Tag Archives: ddos

Massive DDoS racks up $30,000-a-day Amazon bill for China activists

Site flooded with 2.6 billion requests an hour Chinese activist site Greatfire.org which masks censored traffic into the country is under a sustained distributed denial of service (DDoS) attack that is racking up $30,000 a day in server costs.…

See the original post:
Massive DDoS racks up $30,000-a-day Amazon bill for China activists

‘China censorship’ service GreatFire.org reports DDoS attacks, asks the Internet for help

GreatFire.org, the not-for-profit website designed to highlight online censorship relating to China’s so-called “Great Firewall,” has announced that its mirror websites — set up to circumvent blocks in China — are currently suffering a distributed denial-of-service (DDoS) attacks. A DDoS overwhelms the target — in this case, GreatFire.org’s mirror websites — with a deluge of data, with the intention of causing the network to crash. GreatFire.org is presently reporting 2.6 billion requests per hour — 2,500 times more than its usual traffic — and it says it’s just managing to cope, having switched to faster servers and used other techniques to manage the load. However, it adds that it fears “the attack may be intensified at any time.” China has a long history of blocking online services, and reportedly blocked the whole of Google in the buildup to last year’s 25th anniversary of the Tiananmen Square protests. Back in December, Gmail went dark again too. GreatFire.org basically monitors blocked websites and keywords in China, and has been doing so since 2011. It also offers solutions such as “mirror” websites for circumventing blocks for those located in China. Given GreatFire.org’s core raison d’être , one that would presumably raise the ire of the powers that be in China, it’s surprising to learn that this is in fact the first such attack its sites have undergone in its four-year history. GreatFire.org says the attack began on March 17 and affects all of its mirror websites. Though it asserts that it doesn’t know who or what is behind the attacks, the organization points to a recent story in the Wall Street Journal that reported on how U.S. cloud service providers were facing a backlash from censors in China. The article also talked about how GreatFire.org manages to unblock websites and apps. Notably, GreatFire.org also points to pressure from the Cyberspace Administration of China (CAC) over the past few months. [It] publicly called us “an anti-China website set up by an overseas anti-China organization.” We also know that CAC has put pressure on our IT partners to stop working with us. GreatFire.org is also asking for help — it says that its server costs on Amazon have risen to $30,000 a day (though it doesn’t say what it normally pays). Hinting that it would like Amazon to absorb this cost to support the free-speech cause, the site said: We need companies like Amazon to be on our side and, more importantly, on the side of freedom of speech. We need you to tell Amazon that you think that freedom of speech is an important issue and that Amazon, as a leading global enabler of the internet, plays an important role in access to information. The organization has also asked for anyone with expertise in this realm to get in touch to lend their support. Source: http://venturebeat.com/2015/03/19/china-censorship-website-greatfire-org-suffers-ddos-attack-asks-the-internet-for-help/

Taken from:
‘China censorship’ service GreatFire.org reports DDoS attacks, asks the Internet for help

Oklahoma City’s Website Hit With Two DDoS Attacks

The City of Oklahoma says its website was the victim of a second denial-of-service, or DOS attack, in as many days early Wednesday morning. At 7:44 a.m. the city tweeted its website was down, so KGOU reached out via the social media platform. Zach Nash is a creative manager for the City. He said they were being hit from Russia, China, and the United States by hundreds of computers infected by bots designed to send so much information to a network or a server that legitimate web traffic is blocked. “There was a Twitter account that said they were taking responsibility for it. They didn’t say why they were,” Nash said. Oklahoma City IT staff is working to get software installed to block any future attacks. “With the security world, there’s nothing that’s foolproof, but we’re trying to take steps to prevent this from happening again,” Nash said. So far there’s no evidence residents’ personal or confidential information was accessed. “Right now we know that it was a denial-of-service attack, which is different from a hack,” Nash said. “But we are monitoring that traffic and making sure, and if we do find out that happened, we will let people know as quickly as possible and take steps to mitigate that.” Source: http://kgou.org/post/oklahoma-citys-website-hit-two-denial-service-attacks

