Monthly Archives: February 2014

Namecheap Is In The Middle Of A DDoS Attack

If any of your favorite sites don’t seem to be working right now, don’t panic — it’s not just you. Namecheap, the host of some 3 million-plus domains, is reporting that they’re currently undergoing a Distributed Denial Of Service attack of unknown origins. If that sounds like a bunch of mumbo-jumbo to you, here’s all you need to know: a Distributed Denial Of Service (or DDoS) attack is, generally, when an attacker floods its target with so much traffic that it’s unable to respond to legitimate requests. Namecheap, a company that helps make it so that you can type URLs (like WhateverWebsiteHere.com) instead of IPs (like 192.168.0.1), is currently facing an attack like this, making it quite hard for them to do their job. The attackers appear to be focusing on some of Namecheap’s primary DNS servers. As a result, many domains that are hosted on Namecheap will be unable to resolve, and other features that rely on their nameservers (like email) might not work. The company is actively battling the attack, and are hoping that they’ll have everything locked down within the next hour or so. In the meantime: if your domain is hosted on Namecheap and is having difficulties resolving, Namecheap recommends temporarily switching it to their backup DNS system. Update: Namecheap tells us that the situation now seems to be under control. See their full response to this attack below. Namecheap gained many a fan back in 2011, when the company launched a campaign called Move Your Domain Day in response to competitor GoDaddy’s then-support of the controversial Stop Online Piracy Act. This, along with many other pressures, eventually lead GoDaddy to recanting their support for the bill. Update: Here’s the official response and breakdown of the attack from Namecheap CEO Richard Kirkendall and VP Matt Russell: Today is one of the days that as a service provider who strives to deliver excellence day in and day out, you wish you never had. At around 15.55 GMT / 11.55 EST, a huge DDoS attack started against 300 or so domains on our DNS platform. Our DNS platform is a redundant, global platform spread across 3 continents and 5 countries that handles the DNS for many of our customers. This is a platform meticulously maintained and ran, and a platform that successfully fends off other DDoS attacks on an almost-daily basis. Today, however, I am compelled to announce that we struggled. The sheer size of the attack overwhelmed many of our DNS servers resulting in inaccessibility and sluggish performance. Our initial estimates show the attack size to be over 100Gbps, making this one of the largest attacks anyone has seen or dealt with. And this is a new type of attack, one that we and our hardware and network partners had not encountered before. We responded with our well-practiced mitigation plan while also enabling our backup system for those with affected domains. It took us around 3 hours to fully mitigate the attack, working closely with our hardware and network vendors. At this moment in time, 99% of our services are back to normal. I’d like to take this time to apologize to those customers affected. I also wish to iterate that we will learn from this attack and come back stronger, and more robust. We are bringing forward a key DNS infrastructure enhancement program that will see us massively expand the size of our DNS infrastructure and our ability to absorb and fend off attacks like these. We remain firmly committed to delivering the absolute best service possible to our loyal customers. Richard Kirkendall CEO Source: http://techcrunch.com/2014/02/20/namecheap-ddos/

More:
Namecheap Is In The Middle Of A DDoS Attack

MMO developer offering $14,000 reward for DDoS attack info

If you know a little thing or two about MMOs and a little more about DDOS attacks, you might be able to net yourself a near $15,000 bounty. Wurm Online, the MMO from Minecraft creator Markus Persson (no longer involved) and childhood friend Ralf Jansson, was hit by a DDOS attack yesterday and at the time of writing, it still remains down. Nobody so far has owned up to the attack, which was launched soon after a recent update. Presumably from the relative obscurity of the game, the DDOSer is a player, but there’s very little information on who they are or why they might have done it. However, in an attempt to find out more and ultimately catch and convict those responsible, the studio behind it, Code Club, is now offering a reward: “Shortly after today’s update we were the target of a DDOS attack and our hosting provider had to pull us off the grid for now,” it said in the announcement. “We will be back as soon as possible but things are out of our hands since their other customers are affected. As we wrote in a previous news post we are planning on changing hosting anyways which should improve things for the future. We can offer 10 000 Euro for any tips or evidence leading to a conviction of the person responsible for this attack.” DDOS attacks against large games has become more common over the past few years, since it usually garners a lot of attention and understandably annoys a lot of gamers. However the purpose beyond attention getting is often unclear, since it rarely impacts anyone more than the players. So what about it guys? Anyone here think they could track down a DDOSer? Source: http://megagames.com/news/mmo-developer-offering-14000-reward-ddos-info

