Tag Archives: denial of service

Anonymous Knocks Pro-Nazi Websites Offline with DDoS Attacks

Anonymous hackers decided to commemorate the 70th anniversary of the defeat of Nazi forces in 1945, by Anonymous Sweden deciding to knock pro-Nazi websites offline in motion of the 70 year old victory. Hacktivists in Sweden took it upon themselves to celebrate the 70th anniversary of the victory over Nazi forces in Germany by knocking offline pro-Nazi affiliated domains hosted exclusively by Swedish companies. Targets were limited but extremely well known with well-over hundreds of thousands of monthly visitors. Specific targets included nordfront[dot]se and svenskarnasparti[dot]se, which were both taken offline by a large Distributed Denial of Service (DDoS) Attack and have been inaccessible for several days. The domains remain offline during the time of writing this article and were initially taken offline mid afternoon Friday. Depending on the size of the attack, the domains could remain offline and inaccessible for several days as they have been already. Anonymous Sweden announced their news on Pastebin, with a letter to pro-Nazi websites that were apart of their targeted attack, stating: Today it’s 70 years since nazi-Germany fell. But nazis is still marching in Europe.. Attacking peaceful protesters and spreading fear across the world. It is our duty to remember what happend and never let the horrors be forgotten.. It is our duty to fight nazism. Today we Will wipe the nazis of the webs! Main targets Www.nordfront.se Server info : Apache/2.2.22 (Debian) mod_fcgid/2.3.6 mod_ssl/2.2.22 OpenSSL/1.0.1e IP: 176.10.250.104 is their dotted decimal Www.svenskarnasparti.se Server info: its a worldpress site with cloudfare “Protection” We are Anonymous We do not forgive We do not forget Hitler-fan boys, its time to expect us! /Anonymous Sweden with friends! Special thanks to PH1K3 United as one divided by zero Anonymous started their attacks May 8th, and the domains are still offline nearly 48 hours later. The Swedish collective did not note any specific groups for taking part other than releasing the news via pastebin. We will keep you updated. Source: http://freedomhacker.net/anonymous-knocks-pro-nazi-websites-offline-ddos-attack-4106/

Link:
Anonymous Knocks Pro-Nazi Websites Offline with DDoS Attacks

Hacker Group DD4BC New DDos Attacks

DD4BC Launches New Wave Of DDoS Attacks The extortionist group DD4BC is believed to be connected to a new wave of distributed denial of service (DDoS) attacks against organizations based in Australia, New Zealand, and Switzerland. The group is asking for 25 BTC from those affected in exchange for giving up the flood of inbound data that has resulted in the recipient sites becoming inaccessible. Recently, DD4BC was mentioned in a warning published by the Swiss Governmental Computer Emergency Response Team (GovCERT). GovCERT is a branch of MELANI, a national agency that deals with cyber security issues. The warning read: “In the past days MELANI / GovCERT.ch has received several requests regarding a distributed denial of service (DDoS) extortion campaign related to ‘DD4BC’.” As per the New Zealand government, the extortion attempts seemingly begin with a short DDoS attack that is meant to reflect the possible impact after the ransom demand has been made. DD4BC has been linked to previous attacks on digital currency websites and businesses. The attacks include extortion attempts made against various well-known mining pool operators. GovCERT confirmed that it had so far received reports from several high profile targets, stating that some of the organizations were the victims of a wave of DDoS attacks. DD4BC’s activity has been on the rise recently, with the new wave of attacks beginning at the start of March. “ While these attacks have targeted foreign organizations in the past months, we have seen an increase of activity of DD4BC in Europe recently. Since earlier this week, the DD4BC Team expanded their operation to Switzerland, ” stated GovCERT. GovCERT also asked those affected by the attacks to not pay the ransom. Rather the agency has advised victims to file a police report and seek additional mitigation support from their Internet service provider. The news of the New Zealand attacks became public at the start of May after the New Zealand National Cyber Security Centre (NCSC) issued a warning regarding DDoS attacks on local organizations. While the agency did not specify who the perpetrator behind the attacks was, it did confirm that an investigation into the attacks was ongoing. Barry Brailey, chairman of Cybersecurity nonprofit New Zealand Internet Task Force, confirmed the link between DD4BC and the recent DDoS attacks in New Zealand. “ Yes, [the series of attacks] appears to be linked to the group/moniker ‘DD4BC’, ” he said. Other companies who have fallen victim to the group include BitBay, BitQuick, Coin Telegraph, Expresscoin, and Bitalo- who created a 100 BTC bounty after it was attacked. Source: http://bitcoinvox.com/article/1674/hacker-group-dd4bc-new-ddos-attacks

