Tag Archives: said-on-twitter

Group that attacked Tumblr threatens to DDoS Xbox for Christmas

A new hacking group is taking credit for a distributed denial-of-service (DDoS) attack that took down Tumblr this week. But so far, little is known about R.I.U. Star Patrol other than its motive of attacking for fun. Tumblr went down for more than two hours Wednesday afternoon and R.I.U. Star Patrol contacted Mashable to explain its reason for attacking: “There is no sinister motive,” the group told Mashable.”It’s all for light hearted fun.” The site was first reported offline shortly after 3:15pm ET. The service said on Twitter that some users were experiencing “latency”. Mashable reported that the site was back up for a few minutes around 3:52pm ET but went back down, returning at around 4:22pm ET. Full service was restored around 5:45pm ET. The Mirai connection Some in the security community believe the group carried out the attack using Mirai, malware tied to a record 620Gpbs attack on the website of noted journalist Brian Krebs and the coordinated assault against DNS hosting provider Dyn last fall. That DDoS crippled such major sites as Twitter, Paypal, Netflix and Reddit and shifted the world’s attention to threats against the so-called Internet of Things (IoT) – everyday devices and appliances connected to the web. What happened to Tumblr was a more typical DDoS, but it demonstrates how easy it has become to launch attacks since the source code for Mirai was openly published. In such attacks, a hacker attempts to overload or shut down a service so that legitimate users can no longer access it. Typical DoS attacks target web servers and aim to make websites unavailable. No data is stolen or compromised, but the interruption to the service can be costly for an organization. The most common type of DoS attack involves sending more traffic to a computer than it can handle. There are a variety of methods for DoS attacks, but the simplest and most common is to have a botnet flood a web server with requests. This is called a distributed denial-of-service attack (DDoS). What we know about R.I.U. Star Patrol so far A scouring of the internet produced few details about this hacking group. From what we can tell, its Twitter account (@StarPatrolling) came online on December 13 and that its self-described leader goes by the Twitter handle @ ANTIPEACESP . Gaming news site 7421Max conducted an interview with @StarPatrolling and published it on Youtube. Those interviewed said they plan to launch coordinated attacks against Xbox on Christmas day. Asked about their motive, the hackers said, “We do it because we can.” They claim they are not motivated by money. “We have not been paid a single dollar for what we do,” one of the hackers said. On December 19, 7421Max reported that the group had taken down League of Legends and Warframe servers, and warned in a follow-up tweet that R.I.U. Star Patrol plans to knock down PSN and Xbox Live for Christmas 2016. The group confirmed this in the Youtube video: The threat is going to sting for users who remember the Christmas 2014 DDoS blockage of PlayStation and Xbox systems.   Parents of kids who hope to play their new Christmas presents on Sunday might want to brace themselves for some tears. Source: https://nakedsecurity.sophos.com/2016/12/23/group-that-attacked-tumblr-threatens-to-ddos-xbox-for-christmas/

Excerpt from:
Group that attacked Tumblr threatens to DDoS Xbox for Christmas

Here’s how security cameras drove the world’s biggest DDoS attack ever

DDoS attacks are reaching monster levels that pose a massive threat The record for the biggest DDoS attack ever seen has been broken once again, with an absolute monster of distributed denial of service firepower managing to almost reach the not-so-magic 1Tbps mark. Technically this was actually two concurrent attacks, although the majority of the traffic was concentrated in one, which is the largest ever recorded single blast of DDoS. As the Register reported, Octave Klaba, the founder and CTO of OVH.com, the French hosting company which suffered the attack, said that the assault consisted of two simultaneous barrages of 799Gbps and 191Gbps, for a total of 990Gbps. The previous largest DDoS was the recent 620Gbps effort that hit ‘Krebs On Security’, the website of security researcher Brian Krebs, which was driven by the same botnet of some 150,000+ compromised Internet of Things devices, routers, DVRs and security cameras responsible for this latest volley. Krebs said he was hit in retaliation to an article posted on his blog, although it isn’t clear why OVH.com came under fire. Massive attacks As Klaba said on Twitter, though, it’s hardly uncommon for his company to experience DDoS, and a tweet outlining the attacks suffered by the organisation over a period of four days this month showed 25 separate attacks which all exceeded 100Gbps (including the two mentioned here). Several others were simultaneous (or near-simultaneous) pairs of attacks, too. He further noted that the botnet in question could potentially up its firepower by some 50% compared to the assault his  company  was hit by, tweeting: “This botnet with 145,607 cameras/dvr (1-30Mbps per IP) is able to send > 1.5Tbps DDoS.” Not only are DDoS attacks getting larger in size, but they are also becoming much more frequent according to a VeriSign report we saw back in the spring – this observed that the number of attacks had almost doubled in the final quarter of 2015, compared to the same period in the previous year. Source: http://www.techradar.com/news/internet/here-s-how-security-cameras-drove-the-world-s-biggest-ddos-attack-ever-1329480

Originally posted here:
Here’s how security cameras drove the world’s biggest DDoS attack ever