Read More:
Oklahoma City’s Website Hit With Two DDoS Attacks

Image icon1.png

DDoS attacks losing companies business opportunities

Research said organisations fear losing contracts and ongoing business as a consequence Research by Kaspersky has revealed businesses  fear losing clients as a result of DDoS attacks, although the construction industry is more concerned about the cost of eradicating threats. A survey conducted by the security firm in partnership with B2B International revealed 26 per cent of companies  thought the problems caused by such attacks were long-term, meaning they could lose current or prospective clients as a result. 23 per cent said they were concerned a DDoS attack would cause reputational issues, while 19 per cent thought the risk of losing current customers who were not able to access services as a result of an outage was the biggest threat to business . The research revealed that only 37 per cent of the companies surveyed had measures already in place to protect against DDoS attacks. Evgeny Vigovsky, head of Kaspersky DDoS Protection at Kaspersky said: “ People who have not yet faced a particular threat often tend to underestimate it while those who have already experienced it understand which consequences might be the most damaging for them. “However, it makes little sense to wait until the worst happens before acting – this can cost companies a lot, and not only in financial terms. That is why it is important to evaluate all possible risks in advance and take appropriate measures to protect against DDoS attacks.” Of those surveyed, the majority of telecoms, e-commerce, utilities, utilities and industrial companies viewed the loss of business as the main DDoS risk, while construction and engineering verticals explained they were concerned about the cost of implementing  backup systems most. Source: http://www.itpro.co.uk/security/24245/ddos-attacks-losing-companies-business-opportunities

More here:
DDoS attacks losing companies business opportunities

Anonymous to BBC: Bring back Clarkson, threatens DDoS attack

The recent story involving our favorite power-mad petrol head Jeremy Clarkson’s suspension from the BBC has us all on the edge of our seats, as this latest controversy not only puts his future on Top Gear on shaky ground, but jeopardizes the show’s future in general. Many people have shown him support, from an online petition to British Prime Minister David Cameron saying he’s a fan. Clarkson’s got friends in high places, it seems, but according to a report, he’s got friends in low places, too. To recap how this all started, Clarkson allegedly threw a punch at a Top Gear producer during a “fracas” over not being served the dinner he wanted after a long day’s shoot. This has resulted in his suspension from the BBC along with the final three episodes of the show postponed indefinitely. Among the buzz of supporters, The Mirror is reporting that the activist group Anonymous has threatened the BBC with a DDoS attack if Clarkson isn’t reinstated. This kind of internet attack overwhelms a website with traffic requests, effectively shutting it down. The report claims that an open letter to the BBC made these claims, branding the hacker mission as #OpBringBackClarkson saying “You don’t wanna piss off 300 million people…” and “BBC you are warned… DDOS cannons will fire if you don’t comply.” Sounds like Ol’ Clarkson has the might of internet justice behind him, doesn’t it? A closer look tells a slightly different story. First off, there’s hardly an official source for a group called Anonymous for the obvious reasons, so its hard to peg for sure when someone is speaking on the organization’s behalf. Usually, associated twitter accounts like @YourAnonNews, which has over a million followers, indicate what’s trending amongst the cabal, and #OpBringBackClarkson really isn’t up there. Like, at all. As of this writing, eleven people have used the hashtag on twitter. Eleven. Looking at many of the Anonymous-branded twitter accounts and websites reveal that their uproar is more focused on things like the recent Ferguson protests and other serious issues of violence across the globe. Nobody is really talking about their favorite car show host. The Mirror’s article posts what seems to be the one Anonymous-related twitter post regarding the incident, but its handful of followers and tweets, in comparison to sources like @AnonyOps make it seem like an Anonymous fan rather than the voice of a movement. Surely then, this “open letter” would have more information? It might if you can find it. For all this talk of an open letter, any searches and stories posted simply refer back to the original Mirror article, with no links going to the BBC-directed open letter. In fact, after searching for hours, the only way we found it was to tweet the author of the post himself, who shared with us this link: http://pastebin.com/Kau1eP6N The letter doesn’t say much else beyond what we quoted above, save for linking to the Change.org petition and the recanting of Anonymous “we are legion” maxim. Pastebin is a great way to anonymously post text, but it doesn’t really work as an open letter forum unless you get the word out, and none of the Anonymous people are doing that, just The Mirror. We’re wondering if the BBC has even seen this. Again, the tricky thing about dealing with a group called Anonymous is, well, they’re anonymous. We’re not suggesting that this threat is false, but the evidence indicating that it might be is sketchy at best. Source: http://www.digitaltrends.com/cars/anonymous-to-ddos-attack-the-bbc-site-over-clarkson/