Read the original:
Hacker Group DD4BC New DDos Attacks

Dukascopy Server Crash on Wednesday Caused by DDoS Attack

The company has contracted a third party specializing in such threats in order to prevent further attacks from happening S wiss Dukascopy Bank was a target of a distributed denial-of-service (DDoS) attack yesterday, a company spokesperson shared with Finance Magnates’ reporters. The server crash prompted a number of the brokerage’s clients to take to social media in order to establish what the issues were with the website and the demo and real accounts servers of the firm. Additionally, the company detailed that the outage lasted an hour and thirteen minutes. A company spokesperson stated to Finance Magnates reporters, “As you may know yesterday starting from 12:31 GMT to 13:44 GMT Dukascopy servers were down due to a DD0S attack.” The DDoS attack was successfully mitigated and we expect that it will not be repeated “The DDoS attack was successfully mitigated and we expect that it will not be repeated. Protection measures have been implemented, including enabling third party services specializing on such kind of threats.” As stated above, the company has turned to a third party contractor in order to alleviate the risks associated with any further DDoS attack. Financial services institutions are frequent targets of DDoS attacks, however the companies most frequently suffering are banks or credit card payment gateways. In the earlier stages of online business, threats about DDoS attacks have been unlawfully used by some outfits to blackmail their competitors. Our reporters have heard about similar criminal practices remaining in play in more recent cases in the industry. Both binary options providers and brokers have been targets of similar attacks in recent years. As for Dukascopy, it is business as usual on the company’s platforms today, while the euro is hitting fresh 1-month highs against the U.S. dollar and the British pound. Source: http://www.financemagnates.com/forex/brokers/dukascopy-server-crash-on-wednesday-caused-by-ddos-attack/

Follow this link:
Dukascopy Server Crash on Wednesday Caused by DDoS Attack

DOSarrest External Monitoring Service launches iOS and Android App

VANCOUVER , April 8, 2015 /PRNewswire/ – DOSarrest Internet Security, a fully managed cloud based DDoS protection service, today announced that their DOSarrest External Monitoring Service (DEMS), a real-time website monitoring tool, launches a new iOS and Android application for clients. This application is a complimentary service to all DOSarrest clients who are subscribed to DOSarrest’s industry leading DDoS protection service. The new mobile application on iOS and Android will allow clients to easily access and view their website(s) status and performance in real-time 24/7/365, as well as enable them to historically view all of the statistics for up to 1 year from 8 globally distributed sensors. Jag Bains, CTO of DOSarrest says “This application is beneficial to all of our clients who have a mission critical website that requires 100% uptime. Unlike other monitoring services, this service is fully managed 24/7/365. Should anything unexpected occur, our engineers will investigate, pinpoint and advise the client on a solution in near real-time. No other vendor in this industry offers this level of customer service.” “We have a number of clients who depend on this service and some have subscribed to it that aren’t even using our DDoS protection service,” says Mark Teolis , CEO of DOSarrest. “With the new mobile application, in one click on your smart phone, you can view what sites are up or down and why in real-time, whenever and wherever you are. It’s like the laptop version in your pocket.” Teolis adds “As I far as I know, no other DDoS protection service or CDN offers any such complimentary service that compares to our External Monitoring Service, with 8 globally distributed sensors completely independent of any of our scrubbing nodes.” About DOSarrest Internet Security: DOSarrest founded in 2007 in Vancouver, B.C. , Canada , is one of only a couple of companies worldwide to specialize in cloud based DDoS protection services .  Additional Web security services offered are Cloud based W eb A pplication F irewall (WAF), V ulnerability T esting and O ptimization (VTO) as well as cloud based global load balancing. SOURCE: http://www.prnewswire.com/news-releases/dosarrest-external-monitoring-service-launches-ios-and-android-app-499026641.html

