Tag Archives: ddos news

Planned Parenthood websites downed in DDoS attack

Planned Parenthood websites have gone down and are, according to the main page, undergoing maintenance. In a statement emailed to SCMagazine.com on Thursday, Dawn Laguens, executive VP of Planned Parenthood, said that the Planned Parenthood websites were the target of a DDoS attack. “Today, the Planned Parenthood websites experienced a wide scale distributed denial-of-service (DDoS) attack, a hacker tactic to overwhelm websites with massive amounts of traffic to block any legitimate traffic from getting in,” Laguens said. The websites were back online shortly after the attack, but are scheduled to remain down throughout Thursday for security purposes, Laguens said, adding that during this time visitors are being redirected to the organization’s Facebook pages. Following reports that politically motivated attackers released website databases, Planned Parenthood announced on Monday that it is investigating possible unauthorized access to its systems. Source: http://www.scmagazine.com/planned-parenthood-websites-downed-in-ddos-attack/article/429563/

Taken from:
Planned Parenthood websites downed in DDoS attack

New York Site DDoS attack After Massive Cosby Story Goes Online

At 9PM on Sunday night, New York Magazine published to the web one of its most ambitious and powerful stories of the year, an extended interview with 35 women who have accused Bill Cosby of sexual assault. Within minutes, writers and editors heaped praise on the feature, but later into the night, it mysteriously disappeared, along with everything else hosted at NYMag.com, victim to an apparent denial-of-service attack. On Twitter, accounts identifying themselves as the hackers gave a variety of conflicting and implausible explanations for the attack, ranging from general animosity toward New York City to a personal connection with one of the women involved. The magazine’s only official statement came at 3:32AM: “Our site is experiencing technical difficulties. We are aware of the issue, and working on a fix.” As of press time, the site is still offline. So far, the attack is consistent with a denial-of-service (or DDoS) attack — an unsophisticated flood of traffic that blocks users from accessing a specific address without compromising the site itself. DDoS attacks can be launched cheaply from nearly anywhere, making them a favored tactic for activists and criminals alike. Mitigation techniques have grown more advanced in recent years, but the sheer volume of requests is often enough to knock a site offline or slow response time for days at a time. Denial-of-service actions are occasionally used as cover for more sophisticated attacks, but the vast majority are simple brute force actions, overcome as soon as site managers are able to deploy mitigation measures or, in some cases, comply with extortion demands. But while NYMag.com is still unavailable, the story has continued to proliferate through other channels. New York ‘s Instagram account has published pictures and quotes from four of the women, which the magazine’s Twitter account has continued to promote throughout the outage. A cached version of the story is also available through Archive.org, although not all of the functionality is present. Print distribution of New York has been unaffected by the attack. Source: http://www.theverge.com/2015/7/27/9047765/new-york-magazine-bill-cosby-rape-story-ddos-attack

More:
New York Site DDoS attack After Massive Cosby Story Goes Online

Anonymous says it hacked Canada’s security secrets in retaliation for police shooting of B.C. activist

