Tag Archives: ddos

Image akincilar-graphic-message-protesting-against-treatment-palestinians-has-replaced-homepage.jpg

#OpSaveGaza: Anonymous Takes Down 1,000 Israeli Government and Business Websites

Hacker collective Anonymous has announced that it has taken down over a thousand of crucial Israeli websites in a huge new coordinated cyber-attack called #OpSaveGaza on 11 July and 17 July, in support of the people of Palestine. Some of the websites, such as the Tel Aviv Police Department’s online presence, are still offline two days after the distributed denial of service (DDoS) attacks, and numerous Israeli government homepages have been replaced by graphics, slogans, and auto-playing audio files made by AnonGhost, the team of hackers who coordinated the attack. The official Israeli government jobs website has had its homepage replaced by a graphic titled “Akincilar”, which is Turkish for the Ottoman Empire’s troops. Akincilar: A graphic and message protesting against the treatment of Palestinians is still replacing the homepage of certain Israeli government websites A message written in English and Turkish – presumably by Turkish hackers – and accompanied by pictures of Palestinians suffering says: “The Jerusalem cause is Muslims’ fight of honour” and says that people who fight for Palestine are “on the side of Allah”. Another Israeli government website now bears an AnonGhost graphic and lists the usernames of 38 hackers. An audio file that auto-plays when the page loads plays music and a synthesized newsreader clip, together with a message beseeching human rights organisations, hackers and activists to attack Israeli websites to become the “cyber shield, the voice for the forgotten people”. AnonGhost’s #OpSaveGaza message has been displayed on many Israeli websites Many of the websites have since been restored. The hackers have also leaked lists of Israeli government email addresses obtained by hacking websites of the Ministry of Immigrant Absorption, the Ministry of Justice, the Ministry of Culture and Sport, the Ministry of Housing and Construction and much more. Israeli websites belonging to restaurants, local businesses, associations, societies, academic foundations and even a symphony orchestra were also attacked, as well as a subdomain belonging to MSN Israel. A message on the main Pastebin page and some of the hacked websites reads : “The act of launching rockets from Gaza sector to Israhell is an acceptable and normal reaction against those pigs, it’s called Resistance and not terrorism. “Israhell never existed its only Palestine, it’s our home. If you are a Hacker, Activist, a Human Right Organisation then hack israel websites and expose to the world their crimes, show to the world how much blood is on their hands, blood of innocent children and women.” Anonymous has previously run another campaign in April targeting Israeli websites, although on a smaller scale. About 500 websites went offline during the OpIsrael campaign and the hackers released the phone numbers and email addresses of some Israeli officials. Source: http://www.ibtimes.co.uk/opsavegaza-anonymous-takes-down-1000-israeli-government-business-websites-1457269

View article:
#OpSaveGaza: Anonymous Takes Down 1,000 Israeli Government and Business Websites

“Chinese YouTube” Used as DDoS attack Machine

Even the biggest websites in the world are vulnerable to DDoS. Want proof? Well, all throughout this past April, a hacker took advantage of a hole in Sohu.com’s security to launch Persistent Cross-Site Swapping (XSS) attacks against various targets across the globe. Sohu.com, in case you don’t know, is one of the largest websites in the world – in fact 24th largest, according to Alexa Top 100 Ranking. But, for all its size and multi-billion dollar net worth, Sohu could be exploited by hackers who managed to convert its popularity into a massive Persistent XSS enabled DDoS attack. Devastating New DDoS Attack Method At its basis, Persistent XSS is a crafty type of malicious code injection. This injection method involves convincing a server to save data from an outside source (the hacker) and then refresh the data every time a new browser accesses the page. In this attack, the hacker saved to Sohu’s server a JS script that runs a DDoS tool. To do this, he placed a malicious JS script within the avatar image of a fabricated user profile. As with most video sites, this infected user picture would then show up next to any comments wrote by this profile, on Sohu’s video pages. The hacker was smart enough to write a JS script that would hijack every new browser that accessed a video page with the infected comment, forcing it to run a sent DDoS to the target site. The hacker programmed the script to send GET requests to the target once a second. Imagine; thousands of users watching a video on Sohu sending malicious GET requests every second. These bad requests add up quickly, quickly growing to millions every minute. Interestingly enough, the hacker also had the brains to put his infected comment on the most popular and longest playing videos, so the viewers would rack up DDoS requests even faster. This large security event goes to show that even powerful websites can be manipulated by hackers. Where Will the Next Attack Come From? It’s difficult to say. This case study shows that hackers will use whatever means necessary to take down their targets. Without 3rd party protection services, most websites can only defend what they’ve seen already–they can only react after they have been hit. In this instance, the hacker was clever enough to fly under the radar and avoid detection by Sohu’s watchful IT team. If the hacker had chosen a target without a DDoS protection service, Sohu might still be a giant DDoS machine causing havoc on innocent websites. Source: http://www.economicvoice.com/chinese-youtube-used-as-ddos-machine/  