Read More:
DOSarrest External Monitoring Service launches iOS and Android App

Michigan High School Student Facing Charges After lauching DDoS attack on School Network

A student at Monroe High School in Monroe, Michigan, was recently caught conducting a distributed denial of service attack (DDoS), and Monroe Public Schools Superintendent Barry Martin says the district will be pressing charges. Over a period of two weeks, the unnamed student managed to take the network down for ten to fifteen minutes at a time during the school day. This had a heightened effect on the district, as modern-day high schools rely heavily on the Internet for administration as well as classroom instruction. “We are so reliant on the Internet that we can’t afford to have down time,” said Stephen McNew, the superintendent of the district in which the student attended school. No Sensitive Data Compromised Despite having success at being disruptive, an act that the student considered to be a prank, no sensitive documents, e-mails, or files were ever compromised, which should contribute greatly to his defense. Merely disrupting communications is far less of a crime than is stealing sensitive information about other students or private communications between staff members. “A Good Student” Barry Martin called the alleged hacker “a good student” in comments to the Monroe News but said that this act could not be tolerated, and charges would be filed. DDoS is a federal felony, but from the sounds of it, the FBI has not yet been involved in the case. It is taken very seriously when the targets are larger organizations or government institutions, and ordinarily those who are serious about conducting DDoS attacks are careful to cover their tracks. It is not yet evident how the student was found to be a suspect in the case, but in the town of roughly 20,000 people, the pool of likely suspects is rather slim. The profile would be a student with high grades and extreme computer aptitude. This would make the pool of likely suspects even smaller. The way that high schools often conduct such investigations, the student would have been brought in front of a police officer and interrogated until he confessed. Like as not, school officials would pretend to know already that he was guilty, and he would confess. Equally as likely, the student bragged about it to another student, who then turned him in. Another thing that the administrators said about the student was that he probably didn’t know the seriousness of what he was doing. This is in line with existing research that has concluded that adolescents are less likely to consider the consequences of their actions before taking them. Locals Have Mixed Feelings Many locals on the Monroe News Facebook page felt that a felony would be too stern a response for the gifted student’s prank. After all, in the end, the one thing he illustrated was that the school district had a weak network infrastructure that needs upgrading. Especially if, as administrators have said, they are extremely reliant on the Internet in daily teaching. Source: https://hacked.com/michigan-high-school-student-facing-charges-ddosing-school-network/

View post:
Michigan High School Student Facing Charges After lauching DDoS attack on School Network

DDoS attack targets Femsplain on International Women’s Day

Feminist blog Femsplain was taken offline earlier today by a distributed denial of service (DDoS) attack, according to the site’s founder, Amber Gordon. She tells The Verge that the site was offline for roughly three hours before service returned intermittently late Sunday afternoon on the East Coast. The timing seems far from random: today is International Women’s Day. In a tweet, Gordon — best known online as @missambear — shared a screenshot showing the massive influx of traffic from the DDoS attack. Such attacks overwhelm the servers that host websites with a avalanche of requests. According to Gordon, these sorts of attacks are not rare. “We constantly have people attacking us and attempting to bring our website down. It’s unfortunate but the reality of our mission.” She added in comments to The Verge that prior attacks are “never to this severity and I think it’s because it’s International Women’s Day.” Social media accounts taking credit for the attack used the hashtag #internationalwomensday, suggesting the harassment is tied to today’s date. The blog started up late last year as a place for women to discuss topics from online harassment to Gamergate. It has a group of female contributors who publish stories to the site. It also shares reader submissions. Gordon says that “our community is so vocal about supporting us that tons of people were sending messages out on social media to raise awareness that this was happening.” She added, “unfortunately it happened on a day that’s meant to celebrate women.” Source: http://www.theverge.com/2015/3/8/8171269/ddos-attack-targets-femsplain-on-international-womens-day

Excerpt from:
DDoS attack targets Femsplain on International Women’s Day

Register for DDoS Protection and Response Strategies Webinar!

