Monthly Archives: September 2012

Microsoft's study into unsecure supply chains leads to botnet disruption

Microsoft's Digital Crimes Unit has disrupted the functioning of yet another botnet by effecting a takedown of a domain which was also hosting over 500 different strains of malware and has been linked…

Excerpt from:
Microsoft's study into unsecure supply chains leads to botnet disruption

Millions of GoDaddy sites go offline due to alleged DDoS attack

GoDaddy, on of the biggest and most popular Internet domain registrars and web hosting companies in the world, has suffered an outage on Monday that left many of its customers' websites temporarily av…

Read the original:
Millions of GoDaddy sites go offline due to alleged DDoS attack

DDoS attack on GoDaddy takes down millions of websites

A massive DDoS attack struck GoDaddy’s name servers today, temporarily plunging thousands of websites into the internet abyss. “GoDaddy, the massive Web hosting company, went down on Monday, taking an untold number of websites with it,” reported CNN. Mashable.com reported, “The more problematic part is that any domain registered with GoDaddy that uses its nameservers and DNS records are also down. This means that even if you host your site elsewhere, using GoDaddy for DNS means it is inaccessible.” PC World reports: “In a YouTube video (http://www.youtube.com/watch?v=SPGBZWGUE2g), secretive hacking group Anonymous has taken credit for the outage, claiming the move is a reaction to the company’s support of the U.S. government’s efforts “to censor and control the Internet,” through its support of the Stop Online Privacy Act (SOPA).” But claiming Anonymous did this attack may be false, it turns out. The apparent attacker said, himself, that he was not affiliated with the Anonymous collective: “It is not Anonymous collective it’s only me. Don’t use Anonymous collective name on it, just my name,” wrote Twitter user Anonymous Own3r. (http://www.foxnews.com/tech/2012/09/10/every-godaddy-registered-site-…) Most likely scenario? A false flag cyber security attack in order to provide the excuse for Obama to sign a freedom-killing executive order focused on “cyber security.” The attack has taken down GoDaddy’s website, DNS servers, phone support and email accounts. It’s almost as if a nuclear bomb went off at GoDaddy headquarters. This attack appears to be hugely successful from the point of view of Anonymous hackers, although it’s not clear why GoDaddy was targeted in particular. GoDaddy manages 48 million domains spanning more than 9 million customers. The failure of its DNS likely means that millions of websites were taken offline. Domain Name Servers are a known vulnerability Domain Name Servers are a well-known vulnerability of the internet infrastructure. As this attack by Anonymous has masterfully demonstrated, DNS provides a centralized single point of attack that, if penetrated, can bring down literally millions of websites. DNS also provides a single point of government seizure, where rogue governments that hate free speech can take control over websites by commandeering their DNS records. For these reasons, you need to know how to reach NaturalNews.com even if DNS is compromised There is a workaround to DNS. You can bypass it and go straight to NaturalNews by simply entering the following “IP address” into your browser: 174.132.185.226 This is the equivalent of typing “NaturalNews.com” into your browser and it will work even if Domain Name Servers are being hacked or seized. This IP address will take you right to our website. It is our “digital address” recognized by all web browsers. WRITE THIS NUMBER DOWN on a piece of paper and carry it in your wallet or purse. Even if the Domain Name Servers are illegally seized by the government in an assault on the freedom of the press — or if they’re brought down by hackers as was demonstrated today — you can still use the IP address to reach us. If NaturalNews.com appears to be unreachable during a crisis event, revert to using the numbers instead of the name, and the site will likely respond. An even better way: Subscribe to our email newsletter An even better way to make sure you can hear from us is to subscribe to our FREE email newsletter (see subscription form below). Email is virtually impossible for anyone to block. Unless there’s a nuclear holocaust or something, we will always be able to email you with the latest alerts and information, even if our web servers are hacked or physically taken offline. Even if you don’t want to read our email newsletter each day, simply staying subscribed is valuable because we will be able to reach you with urgent alerts about what’s really happening. We don’t sell email addresses to anyone. Your privacy is completely protected, and you can unsubscribe at any time. Subscribing to our email newsletter is your way of allowing us to reach you even in a crisis, a seizure, or a hack attack. For fast DDoS protection against your eCommerce site click here . Source: http://www.naturalnews.com/037140_DDoS_attack_GoDaddy_Domain_Name_Servers.html

View article:
DDoS attack on GoDaddy takes down millions of websites

Teenager who launched Distributed Denial of Service ‘DDoS’ attack on high profile websites says life is ‘serene’ offline