Continued here:
Anonymous to BBC: Bring back Clarkson, threatens DDoS attack

Bitcoin Mining Pools Targeted in Wave of DDOS Attacks

AntPool, BW.com , NiceHash, CKPool and GHash.io are among a number of bitcoin mining pools and operations that have been hit by distributed denial-of-service (DDoS) attacks in recent days. The incidents appear to have begun in the first week of March. For example, on 11th March, AntPool owner Bitmain sent an email to customers disclosing the DDoS attacks and advising external pool users to set up failsafe pools in the event of an outage. According to many of the companies affected by the incidents, those behind the attacks demanded payment in bitcoin in return for stopping the attacks. BW.com alerted customers via its official blog to possible service disruptions owing to oattacks, but did not say whether or not a ransom notice had been sent. Other pools took to Bitcoin Talk to warn users about the DDOS attacks. GHash.io operator CEX.io suggested that affected pools are seeing escalating DDoS threats, and said that the source of recent attacks on its pool came with increasing ransom demands. A spokesperson for CEX.io told CoinDesk: “The attack has been conducted by a hacker who has already DDoSed CEX.IO in October, 2014. Previously, he demanded 2 BTC for stopping the attack. This time, the payment has been raised to 5 to 10 BTC.” At least one other mining pool, NiceHash, also reported sustained DDOS attacks last fall. The alleged source of the DDOS attacks, operating under the name DD4BC, is believed to be behind a number of attacks on digital currency websites and services in the past year. Incidents tied to DD4BC include an attack last year on the digital currency exchange Bitalo that resulted in the posting of a 100 BTC bounty. Following the recent DDOS threats, Bitmain contributed an additional to the bounty. Disruptions likely to continue Affected pools say they have moved to boost in-house defense mechanisms in light of the attacks, but some have warned that future outages may likely occur. Bitmain said that its other services, including the cloud mining platform HashNest, may also be affected in the coming days. Operators that responded to press queries say they have refused to pay the ransoms and will continue keeping their pools open despite the risk of future DDoS attacks. Some of the pools have conceded that resolving the situation will be difficult owing to the capabilities believed to be possessed by the source of the attacks. Bitmain’s Yoshi Goto noted that the attacks appear to be systematic and acknowledged that it remains unclear when the situation will be completely resolved. “It is a cat and mouse game now but we will do our best,” he said. CoinDesk will continue monitoring the developments and post updates as they become available.  Source: http://www.coindesk.com/bitcoin-mining-pools-ddos-attacks/

See more here:
Bitcoin Mining Pools Targeted in Wave of DDOS Attacks

CloudFlare launches nameserver DDoS shield

Hosed and hapless hosters to hide from hackers CloudFlare has launched a DNS proxy service it says will help organisations improve DNS resilience by pushing distributed denial of service attacks to the outer edge of its network.…

More here:
CloudFlare launches nameserver DDoS shield

DDoS attack targets Femsplain on International Women’s Day

Feminist blog Femsplain was taken offline earlier today by a distributed denial of service (DDoS) attack, according to the site’s founder, Amber Gordon. She tells The Verge that the site was offline for roughly three hours before service returned intermittently late Sunday afternoon on the East Coast. The timing seems far from random: today is International Women’s Day. In a tweet, Gordon — best known online as @missambear — shared a screenshot showing the massive influx of traffic from the DDoS attack. Such attacks overwhelm the servers that host websites with a avalanche of requests. According to Gordon, these sorts of attacks are not rare. “We constantly have people attacking us and attempting to bring our website down. It’s unfortunate but the reality of our mission.” She added in comments to The Verge that prior attacks are “never to this severity and I think it’s because it’s International Women’s Day.” Social media accounts taking credit for the attack used the hashtag #internationalwomensday, suggesting the harassment is tied to today’s date. The blog started up late last year as a place for women to discuss topics from online harassment to Gamergate. It has a group of female contributors who publish stories to the site. It also shares reader submissions. Gordon says that “our community is so vocal about supporting us that tons of people were sending messages out on social media to raise awareness that this was happening.” She added, “unfortunately it happened on a day that’s meant to celebrate women.” Source: http://www.theverge.com/2015/3/8/8171269/ddos-attack-targets-femsplain-on-international-womens-day

Excerpt from:
DDoS attack targets Femsplain on International Women’s Day

Sony, Microsoft, and Nintendo Are Working Together to Stop DDoS Attacks

We may all have different gaming preferences, but we can probably all agree that DDoS attacks suck. Whether it’s the PlayStation Network or Xbox Live that goes down, seeing services get targeted by code junkies for their own selfish entertainment is never nice; at the end of the day, we all just want to enjoy our games – regardless of which platform we’re playing on. We’re pleased to learn that Sony, Microsoft, and Nintendo are all in constant communication about how to mitigate the impact of these irritating attacks, then. “I don’t think that it’s great when the PSN goes down,” Xbox chief Phil Spencer told Game Informer magazine. “It doesn’t help me. All it does is put the fear and distrust from any gamer that’s out there, so I look at all of us together as this is our collective opportunity to share what we can about what we’re learning and how things are growing. Those conversations happen, which I think is great.” Slightly muddled sentences aside, we really like what Spencer’s saying here: DDoS attacks are incredibly difficult to defend against, so maybe it’s going to take all three companies working together to prevent them from causing so much damage. There hasn’t been a problem on the PSN for a few months now, so hopefully a few corners have been turned behind closed doors. Source: http://www.pushsquare.com/news/2015/03/sony_microsoft_and_nintendo_are_working_together_to_stop_ddos_attacks

Read the article:
Sony, Microsoft, and Nintendo Are Working Together to Stop DDoS Attacks