  As cyber-criminals innovate and develop new techniques to tackle defensive methods, it has never been more important for information security professionals to have strong, proactive defense and remediation strategies in place. During this webinar, the speakers will share insight on how to address the risks and respond to attacks. Hear about the evolution of and motivations behind DDoS attacks and the attack vectors exploited Discover how to implement multi-layered DDoS defense Identify best practice detection and classification techniques Discover how to implement resilient DDoS incident response practices Date: November 12th 2014 Time: 10:00AM EST/15:00 GMT Click here to register !

See more here:
Register for DDoS Protection and Response Strategies Webinar!

Report on China’s underground services for DDoS Attacks

After analyzing trends in the Chinese underground, Trend Micro found that activity in the marketplace doubled between 2012 and 2013. Upon an even closer look, researchers at the firm also found that the most coveted tools and services in the underground were compromised hosts, remote access trojans (RATs) and distributed denial-of-service (DDoS) attack services. Trend Micro’s new research paper, “The Chinese Underground in 2013,”(PDF) detailed criminal activity facilitated in the space, and in a Thursday interview with SCMagazine.com, Christopher Budd, global threat communication manager at the company, said that, among the products, compromised hosts were most sought after. In the report, Trend Micro defined “compromised hosts” as client workstations or servers that cybercriminals “have gained command and control of” without the owners’ consent. “That makes sense, because the compromised host is a multi-tasker,” Budd said. “It’s kind of a like a Swiss army knife – you can do multiple things with it.” The report also highlighted the going rate last year for popular black market services. Distributed denial-of-service (DDoS) offerings, for instance, were offered for anywhere from $16 per day to nearly $500 for a “lifetime” DDoS toolkit rental, the report revealed. Researchers also monitored underground activity centered around mobile attacks. Trend Micro found that the most in demand offerings were SMS spamming services, SMS servers and premium service numbers. Overall, the report noted that the increased activity in the China’s underground took into account, both the number of participants and the number of product and services offerings in 2013. In his interview, Rudd also noted that attacks, facilitated through shady transactions in China’s underground market, were most often aimed at other users in the country – an ongoing trend that will likely continue. “The participants in the Chinese underground looking inward, and the Russian underground looking outward [in attacks], has been a consistent trend,” Budd said. “And partly, that’s linguistic, because the people in the Chinese underground market [products and services] in Chinese as opposed to English – [but] it’s a combination of cultural and linguistic factors,” he said. Source: http://www.scmagazine.com/report-chinas-underground-activity-doubled-last-year/article/369849/

See the original article here:
Report on China’s underground services for DDoS Attacks