A Scots teenager who admitted hacking into the websites of the Serious Organised Crime Agency (Soca) and other prominent organisations said life is “serene” without access to the internet. Jake Davis, 19, admitted conspiring to carry out a “denial of service” attack on the crime agency at Southwark Crown Court in June. He also admitted hacking the NHS website. Davis, from the island of Yell, faced five charges following a Met Police investigation into the hacking groups LulzSec and Anonymous. The groups have been linked to a number of cyber-attacks on government agencies and multi-national companies. LulzSec has also been linked to hacking attempts on Sony and The Sun newspaper. Davis told the Observer newspaper: “The last time I was allowed to access the internet was several moments before the police came through my door in the Shetland Isles, over a year ago. One of my co-defendants and I have also been indicted with the same charge in the United States, where we may possibly be extradited, and if found guilty I could face several decades in an American prison. “Now I am on conditional bail and have to wear an electronic tag around my ankle. I’m forbidden from accessing the internet. “I’m often asked: what is life like without the net? It seems strange that humans have evolved and adapted for thousands of years without this simple connectivity, and now we in modern society struggle to comprehend existence without it. In a word, life is serene. “I now find myself reading newspapers as though they weren’t ancient scrolls; entering real shops with real money in order to buy real products, and not wishing to Photoshop a cosmic being of unspeakable horror into every possible social situation. Nothing needs to be captioned or made into an elaborate joke to impress a citizenry whose every emotion is represented by a sequence of keystrokes.” He added: “Things are calmer, slower and at times, I’ll admit, more dull. I do very much miss the instant companionship of online life, the innocent chatroom palaver, and the ease with which circles with similar interests can be found. Of course, there are no search terms in real life – one actually has to search. However, there is something oddly endearing about being disconnected from the digital horde. “It is not so much the sudden simplicity of daily life – as you can imagine, trivial tasks have been made much more difficult – but the feeling of being able to close my eyes without being bombarded with flashing shapes or constant buzzing sounds, which had occurred frequently since my early teens and could only be attributed to perpetual computer marathons. “Sleep is now tranquil and uninterrupted and books seem far more interesting. The paranoia has certainly vanished. I can only describe this sensation as the long-awaited renewal of a previously diminished attention span.” He said people’s attentions spans had suffered since the advent of the internet. “A miracle cure or some kind of therapeutic brilliance are not something I could give, but I can confidently say that a permanent lack of internet has made me a more fulfilled individual. And as one of many kids glued to their screens every day, I would never before have imagined myself even thinking those words. “Before, the idea of no internet was inconceivable, but now – not to sound as though it’s some kind of childish and predictable revelation spawned as a result of going cold turkey – I look back on the transcripts of my online chats (produced as legal evidence in my case, in great numbers) and wonder what all the fuss was about.” He added that he hoped others involved in the hacker community could take a short break from the internet to see if they could feel similar effects adding he had “forgotten how easy it was simply to close a laptop lid”. For fast DDoS protection against your eCommerce site click here . Source: http://news.stv.tv/north/189464-teenager-who-hacked-major-websites-says-life-is-serene-without-web-access/

See the original post:
Teenager who launched Distributed Denial of Service ‘DDoS’ attack on high profile websites says life is ‘serene’ offline

Arizona man sentenced for Distributed Denial of Service ‘DDoS’ attack

A man who was reportedly part of one of the first “DDOS-for-hire” electronic attack hit squads will serve two-and-a-half years in prison for selling access to malware-infected computers. Joshua Schichtel, 30, of Phoenix, AZ, was sentenced on Sept. 6 to 30 months in prison for selling command-and-control access to, and use of, thousands of malware-infected computers, announced Assistant Attorney General Lanny Breuer of the Justice Department’s Criminal Division and U.S. Attorney for the District of Columbia Ronald Machen, Jr. Schichtel was also ordered to serve three years of supervised release. Schichtel pleaded ea on August 17, 2011, to one count of attempting to cause damage to multiple computers without authorization by the transmission of programs, codes or commands, a violation of the Computer Fraud and Abuse Act. Schichtel was allegedly part of one of the first “DDOS-for-hire” rings uncovered in 2004. He was caught up in an investigation into a Massachusetts businessman’s scheme to launch an organized Distributed Denial of Service (DDOS) attack on his competitors by hiring hackers who knew how to perform the electronic assaults. According to court documents, Schichtel sold access to “botnets,” which are networks of computers that have been infected with a malicious computer program that allows unauthorized users to control infected computers. Individuals who wanted to infect computers with various different types of malicious software (malware) would contact Schichtel and pay him to install, or have installed, malware on the computers that comprised those botnets. Specifically, said the documents, Schichtel pleaded guilty to causing software to be installed on approximately 72,000 computers on behalf of a customer who paid him $1,500 for use of the botnet.

