Monthly Archives: September 2014

DDoS Attacks Go Mobile

The cyber security industry has a new front to defend. Hackers are migrating their malicious techniques and technology to mobile platforms and businesses, organizations and users are already feeling the impact. Android: The New DDoS Launchpad A new Android app is causing the mass distribution of a DDoS malware. This DDoS tool uses a Low Orbit Impact Cannon (LOIC) to send TCP/UDP packets to a URL of the hacker’s choosing. Originally, LOIC was an attack that originated from desktops. But a hacker took the open-source LOIC and converted it into an Android app that has sent the security industry reeling. Current mobile infrastructures are vulnerable to hacking and cyber hijacking—the standard security measures of desktop networks and operating systems are rarely seen on mobile devices. The Problem of Super Proxies DDoS attacks sent from mobile devices present a difficult challenge for mitigation; malicious data packets sent from mobile devices travel in “Super Proxies,” or secure servers channeling data from countless other mobile devices. Data traveling in Super Proxies is notoriously difficult to separate and filter. Simply installing a piece of hardware that can stop traffic from specific IPs is not enough; this will cause the server to group bad traffic with that of legitimate users. When users can’t get through to the server, the DDoS hacker has succeeded in ‘denying service.’ Mobile DDoS and Android.DDoS.1.origin The cyber-security community is trying to take lessons from a dangerous mobile DDoS event in 2012. Most substantial DDoS events require a ‘botnet’ or ‘zombie’ army to carry out the attack, and Android.DDoS.1 was no different. It began when a hacker disguised malware in a fake Google Play application. Users downloaded the bogus software onto their devices, giving the hacker remote command of the mobile’s computing power. After amassing a significant botnet army, the hacker sent commands via SMS (didn’t the hacker know about Whatsapp?) to the DDoS viruses. These instructions included the target’s server address and a script to repeat. Once confirmed, the mobile devices also sent out spam text messages to the victim’s contact list, likely to spread the virus. With thousands of these infected mobile devices operating in unison, their requests generated a powerful DDoS force capable of overwhelming even large target servers. One mobile device sending bad requests does little, but an army can do some serious damage. Even experienced users who are wary of the typical trappings of PC-based malware may not be aware of the new dangers on mobile. Expect to see hackers getting more creative as the vulnerabilities in mobile networking are exposed. Handling the New Wave of Mobile DDoS Organizations and businesses trying to stay ahead of the DDoS mobile evolution are entrusting their security measures to experienced third-party protection services, whose robust networks are equipped to handle TCP and UDP attacks, among all other major attack methods in the security landscape. Source: http://www.sitepronews.com/2014/09/25/ddos-attacks-go-mobile/

Continue reading here:
DDoS Attacks Go Mobile

Chain Radio Returns After A Massive DDoS Attack

Who’d have thought it would be such a chore to run a radio station? Chain Radio, which launched a at the end of July, and since then they’ve dealt with some major issues. Namely, they’ve been the subject of DDoS attacks for weeks, but it really caught up with them in the last week. Rockstar, the head of Chain Radio, made a post on their page talking about what they’ve had to deal with in order to get their site up and running again, and the challenges they’ve faced. Unlike many other sites in the world of Bitcoin land we are operating a fleet of streaming servers which can not be simply placed behind the protection of CloudFlare. When someone is attacking our servers we are in a constant state of battle blocking IP ranges, blocking specific IPs and trying to keep everything online. Nevertheless, Rockstar remained defiant in the face of adversity. “It costs us over a thousand dollars each month to keep this service online for our listeners and if the DDOS attacks continue it will likely cost even more,” he said. “That said, we are committed to seeing this project through and NOT letting a few jerks silence what we are doing and the community that we are creating.” As to the identity of those “few jerks” and their motives, it remains unknown. As of this writing, Chain Radio is back up and running. They’re running a non-profit operation, relying largely on donations from the community. They’re taking donations to help offset the cost of the project through their website. Source: http://thecoinfront.com/chain-radio-returns-after-a-massive-ddos-attack/

Continue reading here:
Chain Radio Returns After A Massive DDoS Attack

Mitigations for Spike DDoS toolkit-powered attacks

Akamai Technologies released, through the company's Prolexic Security Engineering & Response Team (PLXsert), a new cybersecurity threat advisory that alerts enterprises to a high-risk threat of powerf…

Originally posted here:
Mitigations for Spike DDoS toolkit-powered attacks

BLAM, BLAM, BLAM… nooooo! Hacker crew Lizard Squad spits DDoS venom on Call of Duty

JUST before you blasted 2 ‘copters with 1 rocket launcher Hackers from the group Lizard Squad have reneged on their promise to quit earlier this month, apparently launching distributed denial-of-service (DDoS) attacks on major gaming industry websites.…

