Tag Archives: ddos news

Hacker imprisoned for stealing Bitcoin, selling botnet on Darkode

A Louisiana man was sentenced to 12 months and one day in prison for using a computer to steal money, hacking computers to obtain passwords, and attempting to sell information on the online hacking forum known as Darkode. Rory Stephen Guidry, aka k@exploit.im was sentenced by US District Judge Dee D. Drell on one count of obtaining information by computer from a protected computer. He was also sentenced to three years of supervised release. According … More ?

Visit site:
Hacker imprisoned for stealing Bitcoin, selling botnet on Darkode

Darkode Bitcoin bot bandit gets year and a day in US cooler

Cops find 5000 stolen active credit cards at carder’s crib Darkode bot bandit Rory Stephen Guidry has been sentenced to a year and a day in prison for selling a botnet containing 5000 enslaved machines, and stealing US$80,000 (£72,069, A$111,728) in Bitcoins and 5000 active credit cards.…

View article:
Darkode Bitcoin bot bandit gets year and a day in US cooler

Anonymous is 2016’s top trending hacktivist group

Anonymous emerges as the leader in 2016’s Trending Hacktivist Groups Anonymous continued to remain at the top in the top trending hacktivist group, says SurfWatch Labs based on the data collected on threat intelligence and social media hype. The hacktivist group was followed by Turk Hack Team (THT), New World Hacking (NWO), and Ghost Squad Hackers. In comparison to other years, the data shows that hacktivism has decelerated and lost its impetus but still has managed to cause enough damages to gather mainstream media attention. The government agencies were hit the most by hacktivism campaigns says the security firm with the most publicity having been created around the now-notorious COMELEC hack by Anonymous Philippines and Lulzsec Philippines, during which information for around 50 million Filipino voters were disclosed. Other than this incident, at the start of the year, the hacktivist groups created a lot of attention to their causes via the massive DDoS attack on BBC, the DDoS attacks on Donald Trump’s websites part of #OpTrump, the DDoS attacks on the Bank of Greece part of #OpIcarus, and the ones on Nissan part of #OpKillingBay. The Bank of Cyprus, the pulling down of ISIS Twitter profiles followed by the Belgium attacks, and the leak of data from NASA’s internal network were some of the other small hacktivism incidents that also managed to garner a lot of attention to causes and the groups behind them. During the first months of 2016, the top five hacktivism campaigns were #OpTrump, #OpKilling Bay, #OpWhales, #OpIsrael, and #OpAfrica. Since #OpIcarus was supposed to last for the entire month of May, it was not included in the list. However, the campaign is sure to become a support in Anonymous’ standard operations. Former big names such as the Syrian Electronic Army (SEA) and Lizard Squad seem to have disappeared with no or little activity from its members, points out SurfWatch Labs in its report. Looks like the SEA group members are perhaps busy avoiding getting arrested considering that the US has filed former charges against members of the group. Source: http://www.techworm.net/2016/05/anonymous-2016s-top-trending-hacktivist-group.html

See the original article here:
Anonymous is 2016’s top trending hacktivist group

Cybercriminals add DDoS component to ransomware payloads

Instead of just encrypting data files on a workstation (plus any network drive it can find) and locking the machine, a new variant of the Cerber ransomware is now adding a DDoS bot that can quietly blast spoofed network traffic at various IPs, according to KnowBe4. This is the first time DDoS malware has been bundled within a ransomware infection. It means that while the victim is unable to access their endpoint, that same endpoint … More ?

Read this article:
Cybercriminals add DDoS component to ransomware payloads

Password reuse bot steals creds from weak sites, logs in to banks

If your Netflix password is your banking password, you’ll get what you deserve The perils of password re-use have been laid bare with the discovery of a botnet dedicated to finding account credentials on websites and testing the logins it finds on banks.…

Continue reading here:
Password reuse bot steals creds from weak sites, logs in to banks

Jaku: Analysis of a botnet

In May 2016, the Special Investigations team at Forcepoint revealed the existence of a botnet campaign that is unique in targeting a very small number of individuals while in tandem, herding thousands of victims into general groups. The discovery, known as Jaku, offers vital insight into the workings and characteristics of a botnet, as well as specific understanding of a targeted attack that differs from the scattergun approach of broader botnet activities. It also sheds … More ?

