Tag Archives: internet

It’s 2017, and UPnP is helping black-hats run banking malware

Pinkslipbot malware copies Conflicker for C&C channel Another banking malware variant has been spotted in the wild, and it’s using UPnP to pop home routers to expose unsuspecting home users, recruited as part of the botnet.…

Read the article:
It’s 2017, and UPnP is helping black-hats run banking malware

DDoS attack brings Qatar’s Al Jazeera website to its knees

Hacking attempts come amid diplomatic crisis in the Gulf Qatar-based news network Al Jazeera yesterday said it was being targeted with systematic hacking attempts.…

Original post:
DDoS attack brings Qatar’s Al Jazeera website to its knees

FCC blames DDoS for weekend commentary lockout

Not down to people trying to file comments on issues rhyming with wetsuit balloty, it insists Problems faced by consumers hoping to submit comments to the Federal Communications Commission over the weekend were caused by a denial of service attack, the US government agency admits.…

Continue Reading:
FCC blames DDoS for weekend commentary lockout

FCC blames DDoS for weekend web lockout

Not down to people trying to file comments on issues rhyming with wetsuit balloty, it insists Vid   Problems faced by consumers hoping to submit comments to the Federal Communications Commission over the weekend were caused by a denial of service attack, the US government agency admits.…

More:
FCC blames DDoS for weekend web lockout

Mysterious Hajime botnet has pwned 300,000 IoT devices

The Dark Knight of malware’s purpose remains unknown Hajime – the “vigilante” IoT worm that blocks rival botnets – has built up a compromised network of 300,000 malware-compromised devices, according to new figures from Kaspersky Lab.…

Read More:
Mysterious Hajime botnet has pwned 300,000 IoT devices

Blame the US, not China, for the recent surge in massive cyberattacks

The internet’s new scourge is hugely damaging global attacks that harness armies of routers, cameras, and other connected gadgets—the so-called Internet of Things (IoT)—to direct floods of traffic that can take down swaths of the network. The blame so far has largely fallen on the Chinese manufacturers who churn out devices with shoddy security on the cheap. But all those devices have to be plugged in somewhere for them to used maliciously. And American consumers are increasingly the ones plugging them in. Nearly a quarter of the internet addresses behind these distributed denial-of-service, or DDoS, attacks are located in the United States, newresearch from network services firm Akamai has found. Some 180,000 US IP addresses took part in DDoS attacks in the last quarter of 2016, it found—more than four times as many as addresses originating in China. Akamai’s findings are particularly notable because the armies of hacked devices that carry out DDoS attacks—such as those controlled by the Mirai malware—don’t bother covering their tracks. That means the IP addresses are far more likely to genuinely correspond to a location within a certain country, the report’s authors write. The findings also end an era of Chinese dominance in DDoS attacks. Over the previous year, China has accounted for the highest proportion of IP addresses taking part in such attacks globally. Now the US is the clear leader, accounting for 24% of such addresses. The UK and Germany are a distant second and third. (To be clear, though, wherever the attacking devices’ IP addresses are, the person controlling them could be located anywhere.) The huge number of devices taking part in DDoS attacks in the US means regulation there, and in Europe, could stem the flood of damaging traffic. Of course, IoT regulation is a thorny issue—essentially, no US federal agency really wants to take the problem on—and there remain technical questions over how to actually go about blocking the attacks. Still, it’s a lot clearer now that simply pointing the finger at China isn’t enough. Source: https://qz.com/912419/akamai-akam-report-a-quarter-of-ddos-ip-addresses-are-now-from-the-us/

View article:
Blame the US, not China, for the recent surge in massive cyberattacks

Majority of DDoS Attacks in October-December 2016 Conducted From Germany, UK, US

According to reports, United States, the United Kingdom and Germany became the top three source countries for DDoS attacks in October-December 2016. MOSCOW (Sputnik) – The United States, the United Kingdom and Germany became the top three source countries for DDoS attacks in October-December 2016, an Internet company dubbed Akamai said in report Wednesday, adding that the overall number of attacks in 2016 increased by 4 percent compared to previous year. “The top three source countries for DDoS attacks were the U.S. (24%), the U.K. (10%), and Germany (7%). In the past year, China dominated the top 10 list of source countries. In Q4 2016, China dropped to the fourth position overall, with 6% of traffic,” the State of the Internet / Security Report said. Russia became the fifth country in the list, with 4.4 percent of attacks. “The average number of DDoS attacks remained steady this quarter [October-December 2016] at 30 per target, indicating that after the first attack, an organization has a high likelihood of experiencing another,” the report said. The study notes that the number of IP addresses, used for DDoS attacks, significantly increased in the last quarter of 2016. The report also provides data regarding attacks in January- September 2016, with China, the United States, Turkey and the United Kingdom being the top source countries for attacks. Source: https://sputniknews.com/world/201702151050711562-ddos-atacks-internet/

Visit link:
Majority of DDoS Attacks in October-December 2016 Conducted From Germany, UK, US

University suffers DDoS attack after it’s schooled by own IoT devices

Infected vending machines and light bulbs teach establishment a lesson. A PLACE WHERE late stage teenagers go to drink and make arses of themselves has fallen victim to a denial of service (DDoS) attack of, essentially, it’s own making. Yeah, we are talking about a university. We do not know what university it is, but Verizon’s breach report for 2016 tells us that the mysterious educational establishment, probably in the US, was taken to its knees by a DDoS attack that was brought about by its own bloody Internet of Things (IoT) devices. It’s kinda like that Mirai thing, but on a much smaller, and more personally embarrassingly scale. We like to imagine that a connected toaster and a connected fridge had a fallout and that everything when bits up. According to Bleeping Computer, which has had a cheeky look at the Verizon report, it was a bit more pedestrian than that. “The DDoS attack was caused by an unnamed IoT malware strain that connected to the university’s smart devices, changed their default password, and then launched brute-force attacks to guess the admin credentials of nearby devices,” Verizon says as it explained that something fishy went down. “Hacked devices would start an abnormally high level of DNS lookups that flooded the university’s DNS server, which in turn resulted in the server dropping many DNS requests, including legitimate student traffic. The university’s IT team said that many of these rogue DNS requests were related to seafood-related domains.” The university has placed all IoT devices, such as light bulbs and vending machines, on its separate subnet, or perhaps in a bin. The security industry reckons that this is a signal of the kind of unprotected troubles to come. Naturally. “On the surface this appears to be more of a prank than a sophisticated denial of service attack. However, proving that largescale IoT takeovers are possible should be a wakeup call to those who manage networks rife with unsecure IoT devices,” said Stephen Gates, chief research intelligence analyst at NSFOCUS by way of introduction. “Municipal, Industrial, Commercial, and now Educational infrastructures are becoming more and more vulnerable, because organisations often carelessly deploy IoT without understanding the ramifications of weak IoT security. “In this case the damage appears to be limited, and only inconvenienced users on a campus network. Do the same to a transportation system, a chemical plant, a hospital complex, an E911 system, or an ISP, and the damage could be much, much greater.” Source: http://www.theinquirer.net/inquirer/news/3004579/university-suffers-ddos-attack-after-its-schooled-by-own-iot-devices#

Link:
University suffers DDoS attack after it’s schooled by own IoT devices