Hackers with Anonymous say they breached supposedly secure Canadian government computers and accessed high-level, classified national security documents as retaliation for last week’s fatal shooting by the RCMP of a protester in British Columbia. To support their claim, members of Anonymous provided the National Post with a document that appears to be legitimate Treasury Board of Canada notes on federal cabinet funding to fix flaws in the foreign stations of the Canadian Security Intelligence Service (CSIS). The Post has not independently been able to verify the authenticity of the document, marked with a security classification of “Secret.” Anonymous activists say they will disseminate sensitive documents if the officer who shot James McIntyre in Dawson Creek, B.C., is not arrested by Monday at 5 p.m., Pacific time. That threat has also been made on social media and a government source confirms authorities are aware of the threat. Activists say McIntyre was a member of Anonymous. When he was shot he appeared to be wearing a Guy Fawkes mask, often worn by supporters of the global hacktivist collective. Anonymous says it has several secret files. “We do have other documents and files. We are not going to speak to quantity, date of their release, manner of their release, or their topic matter at this time,” a spokesperson for a coterie of Anonymous told the Post in an  interview conducted through encrypted communications. “This will be an ongoing operation with expected surprise as a critical element.” Government computers were breached in stages, over several months, the Anonymous spokesperson said, including during the Distributed Denial of Service (DDoS) attacks last weekend, organized in protest of the shooting. (DDoS is when multiple hijacked computers tie up the resources of a web site so the public cannot access it.) After the DDoS attacks, Public Safety Minister Steven Blaney told reporters that no personal information or government secrets were compromised. Jeremy Laurin, a spokesman for the minister, could say little about the veracity of the document or its response to the threat by Friday evening. “We are monitoring the situation closely,” said Laurin. “Our government takes cyber security seriously and operates on the advice of security experts.” The government has promised $235 million funding for a cyber-security ?strategy designed to defend against electronic threats, hacking and cyber espionage, he said. On Wednesday the minister said $142 million of that is to enhance security at several agencies, including the RCMP and CSIS. A well-placed government source said, “There has not been a hack of CSIS,” but was unable to say if other departments could make the same claim. Anonymous says the minister is incorrect in his assessment of recent cyberattacks. “In fact, part of what we were doing at that point were final penetration tests, not just for the Canadian government, but also with how the media would respond to Anonymous attacks,” the Anon spokesperson said. This purported hack is far different and more serious than the previous stream of aggressive online activity over the shooting that targeted police web sites and British Columbia’s hydro electric industry, both considered soft targets. If the Anonymous claim is accurate, it suggests a deeper penetration of a higher echelon of government computer containing far more sensitive information. The document provided to the Post outlines a meeting dated Feb. 6, 2014, regarding progress in upgrading cyber security at CSIS, Canada’s spy agency, to be monitored by the Communications Security Establishment Canada, two of Canada’s most secretive organizations. The paper discusses cabinet approval of millions of dollars to “extend the Service’s (CSIS’s) secure corporate network environment to its foreign stations.” The project was over budget, the document says, “due largely to increased information security requirements to address recent unlawful disclosures of classified material (i.e. Delisle, Snowden).” Jeffrey Delisle is a former Canadian naval officer who sold military secrets to Russia until his arrest in 2012. Edward Snowden is a former U.S. National Security Agency analyst who leaked classified documents revealing large-scale global surveillance in 2013. The document from Anonymous says the current CSIS system uses “inefficient and labour intensive data-processing and analysis systems to process and report intelligence information obtained at it foreign stations … These outdated processes result in delays that impact the Service’s operational effectiveness and jeopardizes the security of its personnel.” The new system was tested at two foreign stations and is expanding to CSIS’s 25 foreign stations, the document says. The sample document was provided to the Post with some elements redacted because the hackers were unsure what the markings mean and are concerned it could identify which machine or machines may have been compromised, the Anon spokesperson said. Source: http://news.nationalpost.com/news/canada/anonymous-says-it-hacked-canadas-security-secrets-in-retaliation-for-police-shooting-of-b-c-activist

Follow this link:
Anonymous says it hacked Canada’s security secrets in retaliation for police shooting of B.C. activist

Bitcoin Extortion Campaigns Expanding DDoS Attacks to a Wider Array of Business Sectors

Recent FBI investigations and open source reporting reveal that extortion campaigns conducted via e-mails threatening Distributed Denial of Service (DDoS) attacks continue to expand targets from unregulated activities, such as illegal gaming activity, to now include legitimate business operations. The increase in scope has resulted in additional attacks with Bitcoin ransom amounts trending upwards as well. First identified approximately one year ago, Bitcoin extortion campaigns originally focused on targets unlikely to contact law enforcement for assistance. In early April 2015, the extortion campaigns began regularly contacting legitimate businesses operating in the private sector. In a typical scenario, a short-term DDoS attack is conducted on a victim’s web site lasting for approximately one hour. The DDoS is followed by an e-mail containing an extortion demand for payment via Bitcoin. If the victim has not paid the demanded payment, there is usually a second, more powerful DDoS attack within 24 hours, which lasts for an additional hour. This is followed by a second e-mail warning and extortion demand with an increased price. In most cases, victim companies have successfully mitigated the attack using third party DDoS mitigating services rather than paying the ransom. Technical Details The first DDoS attack is usually delivered prior to the sending of a ransom demand at 20-40 Gigabytes per second (Gbps) with a duration of approximately one hour. After the initial DDoS attack, an extortion e-mail is sent to the victim introducing the attacker, highlighting the initial demonstrative DDoS attack, and demanding payment in Bitcoin (ranging from 20-40) to ensure no further DDoS attacks are conducted against the business. If payment does not occur within 24 hours, a second demonstrative DDoS is generally conducted at a higher rate (40-50 Gbps) for an additional hour followed by an additional extortion e-mail. The types of DDoS attacks primarily consist of Simple Service Discovery Protocol (SSDP) and Network Time Protocol (NTP) reflection/amplification attacks with the occasional SYN-flood and, most recently, WordPress XML-RPC reflection/amplification attacks. Source: https://publicintelligence.net/fbi-bitcoin-extortion-campaigns/