Visit site:
Arizona man sentenced for Distributed Denial of Service ‘DDoS’ attack

Arizona man goes to prison for selling access to botnets

Joshua Schichtel was sentenced to 30 months in prison for selling command-and-control access to and use of thousands of malware-infected computers. In addition to his prison term, Schichtel was ordere…

Originally posted here:
Arizona man goes to prison for selling access to botnets

How cybercriminals and hacktivists use DDoS tools to attack

Network professionals know that distributed denial-of-service attacks are an ever-growing danger. The recent assault on Twitter is just the latest evidence. Using a mushrooming array of advanced tools, including pay-per-use services and mobile devices, attackers are taking down websites, DNS and email servers, often using these tools to destroy a company’s online revenue, customer service and brand reputation. But the technology is only half the story. The thinking that shapes attacks an evolving blend of careful planning, probing and improvisation is often the difference between duds and strikes that leave victims begging for mercy. So who launches DDoS attacks and why? The most common profiles: extortionists, ruthless competitors and “hacktivists,” those attacking not for money, but in the name of social or political protest. The latter gets the most press, thanks to the media-savvy tactics of groups that have punished the likes of Bank of America and the US Chamber of Commerce. However, even though reliable statistics about attacks are hard to find, it’s likely that money, not justice, is the main motive. Regardless of the attacker’s identity or incentive, criminals use common tools and tactics in varying combinations. Many of these tools are cheap or free and easily available. They also require no more specialised skill than typing in the target’s name and hitting “enter.” The low-orbit ion cannon (LOIC), for example, is an open-source DDoS application which floods a server with enough UDP or TCP packets to disrupt service. The LOIC even offers multiple attack vectors. Attackers can send anything from packets with the text of their choice to random HTTP GET requests which imitate legitimate application-layer traffic. The future of malware The means to launch an assault doesn’t stop there though, as there are many other resources for attackers to use. If someone rents a server from a hosting company, but doesn’t secure it, an attacker could obtain administrative rights to the server, load scripts onto it and execute them at will. This is known as accessing a “shell booter.” There are also remote-access Trojans and DDoS bots, both forms of malware that infect PCs and mobile phones, letting criminals control them remotely to execute attacks. A group of such computers is a “botnet” and each computer infected is a “zombie.” Each family of malware has its own destructive capabilities. The most advanced the ones that avoid detection the longest and support the most types of attacks are often sold as software or as a complete pay-by-the-hour service. Attackers can also infect mobile phones to be used as extra resources. It’s the same idea as launching attacks with other people’s computers in a botnet. However, the added benefit is that there are billions of smartphones in use all around the world. And unlike desktop computers and laptops which are shut off for hours each day, mobile phones are always on, connected and able to abet attacks. In the DDoS world, it’s all about how much traffic you can generate, which depends on the number of hosts under your control. Mobile phones are simply too tempting to resist, and a new weapon that network security personnel have to keep an eye out for. However, before going through choosing a weapon and firing, the smartest attackers do their homework first. After all, there’s a ton of public information available about any business, including yours. For instance, a simple DNS look-up can reveal a lot of information about your public-facing assets. Attackers will also check your infrastructure for open ports, protocols, applications and firewalls. By doing recon on your infrastructure and understanding what it’s built to support ecommerce, customer service or public information, let’s say the bad guys will assess what’s at risk and will look for the best ways to exploit these weak spots in your infrastructure. In the ramp-up to an attack, you might notice bursts of heavier traffic in key areas of your network. The attacker is probing, trying to find a way in. While some will simply try to flood you, others will try to find a little crack in your network defenses, some piece of infrastructure too tempting to ignore. If you’re a retailer, for example, and someone succeeds in bringing down your point-of-sale applications, the pain could be acute. For the attacker, it’s well worth the time investment and ensures that your entire organization will take notice of the attack. Know your network and security inside-out Everything’s not all doom and gloom though. While criminals have many tools at their disposal, understanding what’s at risk, and how it will be attacked, allows you to understand how to take the first steps in order to protect it. For starters, make sure your team knows not only your network inside-out but also your security set-up. Conduct a security assessment, either in-house or with third-party experts who can give independent validation. Use these findings to help optimize your systems. It’s also critical to monitor traffic, so you know what’s normal and what’s not. With a clear baseline, you’ll be able to spot and mitigate DDoS attacks faster. Maybe most important of all, devise a DDoS response plan to counteract some of the tactics described here, listing procedures to follow and which team members are responsible for what. And practice executing this plan regularly. If you have to dust it off in the midst of an attack, you’re inviting chaos. Run regular drills including simulated communications with customers, so you can become adept at managing their expectations. At the end of the day, it’s not only attackers whose thinking makes a difference. Companies that invest more brainpower in understanding how DDoS attacks work, to better protect themselves are also more skilled in deploying the technologies designed to keep their online presences safe. For DDoS protection against your e-commerce site click here . Source: http://features.techworld.com/security/3378864/how-cybercriminals-hacktivists-use-ddos-tools-attack/

Read the original:
How cybercriminals and hacktivists use DDoS tools to attack