enabled on millions of networked devices, such as computers, printers, Internet gateways, Router / Wi-Fi access points, mobile devices, webcams, smart TVs and gaming consoles, to discover each other and automatically establish working configurations that enable data sharing, media streaming, media playback control and other services. FLAW IN UPnP USED IN AMPLIFICATION DDoS ATTACK Prolexic Security Engineering & Response Team (PLXsert) at Akamai Technologies have issued a warning that the devices use in residential or small office environments are being co-opted into reflection and amplification distributed denial-of-service (DDoS) attacks since July that abuse communications protocols enabled on UPnP devices. “ The rise of reflection attacks involving UPnP devices in an example of how fluid and dynamic the DDoS crime ecosystem can be in identifying, developing and incorporating new resources and attack vectors into its arsenal ,” the advisory states. “ Further development and refinement of attack payloads and tools is likely in the near future. “ The weakness in the Universal Plug-and-Play (UPnP) standard could allow an attacker to compromise millions of its consumer and business devices, which could be conscripted by them to launch an effective DDoS attack on a target.   Attackers have found that Simple Object Access Protocol (SOAP) – protocol used to exchange sensitive information in a decentralized, distributed environment – requests “can be crafted to elicit a response that reflects and amplifies a packet, which can be redirected towards a target.” This UPnP attack is useful for both reflection attacks, given the number of vulnerable devices, and amplification as researchers estimate that it can magnify attack traffic by a factor of 30, according to the advisory. OVER 4.1 MILLIONS DEVICES VULNERABLE According to the security researchers, about 38 percent of the 11 million Internet-facing UPnP devices, i.e. over 4.1 million devices, in use are potentially vulnerable to being used in this type of reflection DDoS attack. “ The number of UPnP devices that will behave as open reflectors is vast, and many of them are home-based Internet-enabled devices that are difficult to patch ,” said Akamai security business unit senior vice president and general manager Stuart Scholly. “ Action from firmware, application and hardware vendors must occur in order to mitigate and manage this threat .” MAJOR TARGETED COUNTRIES South Korea has the largest number of vulnerable devices, followed by the United States, Canada, and China, according to the advisory. This isn’t the first time when a security flaw in UPnP has allowed attackers to target home and business devices, back in January 2013, a flaw in UPnP exposed more than 50 millions computers, printers and storage drives to attack by hackers remotely.   Source: http://thehackernews.com/2014/10/reflection-ddos-attacks-using-millions_16.html

Link:
Reflection DDoS Attacks Using Millions of UPnP Devices on the Rise

How Russian hackers used Microsoft PowerPoint files to hack NATO computers

The ‘Patch Tuesday’ fixes included a patch for a vulnerability that a Russian Hacker team was using to target NATO. These attacks target high-profile organizations so you don’t have much of a reason to be worried (but please update!). So, no need to panic, this is just an interesting scenario that sheds some light on how computers can be compromised. The Russian team is called ‘Sandstorm Team’ and has been targeting organizations in Russia, the European Union, and United States since 2009. This attack used malicious PowerPoint documents. The Sandstorm Team crafted these PowerPoint files to install a malware called ‘Black Energy’ when opened. The malware installed is ‘bot-based’ and uses a plugin architecture that can be used for Distributed Denial of Service (DDoS) attacks, credential theft, or spam. Then, in a ‘spear-fishing’ attack, they sent these files to the employees of NATO and different telecom and energy companies. A ‘spear-fishing’ attack is when the attacker pretends to be a trustworthy source to trick the victim into opening malicious files, in this case, PowerPoint files which installed malware. Normally, you don’t want to run exe files that you don’t trust as they execute unrestricted code. But a PowerPoint file should just open a PowerPoint, so it’s safe, right? Wrong. You should never open files that are from questionable sources. This particular attack used a vulnerability in OLE that allowed the attacker to execute any command, which was used to install the malware through the mere opening of the PowerPoint file. OLE stands for Object Linking and Embedding, and is used in cases such as linking an Excel report in a PowerPoint document. This way, when the Excel report is updated, so is the data that shows up in the PowerPoint. It is a very useful feature, but the attackers found a vulnerability that lets them use it to install malware. This vulnerability in the OLE has now been patched. This was a ‘zero-day,’ which are attacks where the attacker finds a vulnerability first and be able to exploit it before anyone has any knowledge about it, let alone has a chance to fix it. These types of attacks happen all the time, and the only way to fix one is to detect the malware exploiting it and then patch the vulnerability. To help ensure the safety of your own system, don’t click on anything you don’t trust, and install updates as soon as possible. Source: http://www.winbeta.org/news/how-russian-hackers-used-microsoft-powerpoint-files-hack-nato-computers