Continue Reading:
“Chinese YouTube” Used as DDoS attack Machine

Botnets gain 18 infected systems per second

“According to industry estimates, botnets have caused over $9 billion in losses to US victims and over $110 billion in losses globally. Approximately 500 million computers are infected globally each y…

More:
Botnets gain 18 infected systems per second

100+ DDoS events over 100GB/sec reported this year

Arbor Networks released global DDoS attack data derived from its ATLAS threat monitoring infrastructure. The data shows an unparalleled number of volumetric attacks in the first half of 2014 with over…

Read More:
100+ DDoS events over 100GB/sec reported this year

DoJ provides update on Gameover Zeus and Cryptolocker disruption

The Justice Department filed a status report with the United States District Court for the Western District of Pennsylvania updating the court on the progress in disrupting the Gameover Zeus botnet an…

Original post:
DoJ provides update on Gameover Zeus and Cryptolocker disruption

‘Political’ DDoS Attacks Skyrocket in Russia

Commercial hackers in Russia are giving way to politically motivated cyber criminals targeting ideological enemies, a new study said Wednesday. The most powerful DDoS attacks on Russian websites in the first six months of 2014 were triggered by the political crisis in Ukraine, digital security company Qrator Labs revealed. February’s Olympic Games in Sochi also prompted a spike in DDoS attacks, said the study, as reported by Bfm.ru news website. Hacker attacks in Russia have generally decreased in quantity, but have become more powerful compared with the first six months of 2013, the report said. About 2,700 distributed denial-of-service (DDoS) attacks occurred during the first six months of 2014, compared with 4,400 over the same period last year, Bfm.ru said. But the number of powerful attacks upward of 1 Gbps increased five times to more than 7 percent of the total, the report said, citing Qrator Labs digital security company. Some of the attacks peaked at 120 to 160 Gbps, the report said. Attack time also grew significantly, with DDoS strikes lasting up to 91 days, compared with 21 days in the first half of 2013. Average botnet size tripled from 136,000 to 420,000 machines per attack. This indicates ideological motivation on behalf of the attackers, who, unlike criminal hackers attacking websites for money, have more time at their disposal, Qrator Labs was quoted as saying. The media made the list of prime DDoS targets along with payment systems and real estate websites. Last season, Forex websites and online stock exchanges accounted for the “absolute majority” of the attacks, the study said, without providing exact figures. Source: http://www.themoscowtimes.com/news/article/political-ddos-attacks-skyrocket-in-russia/503226.html

Read More:
‘Political’ DDoS Attacks Skyrocket in Russia

Facebook scuttles 250k-strong crypto-currency botnet

As noose tightens, VXer pleades: ‘Stop breaking my ballz’ Facebook has taken down a Greek botnet that at its peak compromised 50,000 accounts and infected 250,000 computers to mine crypto-currencies, steal email and banking details and pump out spam.…

See more here:
Facebook scuttles 250k-strong crypto-currency botnet

Dispelling the myths behind DDoS attacks

Distributed Denial of Service (DDoS) attacks are quickly becoming the preferred method for cyber attackers to wreak havoc on the internet. With a recent spate of attention grabbing headlines focused o…