See more here:
BLAM, BLAM, BLAM… nooooo! Hacker crew Lizard Squad spits DDoS venom on Call of Duty

Hackers Target Destiny and Call of Duty Servers with DDoS Attack

This past weekend, several servers for Destiny went down, both on PlayStation and Xbox, following a DDoS attack. Players were booted from the servers in the middle of the game and an error message read “Cattle” on the disconnect screen. The Lizard Squad hacker group claimed responsibility for sporadic DDoS attacks on the Destiny and Call of Duty: Ghost servers. They posted about their endeavors on their Twtiter account, bragging about taking down parts of both servers. Access has since been restored and players can once more return to their games. Understandably, players had been quite upset about their game time being cut short, especially during a weekend, and many have threatened to ask for their money back, thinking that it was a technical issue from Bungie. “Destiny is currently experiencing issues matchmaking and login across all platforms. We are actively investigating this issue,” Bungie wrote on Twitter, although the message was later deleted by the company. The attack comes after another one from August, when the PlayStation Network, Battle.net, and other online games have been targeted. It’s also when the flight carrying John Smedley, the Sony Online Entertainment president, was grounded after the same hackers issued a bomb threat via Twitter. The attacks indicate that the Lizard Squad hasn’t disbanded and ceased its activities, as it was rumored earlier this month. The group’s website continues to be down, however, for unknown reasons. Source: http://news.softpedia.com/news/Hackers-Target-Destiny-and-Call-of-Duty-Servers-with-DDoS-Attack-459494.shtml

Excerpt from:
Hackers Target Destiny and Call of Duty Servers with DDoS Attack

Struggles with iOS 8 upgrades, traffic surges mimic DDoS attacks

Users upgrading devices to iOS 8 are struggling with long waits – while networks are being flooded by traffic (NASDAQ:AAPL, NASDAQ:AAPL) Apple users are frustrated with difficulty in upgrading to iOS 8, as download times are painfully long. To make matters worse, some networks are being slammed by so much traffic, it’s almost like they are under distributed denial-of-service (DDoS) attack. Networking company Procera Networks found one CIS mobile network that saw its network traffic jump an incredible 4000 percent than normal – an astronomical traffic amount for non-video applications. Everything from Apple’s iPhone models to its smartwatch were criticized – but anytime there is a new iOS release, Apple fans quickly flock to download the latest operating system. However, after just a few days, adoption for iOS 8 has been slower than that of iOS 6 or iOS 7, according to analysts. The iOS 8 upgrade requires 5.8GB of storage space, forcing some users to delete photos, videos, and other data to free up space to upgrade. Source: http://www.tweaktown.com/news/40240/struggles-with-ios-8-upgrades-traffic-surges-mimic-ddos-attacks/index.html