See the original post:
How Russian hackers used Microsoft PowerPoint files to hack NATO computers

4 million UPnP devices may be vulnerable to attack

Akamai has observed the use of a new reflection and amplification DDoS attack that deliberately misuses communications protocols that come enabled on millions of home and office devices, including rou…

Continued here:
4 million UPnP devices may be vulnerable to attack

Hong Kong Protests: Anonymous Hackers Leak Chinese Government Data, Shutdown Websites

Hundreds of phone numbers, names, IP addresses and email addresses from Chinese government websites have been leaked online by the hacktivist collective Anonymous in support of pro-democracy protests in Hong Kong. Anonymous first threatened the attack last week through its ‘Operation Hong Kong’ affiliated branch, promising to leak government email address details and to shut down state websites through a Distributed Denial of Service (DDoS) attack. Over the weekend, shortly after a government statement condemning the threat of attack, personal details taken from the Ningbo Free Trade Zone in Zhejiang province and a job-search site were released by the group. “We cannot be with you on the streets. We cannot fight the police that are arresting you. But they cannot arrest an idea,” Anonymous said in a statement. “We have effectively hacked and shutdown government websites and their supporters. Some noticeable Chinese and Hong Kong government domains and networks have already acquired American services for their domains.” The group claims that such actions by the Chinese government prove that the attacks carried out “cannot be handled” and that the involvement of US-based providers prove that US corporations are complicit in supporting Beijing policy. The hacker group first announced its support for the pro-democracy protests in Hong Kong at the beginning of October, stating in a video at the time: “The time has come for democracy for the citizens of Hong Kong.” Five suspected members of Anonymous have since been arrested in the region in connection with hacking attacks. Due to the secretive nature of Anonymous, some security experts have said that it is difficult to prove that these attacks actually stem from them, rather than western governments. Protests in the former British colony started last month after Beijing decided it was to screen candidates for the first election in the territory in 2017. Source: http://www.ibtimes.co.uk/hong-kong-protests-anonymous-leaks-chinese-government-data-1469747

Read More:
Hong Kong Protests: Anonymous Hackers Leak Chinese Government Data, Shutdown Websites