Continue Reading:
MMO developer offering $14,000 reward for DDoS attack info

Second Anonymous member sentenced for role in DDoS attack

The U.S. District Court, Eastern District of Wisconsin, has sentenced Jacob Wilkens to 24 months of probation and ordered him to pay $110,932.71 in restitution for his role in a distributed denial-of-service (DDoS) attack against Koch Industries. Wilkens pled guilty to intentionally causing damage to a protected computer by assisting other members of the hacktivist collective Anonymous in launching a DDoS attack on the servers of Angel Soft bathroom tissue, based in Green Bay, in February and March of 2011. The attacks against Koch Industries were said to have lasted three days and resulted in several hundred-thousand dollars in losses. For his role in the same attack, Christopher Sudlik was ordered earlier this month to pay the same in restitution, as well as being sentenced to 36 months of probation and 60 hours of community service. Source: http://www.scmagazine.com/second-anonymous-member-sentenced-for-role-in-ddos-attack/article/334490/

More:
Second Anonymous member sentenced for role in DDoS attack

Stack Overflow goes down for an hour on Sunday due to DDoS attack

Stack Overflow went out for about an hour on Sunday morning due to a DDoS attack, TechCrunch reported. Stack Overflow is a question and answer website focused on coding that programmers, both professional and amateur, rely on. Stack Exchange, the parent firm of Stack Overflow, told TechCrunch that the site went down because of a DDoS attack on its network provider. According to Webopedia, a DDoS attack or Distributed Denial of Service is a kind of DOS attack “where multiple compromised systems-which are usually infected with a Trojan-are used to target a single system causing a Denial of Service (DoS) attack. Victims of a DDoS attack consist of both the end targeted system and all systems maliciously used and controlled by the hacker in the distributed attack.” Stack Exchange added that the issue has already been “partially mitigated” and the platform is already operational. A 100% free site that does not require any registration, Stack Overflow allows anybody to ask and answer a question. Users vote on the best answers and they then go up to the top. Posts about the outage began to hit micro-blogging site Twitter and Hacker News at about 11 am Pacific Time Sunday. The notes, often humorous, of programmers served as a testament to the importance of the platform to a lot of people, the report said. Some of the Twitter posts about the outage featured in the TechCrunch report included one from Adam (@adamjstevenson) which said, “Stack Overflow being down reminds me how badly I need Stack Overflow in my life.” Another one came from pickett (@pickett) which said “Well, stackoverflow is down.  Might as well pack it in and take the day off.” Vineet Shah (@vineetshah), meanwhile, posted “Came to work on a Sunday and Stack Overflow is down EVERYBODY PANIC.” Source: http://www.vcpost.com/articles/21665/20140216/stack-overflow-goes-down-for-an-hour-sunday-due-to-ddos-attack.htm

See more here:
Stack Overflow goes down for an hour on Sunday due to DDoS attack

Bitcoin Value Plunges as DDoS Strikes Currency Exchanges Read

Russia and China are backing out of the Bitcoin business. Recent DDoS attacks on a number of major Bitcoin exchanges have caused them to suspend trade. Mt Gox, one of the most significant exchanges, blames hackers trying to create fraudulent transactions for the attack. The value of the cryptocurrency has dropped significantly, from a high of $926 on February 5th to $501.83 as of time of writing. Bitstamp, BTC-e and Mt Gox are all known to have been affected. Tokyo-based Mt Gox argues that the attackers are trying to create uncertainty, and exploiting that uncertainty to duplicate transactions. By intervening just after a transaction is initiated but before it completes and changing the transaction ID, the hacker can create the illusion that the transaction never completed. The hacker then claims a second payment, alleging that the first one wasn’t valid. “Whoever is doing this is not stealing coins, but is succeeding in preventing some transactions from confirming,” says Jinyoung Lee Englund of the Bitcoin Foundation. “It’s important to note that DDoS attacks do not affect people’s bitcoin wallets or funds.” The value of most other Bitcoin variants has fallen, dragged down by the drop in Bitcoin itself. The one exception so far is Dogecoin, whose value has risen markedly. It’s now the third most valuable cryptocurrency, after its value soared 27% in 24 hours. Meanwhile both Russia and China have started cracking down on Bitcoin. Last week the Central Bank of Russia made it illegal to use Bitcoin, alleging that it could be used for money laundering and criminal activity. Russia’s move came after China’s largest exchanges started banning Bitcoin sales earlier this year, as the government cracked down on the cryptocurrency. Alibaba Group, China’s biggest online marketplace, complied with the government’s demands “in the interest of consumer protection,” said a spokeswoman. In both instances it seems likely that, although there are legitimate concerns about criminal activity, the bigger issue is currency control. Though there are benefits – China’s investments in Africa have been made much easier with Bitcoin – neither China nor Russia really likes the idea of an electronic currency that avoids both government regulation and monitoring. “It is proposed to punish (with large fines and imprisonment) all anonymous ‘electronic’ money transfers through the border,” alleged an anonymous Russian Cryptocoins News source. “Since Bitcoin has no borders, it may be the problem.” The source argues that Russia’s political opposition has been funded via Bitcoin for some time, and this crackdown is an attempt to stifle that opposition, as well as a more general reaction against technology the government doesn’t understand. “To put things in perspective,” says Mt Gox as it explains the reasons behind its suspension of trade, “it’s important to remember that Bitcoin is a very new technology and still very much in its early stages. What Mt Gox and the Bitcoin community have experienced in the past year has been an incredible and exciting challenge, and there is still much to do to further improve.” Source: http://www.escapistmagazine.com/news/view/132215-Bitcoin-Value-Plunges-as-DDoS-Strikes-Currency-Exchanges?utm_source=rss&utm_medium=rss&utm_campaign=news