View article:
Jaku: Analysis of a botnet

Japanese teens DDoS attack takes out 444 school websites

A Japanese teenager was charged on May 11 for allegedly launching a DDoS attack against the Osaka Board of Education, which shut down 444 school websites. The 16-year-old faces obstruction of business charges for the attack, which was carried out last November, and marked the first time in Japan’s history that a cyber attack was launched against a local government, according to Japan Today. The teen said he launched the attack to remind his teachers “of their own incompetence,” according to the publication. The student reportedly told police he wanted to join the hacking collective Anonymous and that he didn’t know that schools other than his own would be impacted. He faces up to three years in prison and a 500,000 yen fine. Source: http://www.scmagazine.com/japanese-teen-launches-massive-ddos-attack-to-remind-teachers-they-are-incompetent/article/496756/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+SCMagazineHome+%28SC+Magazine%29

View article:
Japanese teens DDoS attack takes out 444 school websites

Anonymous teams up with GhostSquad to attack major banks

Anonymous has joined forces with GhostSquad to launch successful cyberattacks on eight international banks that were forced to shut down their websites. The hacktivist collective alongside the hacker group GhostSquad have launched a new operation called Op Icarus which aims to punish corrupt banks and individuals in the financial sector. So far the Central Bank of the Dominican Republic, the Guernsey Financial Services Commission, the Central Bank of Maldives and the Dutch Central Bank were all offline for a brief period on May 6 after being hit with distributed denial of service (DDoS) attacks. A day later, the National Bank of Panama and the Central Bank of Kenya were hit with cyberattacks, followed by the Central Bank of Bosnia and Herzegovina and the Central Bank of Mexico were taken offline as a result of DDoS attacks. All eight of the international banks that have been targeted by Op Icarus have managed to bring their systems back online. Anonymous did send a warning to the banking community in the form of a video that was posted on May 4 which said: “We will not let the banks win, we will be attacking the banks with one of the most massive attacks ever seen in the history of Anonymous”. Members of the group also reportedly told the site Hack Read that: “The National Bank of Panama was a special target considering the importance of the Panama leaks. We want to make sure the corrupt elite named in the papers would be punished one day”. With the addition of the cyberattack against the Central Bank of Greece and the Central Bank of Cyprus, Anonymous has now launched 10 attacks on international banks on its list of 160 potential banks that could be targeted by its members. Anonymous has planned Op Icarus to be a month long campaign against the banking industry as a whole. The US Federal Reserve Bank, the IMF, the World Bank, the New York Stock Exchange and the Bank of England are all listed by the group as potential targets and with more than half of the campaigns’ allotted time remaining, this will most likely not be the group’s grand finale. Source: http://betanews.com/2016/05/12/anonymous-op-icarus/

See the original post:
Anonymous teams up with GhostSquad to attack major banks

Protect your apache server from WordPress Pingback DDoS attacks

A security researcher at SANS Technology Institute put out an advisory around 8 months ago when he discovered that WordPress’s “pingback” functionality contains an exploit allowing it to request a result from any server that an attacker wishes. This vulnerability means that there are thousands of WordPress installations that can be effectively weaponized to conduct floods against any target site of someone’s desire. This particular attack is dangerous because many servers can be overwhelmed with only 200 blogs “pingbacking” their site, clogging up their limited connections and/or resources. To confirm if you are under wordpress pingback ddos attack, check your access logs. $ sudo tail -f /var/log/apache2/access.log Logs will look like this: 74.86.132.186 – – [09/Mar/2014:11:05:27 -0400] “GET /?4137049=6431829 HTTP/1.0? 403 0 “-” “ WordPress /3.8; http://www.mtbgearreview.com” 143.95.250.71 – – [09/Mar/2014:11:05:27 -0400] “GET /?4758117=5073922 HTTP/1.0? 403 0 “-” “ WordPress /4.4; http://i-cttech.net” 217.160.253.21 – – [09/Mar/2014:11:05:27 -0400] “GET /?7190851=6824134 HTTP/1.0? 403 0 “-” “ WordPress /3.8.1; http://www.intoxzone.fr” 193.197.34.216 – – [09/Mar/2014:11:05:27 -0400] “GET /?3162504=9747583 HTTP/1.0? 403 0 “-” “ WordPress /2.9.2; http://www.verwaltungmodern.de” To block wordpress pingback attack in Apache use this configuration. $ sudo nano /etc/apache2/apache2.conf Options -Indexes AllowOverride All Require all granted BrowserMatchNoCase WordPress wordpress_ping BrowserMatchNoCase WordPress wordpress_ping Order Deny,Allow Deny from env=wordpress_ping Source: https://sherwinrobles.blogspot.ca/2016/05/protect-your-apache-server-wordpress.html

See original article:
Protect your apache server from WordPress Pingback DDoS attacks

Viking Horde botnet malware lurks on Google Play

Five apps on Google Play carry Viking Horde, a new malware family that ropes Android devices into an ad-clicking botnet, but can also make them send out spam, send SMS messages to premium-rate numbers, download additional apps, and even participate in DDoS attacks. The discovery was made by Check Point researchers, and they have notified Google about it on May 5, but as I’m writing this, the apps are still available on Android’s official app … More ?

Continue Reading:
Viking Horde botnet malware lurks on Google Play