Researcher makes the case for DDOS attacks

When you start with the premise that capitalism is illegitimate it’s easy to dismiss other people’s property rights. To some people, a political mission matters more than anything, including your rights. Such people (the Bolsheviks come to mind) have caused a great deal of damage and suffering throughout history, especially in the last 100 years or so. Now they’re taking their mission online. You better not get in their way. Molly Sauter, a doctoral student at the Berkman Center at Harvard (“exploring cyberspace, sharing its study & pioneering its development”), has a paper calling the use of DDOS (distributed denial of service) attacks a legitimate form of activism and protest. This can’t go unchallenged. Sauter notes the severe penalties for DDOS attacks under “…Title 18, Section 1030 (a)(5) of the US Code, otherwise known as the CFAA” (Computer Fraud and Abuse Act). This section is short enough that I may as well quote it here verbatim: (5)(A) [Whoever] knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage without authorization, to a protected computer; (B) intentionally accesses a protected computer without authorization, and as a result of such conduct, recklessly causes damage; or (C) intentionally accesses a protected computer without authorization, and as a result of such conduct, causes damage and loss. There are other problems with the CFAA with respect to some legitimate security research and whether it technically falls afoul of the act, but that’s not the issue here. Sauter goes on in some detail with the penalties under Federal law for violating this act and, no argument here, they are extreme and excessive. You can easily end up with many years in prison. This is, in fact, a problem generally true of Federal law, the number of crimes under which has grown insanely in the last 30 or so years, with the penalties growing proportionately. For an informed and intelligent rant on the problem I recommend Three Felonies a Day by Harvey Silverglate. Back to hacktivist DDOS attacks. She cites cases of DDOS attacks committed against Koch Industries, Paypal, the Church of Scientology and Lufthansa Airlines, some of these by the hacktivists who call themselves Anonymous. In the US cases of the attacks against Koch, Paypal and the Church, the attackers received prison time and large fines and restitution payments. In the Lufthansa case, in a German court, the attacker was sentenced to pay a fine or serve 90 days in jail; that sentence was overturned on appeal. The court ruled that “…the online demonstration did not constitute a show of force but was intended to influence public opinion.” This is the sort of progressive opinion, dismissive of property rights, that Sauter regrets is not happening here in the US. She notes, and this makes sense to me, that the draconian penalties in the CFAA induce guilty pleas from defendants, preventing the opportunity for a Lufthansa-like precedent. This is part and parcel of the same outrageous growth of Federal criminal law I mentioned earlier; you’ll find the same incentive to plead guilty, even if you’re just flat-out innocent, all over the US Code. I would join Sauter in calling for some sanity in the sentencing in the CFAA, but I part ways with her argument that political motives are a mitigating, even excusing factor. Sauter’s logic rises from a foundation of anti-capitalism: …it would appear that the online space is being or has already been abdicated to a capitalist-commercial governance structure, which happily merges the interests of corporate capitalism with those of the post-9/11 security state while eliding democratic values of political participation and protest, all in the name of ‘stability.’ Once you determine that capitalism is illegitimate, respect for other people’s property rights is no longer a problem. Fortunately, the law protects people against the likes of Anonymous and other anti-capitalist heroes of the far left. I would not have known or cared about Sauter’s article had it not been for a favorable link to it by Bruce Schneier. Schneier is a Fellow at the Berkman Center. Progressives and other leftists who think DDOS, i.e. impeding the business of a person or entity with whom you disagree in order to make a political point, should consider the shoe on the other foot. If I disagree with Schneier’s positions is it cool for me to crash his web site or those of other organizations with which he is affiliated, such as the Berkman Center, the New America Foundation’s Open Technology Institute, the Electronic Frontier Foundation, the Electronic Privacy Information Center and BT (formerly British Telecom)? I could apply the same principle to anti-abortion protesters impeding access to a clinic. I’m disappointed with Schneier for implying with his link that it’s legitimate to engage in DDOS attacks for political purposes. It’s worth repeating that Sauter has a point about the CFAA, particularly with respect to the sentences. It does need to be reformed — along with a large chunk of other Federal law. The point of these laws is supposed to be to protect people against the offenses of others, not to protect the offender. Source: http://www.zdnet.com/researcher-makes-the-case-for-ddos-attacks-7000034560/

See the original article here:
Researcher makes the case for DDOS attacks

Interview with a DDoS troll: Meet ‘the Gods of the Internet’