Amazon cloud infested with DDoS botnets

Security researchers have found yet another exploit on the Amazon cloud computing platform through the Elasticsearch distributed search engine tool. According to analysis, hackers are able to gain access to the search engine to deploy a battalion of botnets on Amazon cloud. The vulnerability should be a cause of alarm and, therefore, merits the attention of enterprises because it could manipulate Amazon cloud platforms in an attempt to launch distributed denial of service attacks against hundreds of thousands of websites. Amazon cloud users can a representational state transfer API to search various documents through Elasticsearch, an open-source search engine server built based on Java. It is more popular among cloud environments for its distributed architecture that enables multiple nodes. Researchers found security issues on the versions 1.1.x of Elasticsearch because its API scripting lacks a mechanism to authenticate access and a sandbox security infrastructure. Therefore, anyone, including hackers, can penetrate Elasticsearch just so easy. After that, attackers could carry out several malicious activities using Elasticsearch’s scripting capability such as carrying out arbitrary code on the server. As of now there is no patch coming from the developers of Elasticsearch. Nonetheless, versions 1.2.0 and up are safe from being exploited by hackers. New offshoots of Mayday Trojan for Linux has been spotted over the past week and the malware already launched DDoS attacks against targets DNS amplification. A Mayday variant was reported to be running on an Amazon server that has been compromised through the Elasticsearch exploit, though there are other platforms that could have been potentially manipulated. However, the Mayday variant did not resort to DNS amplification on the compromised EC2 instances. Instead it was used to launch attacks by flooding several websites with UDP traffic. As a result, many regional banking institutions in the United States and electronics companies in Japan had to transfer their IP addresses to DDoS mitigation service vendors. The Amazon EC2-run virtual machines were also reported to have been attacked by hackers through a CVE-2014-3120 exploit in the 1.1.x versions of Elasticsearch. Researchers observed that many commercial enterprises still use those versions. According also to security researchers, attackers have changed proof-of-concept exploit code for CVE-2014-3120 to install a Web shell developed based on Perl. A Web shell is a script that enables hackers to deploy Linux shell commands backdoor through the Web. The script was then further manipulated to download a fresh variant of the Mayday DDoS botnet. Amazon has already notified its customers about the issue. Source: http://www.techwalls.com/amazon-cloud-infested-ddos-botnets/

See more here:
Amazon cloud infested with DDoS botnets

17-Year-Old Behind Norway DDoS Attacks This Week

On Thursday, the Norwegian police have arrested and charged a 17-year-old in connection to the recent massive distributed denial-of-service (DDoS) attacks directed at major financial institutions and other businesses in the country. The teen, from the city of Bergen, on Norway’s west coast, claimed to be part of the hacktivist group Anonymous Norway, who, in a Twitter message, dismissed any connection to him or the DDoS incidents. On the day of the attack, the teenager sent a letter to the media, claiming to be part of Anonymous and saying that “the motivation behind the current attacks and the next attacks in the future is to get the community to wake up. The number of major IT security attacks is increasing and there is nothing being done to prevent such events.” Evidence that Anonymous Norway was not involved in the incidents is the fact that the boy joined the group’s Facebook page on the same day of the attack. Furthermore, the hacker outfit provided a Pastebin link in a new tweet, pointing to the identity of the perpetrator; they did not create the post, just scooped it up. Initially, the youngster was charged with gross vandalism, which carries a maximum prison sentence of six years in Norway. However, since he has no record and is still a minor, this should be greatly reduced. According to News in English, Frode Karlsen of the Bergen police told Norwegian Broadcasting that the authorities are taking the matter seriously because this sort of attack can have significant impacts on society, like individuals not being able to reach emergency services in case they needed help. After his arrest, the teen cooperated in the investigation and clarified the nature of his actions. His defense lawyer stated that “he’s sorry for having caused all this and has laid his cards on the table.” The DDoS attack, which occurred on Tuesday, was considered among the largest ever seen in Norway and leveraged the vulnerable “pingback” WordPress feature. Its increased significance is due to the fact that it targeted layers three (network) and four (transport) of the OSI model, as well as layer seven (application), at the same time. Mitigating an application layer DDoS attack is not too easy, because the requests are directed at the application interface and mimic legitimate behavior, which makes filtering out the bad traffic more difficult. The attack aimed at disrupting the online services of major financial institutions in Norway (Norges Bank, Sparebank 1, Storebrand, Gjensidige, Nordea, Danske Bank), as well as other business, like Scandinavian Airlines (SAS) and Norwegian Air. The website of the largest telecommunications company in Norway, Telenor, was also affected. Source: http://news.softpedia.com/news/17-Year-Old-Behind-Norway-DDoS-Attacks-this-Week-450391.shtml

Read the article:
17-Year-Old Behind Norway DDoS Attacks This Week