Original post:
Bitcoin Extortion Campaigns Expanding DDoS Attacks to a Wider Array of Business Sectors

Cisco Videoscape bug could bring endless repeats to your tellie

Cloudy PVR has denial of service problem, but the fix is in Cisco is asking Web broadcasters using its Videoscape TV-over-IP streaming product to get patching, after a denial-of-service vulnerability was found in the software.…

See more here:
Cisco Videoscape bug could bring endless repeats to your tellie

Three Israelis among dozens arrested in global sting on hacking forum

Israeli suspects include an Israeli Arab who is believed to have used his hacking prowess to assist a terror group hostile to Israel. Three Israelis – including an Arab Israeli accused of aiding a terror group – were arrested this week as part of a global sting led by the FBI against a hacking forum believed responsible for an unknown number of cybercrimes over the past several years, it was cleared for publication on Wednesday. The site www.Darkode.com” was taken down on Tuesday by a joint law enforcement effort led by the FBI in collaboration with Europol and law enforcement agencies in 18 countries, including the Israel Police cybercrimes unit. Over 70 suspects have been arrests since the raids began, including alleged hackers from the United Kingdom, India, South America, the United States, Eastern Europe, the Former Yugoslavia, Israel, and elsewhere. The homepage of Darkode.com currently shows a message from the FBI saying that the domain has been seized by the law enforcement agency and several others acting through Europol. Around the message are the seals of police departments from more than a dozen countries. The Israeli suspects include an Israeli Arab who is believed to have used his hacking prowess to assist a terror group hostile to Israel, either by passing on money or stolen data; though an official from the Israel Police cybercrimes unit said he could not disclose which group. The other two suspects are brothers from central Israel. The identities of all three suspects are not cleared for publication for the time being. All three were brought for a remand extension at the Tel Aviv Magistrate’s Court on Wednesday and were ordered kept in custody until Sunday. Since the site went online in 2007 its been used as a black market for hundreds of hackers to meet and collaborate, and buy and sell stolen data, including, but not limited to, credit card information, email addresses and passwords, and personal details to aid in identity theft. An officer from the Israel Police cybercrimes unit on Wednesday called the forum “a factory for the production of cyber weapons.” It was also a popular meeting place for hackers looking to contract other cyber criminals to carry out attacks for them. For instance, hackers looking to carry out a distributed denial of service attack (DDoS) could take to the forum and contract such attacks from other attackers, in exchange for payments made in bitcoins, the online currency. Payments were also made by way of money transfer to bank accounts, which Israel Police said indicates the level of freedom the forum members said they had operating on the website. The site was invitation only, and members could only gain access after two separate members recommended them and later showing examples of cyberattacks they had carried out in the past, a sort of “hacking portfolio” as one official from the Israel Police cybercrimes unit said Wednesday. The FBI on Tuesday sent agents from their Israel liaison office to the Lod headquarters of the LAHAV 433 unit, popularly referred to as “the Israeli FBI”, to watch the arrests take place in real time. In a situation room, the FBI agents and officers from the cybercrimes unit watched a screen that showed the countries worldwide where the raids were being carried out, as well as the names of the suspects being arrested and removed from the screen in real time, police said Wednesday. Source: http://www.jpost.com/Business-and-Innovation/Tech/Three-Israelis-among-dozens-arrested-in-global-sting-on-hacking-forum-409092

Continue Reading:
Three Israelis among dozens arrested in global sting on hacking forum

Bitcoin Exchange OKCoin’s Statement After July DDOS Attacks

Last week, bitcoin exchange OKCoin suffered a DDOS (distributed denial of service) attack, preventing users from accessing the platform for a while. On the afternoon of the attack, the company’s significant resources capable of defending against such attacks were able to limit the impact on the Chinese platform’s K-line. However, another stronger attack was made later on in the same day, leading the tech team to immediately set in motion the emergency response plan of switching to a highly secure server and enacting counter CC attack measures. This took some time to take effect so some users still encountered problems when it comes to accessing the bitcoin exchange. Bitcoin Exchange Compensation In a statement published on its blog, OKCoin shared the details on why some customers still had login problems even if the emergency measures were put in place. The company also addressed questions regarding trades that have gotten executed even during the attack and speculations against price manipulation. In addition, OKCoin shared that they will carry out proportioned compensation according to the user’s realized losses. Starting today, the bitcoin exchange will begin contacting customers who suffered losses as a result of being unable to access OKCoin’s futures platform on July 10th from 17:00 to 17:19. Aside from that, OKCoin will fund the purchase of 1000 bitcoins, while also using 1000 bitcoins from the clawback and vicious attack insurance fund to together create a 2000 bitcoin incident compensation fund. The company has also pledged to hand over the logged actions related to the attacks to the national police for an investigation of the source of these attack. In the meantime, the bitcoin exchange also decided to remind customers of the inherent risks associated with trading cryptocurrencies. The company emphasized that the digital currency industry is still in its early stages and firms are still adjusting to potential criminal attacks as they go along. Source: http://www.newsbtc.com/2015/07/13/bitcoin-exchange-okcoins-statement-after-july-ddos-attacks/