DDoS attacks are a way to keep corrupt corporations honest, according to an anonymous member of DerpTrolling, who gives us an inside look at the self-proclaimed gods of the Internet. The man behind the curtain One of the first things he says is that he absolutely cannot offer proof. This makes a disappointing amount of sense: he is a self-confessed DDoS troll, a member of the infamous group DerpTrolling. Since distributed denial-of-service attacks could be considered a federal crime under US law — and, indeed, are an offence in many locations around the globe, including the UK and Australia — he, understandably, won’t give a name, location or even rough age. As a corollary, we have no way of knowing that he is who he says he is. We’ll call him Incognito. To talk to him, we plug into a private chat session from opposite sides of the globe (as indicated by time zones) using an encrypted Chrome add-on. “I’ve seen Anonymous at its best,” he tells us. “I participated in their major DDoS attacks against Visa and PayPal, although the role DerpTrolling played in those attacks is pretty much unknown. I’ve seen the rise and fall of LulzSec. So let’s just say I am old enough to know how to stay hidden.” One thing is clear from the outset: Incognito believes that what DerpTrolling does is for the good of everyone. “DerpTrolling as a group shows the world, particularly the gaming community, how big companies and corporations such as Riot or Blizzard only care about money,” he explains. “Our methods are forcing big companies and corporations to upgrade their servers and make sure their clients are their top priority.” DerpTrolling has been around since around 2011 or so, and Incognito has been a member since the beginning. Its method of attack, as mentioned above, is DDoS — overloading servers with external communication requests, rendering the target systems unusable for a period of time. DerpTrolling has attacked several high-profile servers over the years, including those of League of Legends, World of Tanks, EVE Online, DoTA 2, Blizzard, RuneScape and, more recently, Xbox Live and the Nintendo Web store. Although their actions may appear inscrutably juvenile and unwarranted — done for, as the saying goes, the lulz — the team identifies rather strongly with Richard Stallman’s assessment of DDoS as a form of protest against what it perceives as a callous disregard for gamers on the part of games publishers. “A company that doesn’t care only for money would make the effort, which includes time and money, to make sure their servers aren’t able to be crippled by a simple DDoS attack,” Incognito said. “We decided to take action because, if we had the capability to stop corporate greed and we did nothing, that in itself is a crime. We thought DDoS attacks were appropriate because they do not affect customers in a monetary way, unlike leaking data — although we are not opposed to leaking data.” Lines in the sand He is careful to point out that DerpTrolling is against doxxing — that is, the leaking of information about a specific individual, such as address, phone number, Social Security number, credit card and bank account details — and swatting, a term for calling the police to the home of said doxxed individual for spurious reasons. In one of the most famous incidents involving the group, though, one particular individual was doxxed and swatted — Twitch streamer PhantomL0rd. While DerpTrolling was attacking Battle.net, EA.com, Club Penguin and Riot, it was allegedly because those were games PhantomL0rd was playing. At some point during the DDoS activities, PhantomL0rd was doxxed on several gaming websites — and then someone called the police to his home, accusing the streamer of holding five people hostage. Incognito is cagey about the incident, and won’t comment on why the group targeted PhantomL0rd or what precisely DerpTrolling did do — only saying that there is no hard evidence connecting DerpTrolling to the actions. “Yes, Phantoml0rd was doxxed and swatted,” he said. “But we never threatened to harm him physically and we have never taken credit for that attack.” “We decided to take action because, if we had the capability to stop corporate greed and we did nothing, that in itself is a crime.” Incognito He seems determined to impress that there are lines DerpTrolling won’t cross — that what the group does, it does for the good of all. As an example, he mentions that the group is sitting on what could have been a significant customer data leak. “We are currently in possession of over 800,000 usernames and passwords from the 2K gaming studio. As of right now, our members as a whole have decided that leaking data is not what we do, and therefore we will not leak such damaging data,” he said, adding that he had contacted 2K to inform the publisher of the vulnerability in its system — and received no response. “I personally contacted them over a month ago. I did not send them an anonymous letter, I made sure they understood exactly who I was. And offered plenty of proof.” Unless the data is actually leaked, he believes that gaming companies are unlikely to spend the money to issue a fix. CNET has contacted 2K for comment and will update when we receive a reply. Incognito also goes out of his way to dissociate DerpTrolling’s activities from those of LizardSquad, the group that claimed responsibility for calling a bomb threat on a plane carrying Sony Online Entertainment president John Smedley. “I want to make it absolutely clear that DerpTrolling is in no way affiliated with LizardSquad,” he said. Although LizardSquad had requested that the two groups work together, DerpTrolling had refused, he said. “LizardSquad is a run by an extremist hacker who has close ties to UGNazi. You could say that the ISISGang is the elite ‘leaders’ of LizardSquad. We have no wish to associate with any individual or group that has ties with such extremists.” ISISGang has been accused of making prank calls that see their targets swatted and posing as Middle Eastern terrorists, while UGNazi is allegedly responsible for several doxxings and data leaks. Incognito seems quite firm that DerpTrolling wishes to commit no actual harm. The end and the means DerpTrolling has more up its sleeve. Attacks on Xbox Live and the Nintendo Web store on Saturday, September 28 were “test fire” for “upcoming attacks”, Incognito says — although he won’t go into any further detail about that. Nor is it easy to guess who the targets might be. DerpTrolling allows the community to select targets much of the time, Incognito said, via text or tweet. The fact that sometimes the attacks achieve a result justifies the work in his view; Incognito says that League of Legends and Xbox Live have both upgraded their servers in response to DerpTrolling DDoS attacks — in spite of negative public opinion. “Children do not know what is best for them. We are basically the Gods of the Internet, we know what is best for them.” Incognito “The public will always have an opinion that is based on what the media feeds them,” he says. “Children do not know what is best for them. We are basically the Gods of the Internet, we know what is best for them.” When asked if DDoS is a snake chasing its own tail — that is, if no one engaged in DDoS attacks, then companies would not have to dedicate resources to protecting against them — he once again pleads no comment. There is a condition under which DerpTrolling will cease operations: “If the presidents of Sony and Microsoft will wear a shoe on their heads, then DerpTrolling will disband and we will not attack any more servers.” As for Incognito himself, we suspect he might be around for a long time. When asked if he himself would ever hang up his hat, he seems baffled by the question. “Why would I want to stop?” Source: http://www.cnet.com/au/news/the-gods-of-the-internet/

Read More:
Interview with a DDoS troll: Meet ‘the Gods of the Internet’