View article:
Bitcoin Value Plunges as DDoS Strikes Currency Exchanges Read

400Gbps NTP-based DDoS attack hits Cloudflare

Matthew Prince, CEO of content delivery network Cloudflare, has confirmed on Twitter on Monday that one of its customers was being targeted with a very big Network Time Protocol (NTP) reflection attac…

View post:
400Gbps NTP-based DDoS attack hits Cloudflare

Exchange Halts Payouts as DDoS Attack Pummels Bitcoin

A second major bitcoin exchange suspended withdrawals on Tuesday, amidst widespread attacks on the vast software system that drives the digital currency. Bitstamp, an exchange based on Slovenia, says that it suspended Bitcoin withdrawals due to “inconsistent results” from its online bitcoin wallet caused by a denial-of-service attack, according to a post on the exchange’s Facebook page. “Bitcoin withdrawal processing will be suspended temporarily until a software fix is issued,” the post reads. The news comes a week after the Tokyo-based exchange Mt. Gox suspended Bitcoin payouts, blaming a known bug in the bitcoin software. At the time, outside observers turned the blame on Mt. Gox’s accounting software, but it turns out that the company isn’t the only exchange struggling to cope with the bug. That a known issue like this could lead to the suspension of payouts on two of the world’s most popular bitcoin exchanges underscores the immaturity of bitcoin and the ongoing growing pains of the the world’s most popular digital currency. These growing pains are not just technical, but political. As Bitstamp battles against these attacks, it’s also worth noting that the Slovenian exchange is not listed as a money services business with FINCEN, the U.S. agency that registers money transmitters — even though it accepts US customers. Bitstamp did not respond to a press inquiry from WIRED. But according to Andreas Antonopoulos, the chief security officer with bitcoin wallet-maker, Blockchain, the effects of this week’s attack should be temporary. “It’s a griefer attack,” he says. “All it does is slow down these exchanges.” But the company could eventually run into serious problems with regulators in the U.S. FINCEN expects even foreign-based money transmitters to register if they service US customers. A Bored Teenager With a Computer? Bitstamp’s technical issues came to light after someone — nobody knows who, exactly — started flooding the worldwide bitcoin network with thousands of bad transaction records. Because of a flaw in the bitcoin protocol, it’s possible for the bad guys to create two unique transaction identifiers — called hashes — for legitimate transactions on the network. The official bitcoin ledger, or blockchain, is not fooled by these so-called “malleable transactions”, but some badly written wallet software could be confused. “It’s like creating a fake receipt,” says Antonopoulos. In theory, someone could try and use one of these fake receipts to try and trick an exchange into believing that a bitcoin transfer had not gone through, but a look at the blockchain would clear things up, he explains. It turns out that a small number of these bad transactions have been broadcast in the background of the bitcoin network for some time now, but after Mt. Gox went public with its problems, someone cranked up the volume. “Some joker is rewriting thousands of bitcoin transactions and rebroadcasting them,” says Jeff Garzik, a core developer on the bitcoin software. “It’s not a ‘massive and concerted’ attack, probably just a bored teenager with one computer.” Antonopoulos, who is working with other bitcoin companies to coordinate a response to the attack, says he’s spoken with five exchanges (not including Mt. Gox) about the issue, and that three of them are unaffected by the issue. None of the five exchanges that Antonopoulos has spoken with appear to have lost money because of the issue, he says. Source: http://www.wired.com/wiredenterprise/2014/02/bitcoin-ddos/

See the original article here:
Exchange Halts Payouts as DDoS Attack Pummels Bitcoin

Europe shrugs off largest DDoS attack yet, traffic tops 400Gbps

NTP flaw used again, effects minimal Once again hackers are targeting content-delivery firm Cloudfare, and the company says this latest attack is its biggest yet, peaking at over 400Gbps of traffic.…

Read More:
Europe shrugs off largest DDoS attack yet, traffic tops 400Gbps