More here:
Bitcoin Exchange OKCoin’s Statement After July DDOS Attacks

Envato Targeted by DDoS Attack, WordPress Theme Authors Report Major Decline in Sales

If you’ve attempted to access Themeforest or any other site on the Envato network lately, you may have encountered some down time. The company updated customers and community members today, attributing the technical difficulties to a DDoS attack: Since July 1, Envato has been the target of a sustained DDoS (distributed denial of service) attack. The attacker, whose motive and identity are unknown, has repeatedly flooded our servers with high levels of traffic, causing our services to be unavailable at various times. The most recent outage happened over the weekend when Envato Market was down for three hours on Friday and one hour on Sunday. This is a significant chunk of time for a market that paid out $224 million dollars to its members in 2014. The downtime has also impacted WordPress theme authors, who continue to dominate the Envato’s marketplace. According to Ben Chan, the company’s director of growth and revenue, 30 of the 31 sellers who make up the Power Elite wall of fame (selling $1 million+ worth of items) are WordPress product authors. The power of the WordPress economy on Envato is undeniable, but sales have taken a sharp decline in the past couple of months, even before the DDoS attack. According to PremiumWP, which cites reports from elite theme author Chris Robinson of Contempo and many others, sales have suddenly declined 50-70%. “Sales have declined over 70% starting from May with each passing day getting worse,” Robinson said in the members’ forum. “I’ve also spoken with other elite authors explaining the same thing. One example going from $1500/day to $700 – sure that’s still a great deal of money BUT what the hell is happening? “This isn’t just one or maybe twenty authors, it is marketplace wide affecting everyone. A marketplace wide decline in sales of this magnitude doesn’t just happen due to vacations, or other buyer factors. Going through the years of sales data (since 2008) this has never happened, I’ve personally gone from $2-3000/week to less than $700/week…that’s insane!” With new authors and products entering the market every day, the market share for established authors is slowly diminishing, but members are not convinced that this is the sole cause of the sharp drop in sales. FinalDestiny of TeoThemes, another author whose sales are declining, blames the one-size-fits-all theme products for gobbling up a greater slice of the market share. “Everybody is tired of these huge, monster multipurpose themes having the same price as normal themes, and that’s pretty much killing the marketplaces. But Envato couldn’t care less, as long as they get their share,” he said. In another thread, which ended up getting locked, there are 27 pages of comments from users speculating about why their sales have been dropping. Members cite seasonal buying fluctuations, piracy, Themeforest’s recent drop in Google search rankings, VAT and hidden price additions on checkout, and unfair pricing advantages for monster themes that claim to do everything, among other possible causes. In one thread, titled “More than 50% sales drop for most of the authors. Does TF care for Authors?“, an Envato community officer offered the following comment: We don’t really give sales updates over the forums other than to say your sales can go up and down for a multitude of reasons. Try not to assume the sky is falling every time the USA has a long weekend We have fast and slow periods throughout the year same as any business, and your portfolio will no doubt have peaks and valleys as well. This kind of generic reply has left theme authors scratching their heads, despite multiple threads in the forums popping up with concerns from those who are alarmed by the sudden drop. Many WordPress theme authors depend on Themeforest as their primary source of income. In one reply, the Aligator Studio seller sums up their concerns and frustration with the inability to convince Envato of the unusual circumstances that are affecting large numbers of sellers: We are not talking about valleys and peaks, we’re talking about a general traffic and sales fall, from New Year until now, especially after April. We’re not talking about regular ups and downs (sometimes steeper, sometimes not), due to longer weekends, summer holidays, and general and the usual stuff happening here in the last couple of years. It’s not a sky falling – it’s inability to pay our bills, we’re not fanatics that foresee the end of the world. Envato has yet to provide an official statement about the marketplace-wide decline in sales, apart from recognizing the network’s unavailability due to the recent DDoS attack. Source: http://wptavern.com/envato-targeted-by-ddos-attack-wordpress-theme-authors-report-major-decline-in-sales

View article:
Envato Targeted by DDoS Attack, WordPress Theme Authors Report Major Decline in Sales