Continue reading here:
Dispelling the myths behind DDoS attacks

June – The month of DDoS attacks

The list of DDoS attacks in the month of June has made for grim reading. High-profile sites have been targeted by extortion demands, online games got disrupted and at least one company was put out of business as a direct result. While it’s tempting to look for a single cause at the root of this apparent tsunami of distributed denial-of-service activity, the reality is considerably more complex. Online activism, the profit motive and even potential nation-state activity contributed to June’s high volume of DDoS attacks. The only commonality, in fact, may be the ease with which DDoS attacks can be launched. Experts like Molly Sauter, an academic and author of the forthcoming book The Coming Swarm, say that the process is childishly simple. “Literally, if you have a credit card and if you’re bored, it could be anyone,” Sauter told Network World. “It’s so easy to rent a botnet – most of them are out of Russia – and you can rent one for stupid cheap, and then deploy it for a couple of hours, and that’s really all you need to target a major site like Feedly or Evernote.” Sauter’s research focuses on the socio-political aspects of technology. She highlights the attacks, earlier in June, on websites connected to the World Cup’s sponsors and backers, which used the iconography of Anonymous. “I’m seeing a lot of Anonymous-oriented DDoS actions,” she said. Anonymous, according to Sauter, is a useful “brand” for politically motivated DDoS attacks, allowing groups to identify themselves with a particular flavor of political thought, despite no organizational connection to other activists. But the highest-profile attacks in the U.S. this June were not politically motivated – the DDoS attempts that took down RSS reader Feedly and note-taking and personal organization service Evernote drew big headlines, and Feedly, at least, was asked for ransom by its attackers. Feedly didn’t pay up, and, according to Forrester principal analyst Rick Holland, that’s probably for the best. “There’s no guarantee that they’re not going to continue to DDoS you,” he said. “It’s like regular extortion – you start paying people off and then, suddenly, they’re going to keep coming back to you every month.” Holland stopped short of urging a blanket refusal to pay off DDoS extortionists, however, saying that companies need to decide their own cases for themselves, in close consultation with their legal teams. He doesn’t know of any companies that have paid a DDoS ransom, but said that it wouldn’t surprise him to learn that it has happened. “I wouldn’t be surprised if people have gotten DDoS, it didn’t go public, they paid a ransom and that was that, but I have not specifically had those conversations,” he said. IDC research manager John Grady said that the increasing primacy of online services means that extortion-based DDoS attacks are becoming a more serious threat. “When there are direct ties from resource availability to revenue, targeting availability is a quick way to get someone’s attention,” he said. Grady echoed both Sauter’s point about the general cheapness of botnets and Holland’s argument that paying the ransom doesn’t make a company proof against further attacks. What’s more, he said, the growing power of some types of attack swings the balance of power further in favor of the attackers. “Increasingly, the ease of amplifying attacks through DNS or NTP, which can ramp traffic up in the hundreds of gigabit range that we’ve seen become common, gives attacks real economies of scale,” Grady said. Research from Forrester shows that, in addition to volumetric attacks like DNS and NTP (which essentially flood targets with unwanted data), targeted application-level attacks have been on the rise. Application-level incidents had been seen by 42% of DDoS victims surveyed in a 2013 report – just shy of the 44% that suffered volumetric attacks. Moreover, 37% used some combination of techniques. According to a report from Infonetics, that trend has prompted increasing attention for application-level mitigation technology. “An increasing number of application-layer attacks, which older DDoS detection and mitigation infrastructure can’t identify and block, are forcing companies to make new investments in DDoS solutions,” wrote principal security analyst Jeff Wilson in December. What this means is that a DDoS attack, whether it’s motivated by politics or money, is an increasingly unequal struggle. Attack techniques have become easier, cheaper and more powerful at the same time as their effects have become more damaging – and defensive measures have failed to keep pace. “The cost of entry is very low for the attackers and the cost to defend is very high for the targets,” said Holland. He said that the best defense may be to simply be as forewarned as possible, and to make plans in advance for potential DDoS incidents. Many businesses haven’t even considered the potential ramifications of a DDoS. Source: http://www.networkworld.com/article/2449855/security0/bloody-june-what-s-behind-last-month-s-ddos-attacks.html

Continue reading here:
June – The month of DDoS attacks