Continued here:
Struggles with iOS 8 upgrades, traffic surges mimic DDoS attacks

How to Protect Your Blog From an Advanced DDoS Attack Read

Although it’s pretty much unlikely that any high profile hacktivists are going to be targeting your website via a Distributed Denial of Service (DDoS) attack anytime soon, that’s not necessarily grounds for sitting back relaxed and complacent without a backup / protection plan. DDoS attacks are becoming more prevalent and much easier to execute thanks improvement in technology, bandwidth and accessibility to tools and information on how to do it. We continue to see big brands like Sony get brought down momentarily by these attacks, and even the CIA’s website suffered this pain in 2012. It’s a serious threat. For clarification, DDoS attacks happen through an overpowering of numerous computers, usually through the use of bots, that continuously send traffic to an IP address or website. As simple as this might seem, the effects can be brutal to a website. What’s worse is that the typical common security protocols that are set up to defend against hacking and intrusion just don’t work against DDoS attacks and taking matters into your own hands, whether it’s through WordPress security plugins or code tweaks and improvements are not sufficient. Luckily, there are a couple ways to protect a website from DDoS attacks. Using a Cloud Security Provider Using proprietary technologies, a number of web security companies have begun releasing different forms of protection from DDoS. These include the likes of Prolexic, for example, which has a fairly decent track record of mitigating web security threats. However, much of what these products do happens behind the scenes. In the push for full disclosure, more companies and website owners are relying more on cloud security providers, like Incapsula, who not only provide free usage of their CDN but also powerful DDoS protection at fairly reasonable pricing for anyone serious about their website’s security. Where other services just kind of tell us that things are being handled, Incapsula offers some pretty slick monitoring options that take your website security a step further than a service: It’s a tool. Going beyond just DDoS traffic mitigation, Incapsula protects against other forms of attacks and site outages (both malcontent and accidental) while simultaneously offering a speed boost through those same site mitigation channels; along with pretty much guaranteeing 100% up-time for complex applications through load balancing and failover, spread across multiple servers. What’s even better is that they provide visual and trackable insights into the site’s performance and health. Sophisticated web threat protection is becoming more available and affordable and it’s a valid inclusion among tools bloggers and other marketers normally utilize. Self-Protected Domain Infrastructure Bearing in mind that DDoS mitigation is not for the faint of heart or the modest wallet, I know there are some DIY admin types who live for the thrill of getting their hands dirty. Protecting against a DDoS attack on your own is a massive undertaking that’s easy to get wrong, which would leave you just as unprotected as if you had done nothing at all. But, if you’re up for the task and have the skillset required (seriously, be honest with yourself on this one, you or your client’s product is at stake here), the following Cisco reading material will get you moving in the right direction… if you really know what you’re doing: Discuss Options with Your Hosting Service Of the many web hosts online offering bottom dollar deals to get your website up and running , a vast majority of them don’t have the infrastructure set up to properly deflect a DDoS attack. This doesn’t necessarily mean that your cost-effective host, whichever it may be, doesn’t have protection, but that doesn’t mean that they do, either. Simply put, you should be contacting your preferred host(s) directly to determine precisely what they have in place to protect your site/sites from malicious attackers. Additionally, you absolutely need to know what their policy is on how to deal with sites that are suffering attacks that break through or overwhelm their servers. The punishment of a week or two of downtime from your host can be more damaging than the original attack itself since it’s more likely that your account will be blacklisted or suspended rather than the company taking full responsibility. Your best bet for protection via a web host is going with a premium provider like WP Engine who pride themselves on running very secure and well managed hosting environments. The most important thing you should keep in mind is that, for relatively little time invested, you can set a site up to be guarded against incredibly expensive attacks. There’s no reason to find yourself in a situation where you’re looking for protection after a DDoS is launched. The risk for loss of traffic and in some cases, sales, is much too great. Source: http://www.blogherald.com/2014/09/18/protect-blog-advanced-ddos-attack/

View original post here:
How to Protect Your Blog From an Advanced DDoS Attack Read

The Escapist #GamerGate Forums Brought Down In DDoS Attack

Earlier this week, Milo Yiannopoulos of Breitbart London published an article containing emails between a group of video game journalists, all members of an email list called GameJournoPros. The Breitbart piece suggested collusion between these journalists to provide a specific spin on news during the early days of the Zoe Quinn scandal, which has now blossomed into the broader #GamerGate movement, and to clamp down on discussion of the topic across sites and forums. Yiannopolous also published the full exchange of emails, which provided a more nuanced look at the situation. In the emails various game writers discuss the Quinn scandal and how to approach it. Some suggest sending a note of solidarity, while others push back against this idea, citing the need for professional distance between journalists and their subjects. All told, it appears to be a largely civil conversation between professionals. But two moments in the thread ought to raise eyebrows. In one, writer Ryan Smith asks questions about where other writers and publications draw the line on writing about the private lives of subjects. He is quickly shouted down. More important is an exchange between Polygon writer Ben Kuchera and The Escapist’s Editor-in-Chief Greg Tito. Kuchera urges Tito to shut down The Escapist forum where the discussion of Quinn was occurring, but Tito refuses, arguing that a place for discussion is a healthy thing. “The conversation may be distasteful to some of us,” Tito writes in response to Kuchera and others, “but I don’t know if the answer is to delete the thread. The Escapist is not giving harassment a home, but allowing civil discussion on a matter that people are emotional about.” Since these emails took place, #GamerGate has been born and even the release of Bungie’s popular video game  Destiny hasn’t dampened the voices on both sides. However, it appears that many forums where discussion of #GamerGate has been occurring have been clamping down. Both reddit and 4chan have been banning users and shutting down forums related to the topic. One of the only places outside of Twitter where any discussion has been occurring has been at The Escapist. This morning The Escapist came under a DDoS (denial of service) attack, according to the co-founder and GM of the site Alexander Macris. “A DDOS attack is currently underway against @TheEscapistMag. The attackers are specifically targeting the GamerGate forum thread,” Macris tweeted this morning. After a brief interlude the attacks began again, and eventually the publication was forced to take down the forums temporarily. The attack consists of “a large number of IP addresses targeted the GamerGate thread for reload many times per second.” At this point there is no information of the perpetrator of the attack though The Escapist is working to find out. The timing of the attack, following the revelations in the GameJournoPros emails, does raise questions. We will continue to follow this story and update as more information comes to light. If anyone has information about the attacks please don’t hesitate to reach out. Source: http://www.forbes.com/sites/erikkain/2014/09/20/the-escapist-forums-brought-down-in-ddos-attack/

Continued here:
The Escapist #GamerGate Forums Brought Down In DDoS Attack