Author Archives: Enurrendy

Indian Bitcoin Exchange Suffers Outage as DDoS Attacks Continue

T he onslaught of DDoS attacks targeting bitcoin websites around the world isn’t showing any signs of abating as an Indian bitcoin exchange came under attack today. Indian bitcoin exchange Coinsecure saw a spike in traffic this Monday morning local time. The number of connections attempting to reach the website was enough to disrupt exchange activity. Operational delays ensued on its website, mobile application and other API-enabled platforms. In an email to customers, the bitcoin exchange revealed the reason for the delays. We were under a massive DDoS attack this morning that blocked traffic temporarily to our website, API and Android App. You may have experienced delays in withdrawals and deposits as well, this morning. The email, which reached customers afternoon in local time, confirmed that the website was fully operational again, following several hours of disruption. Bitcoin Exchanges. Ripe Targets? Bitcoin exchanges and websites are perhaps the most-obvious targets for DDoS extortionists seeking ransom in bitcoin.  Still, Kraken CEO Jesse Powell told CCN in an earlier exchange that bitcoin companies aren’t always the best targets. “Most Bitcoin companies aren’t profitable and we’re therefore not great targets,” said Powell, whose exchange suffered a DDoS attack in November last year. Thai bitcoin exchange Bitcoin Co. Ltd., also suffered a DDoS attack in November 2015, albeit from a different perpetrator. “We have received several DDOS-ransom letters to https://bx.in.th,” Bitcoin Co. Ltd Managing Director David Barnes told  CCN . “[The] last was supposedly from Armada Collective requesting 10BTC.” More importantly, he added: Attackers seem to lose interest quickly when you block them or don’t respond to their messages. CCN was also targeted in November 2015, with one extortionist communicating via email to demand 2 bitcoins in ransom. The email was ignored and we duly put up a 5 BTC reward for any information leading to a successful police report. While we came short of finding details, CCN continues to be targeted frequently with DDoS attacks. At the time in 2015, bitcoin was trading near peaks of $500 and has come a considerable way since while avoiding volatility. As the value of the cryptocurrency makes gains with stable footing, bitcoin businesses and websites continue to remain targets. A New Wave of Attacks The latest instances of DDoS disruptions could ostensibly be new wave of attacks targeting bitcoin websites. Last week, European bitcoin and altcoin exchange BTC-e was also targeted, resulting in temporary disruption of exchange activity. CCN was also the target of a DDoS attack last week. The website saw temporary disruption lasting 1-2 hours before the attacks were mitigated. Source: https://www.cryptocoinsnews.com/indian-bitcoin-exchange-suffers-outage-ddos-attacks-continue/

Continue reading here:
Indian Bitcoin Exchange Suffers Outage as DDoS Attacks Continue

The new age of DDoS – And we ‘joked’ that toasters would one day take down our banks

The size of DDoS attacks has increased exponentially thanks to hackers and cyber criminals making use of the IoT. A few years ago, just as the ‘Internet of Things’ (IoT) was starting to form as a concept, some of us in the cyber security community joked that in future our toasters would be able to take down our banks. Within the last few months that joke has started to become a reality. In September 2016, US security researcher Brian Krebs had his website, Krebs on Security, taken offline by the largest Distributed Denial of Service (DDoS) attack yet seen. A short while later OVH, a French internet hosting company, was struck by an even bigger attack. Then, in October, Domain Name Server (DNS) company Dyn – essentially a part of the ‘internet phone book’ which directs users to websites – also fell victim to an attack in which tens of millions of different internet addresses bombarded the company’s servers with excessive data, causing popular sites like Twitter, Spotify and Reddit to go offline. The size of attacks has increased exponentially thanks to hackers and cyber criminals making use of the IoT. These devices – including the likes of webcams Digital Video Recorders, and even fridges, toasters and pressure cookers – are typically designed to be quick and cheap to produce, and inherently have very poor levels of security. The majority run variants of the Linux operating system and many have very simple or default administrator username and password combinations, or use standard encryption tools where the ‘key’ is widely available on the internet. There are some with no security features at all. Worryingly, the end user can do little to prevent their use by cyber criminals and hackers, even if they were to become aware that their device has been compromised. Other than turning it off and disconnecting it from any internet connection – which would pretty much leave the device as ‘dumb’, and remove the features they bought it for – there’s very little scope to prevent it from being recruited by hackers. The risk posed stems from a piece of malware called ‘Mirai’ (Japanese for ‘the future’). Developed by a coder who goes under the pseudonym of ‘Anna-senpai’, Mirai turns computer systems running Linux into remotely controlled ‘bots’ that can be used as part of a ‘botnet’ in large-scale network attacks. Mirai was first unleashed on September 20, 2016, with attacks on the Krebs website reaching up to 620 Gbps. Soon after, OVH was hit with an attack which reached a staggering 1 Tbps. Both these attacks used in the region of 150,000 infected IoT devices, and produced volumes of traffic in DDoS attacks never seen before. It is thought Krebs was targeted as he has exposed an Israeli group called ‘vDOS’ operating on the ‘Dark Web’ that rented out DDoS attacks (known as ‘DDoS-as-a-Service’). Soon after these attacks, the source code for Mirai was released on the Dark Web. This now gave other hackers and cyber criminals the opportunity to undertake massive DDoS attacks,which resulted in the Dyn incident. In a change of tactic, the hackers attempted to take down part of the key infrastructure of the internet rather than just focusing on a single website. This begs the question: Just how will DDoS attacks develop in 2017 and what will the future hold for internet security? Source: http://www.itproportal.com/features/the-new-age-of-ddos-and-we-joked-that-toasters-would-one-day-take-down-our-banks/

Read the original post:
The new age of DDoS – And we ‘joked’ that toasters would one day take down our banks

Battlefield 1: Are servers up after DDoS attack by The Phantom Squad?

It seems that the servers of popular first-person-shooter game Battlefield 1 have fallen victim to an attack by a hacker group which is said to have resorted to employing the Distributed Denial of Service aka DDoS attack. Plenty of Battlefield 1 gamers have taken to social media forums to report the non-playability of Battlefield 1. Therefore, you can let us know in case the game servers are offline thus momentarily not allowing you play Battlefield 1. It seems that the mastermind of the latest attack on battlefield 1 servers is the Phantom Squad who has claimed responsibility for the attack. “We will be keeping Battlefield 1 servers down. We are waiting for starskids to have an autistic breakdown,” state the hacker group in an official tweet. At this juncture, developers Electronic Arts are yet to issue official comments on the reported DDoS attack on the Battlefield 1 servers by The Phantom Squad. Therefore, you are advised to check for the online game mode in Battlefield 1 and let us know if the game works for you. As soon as the Battlefield 1 servers were ‘attacked’, gamers took to micro-blogging site Twitter to vent their angst. Source: http://www.ibtimes.co.in/are-battlefield-1-servers-after-ddos-attack-by-phantom-squad-can-you-play-game-now-708831

View original post here:
Battlefield 1: Are servers up after DDoS attack by The Phantom Squad?

FBI Tries to Curb Young DDoS Hackers

In coordination with Europol’s European Cyber Crime Centre (EC3), the FBI conducted a series of interviews and arrests Dec. 5-9 aimed at reducing the number of young people acting as Distributed Denial of Service (DDoS)-for-hire hackers. “DDoS tools are among the many specialized cyber crime services available for hire that may be used by professional criminals and novices alike,” said Steve Kelly, FBI unit chief of the International Cyber Crime Coordination Cell (IC4). “While the FBI is working with our international partners to apprehend and prosecute sophisticated cyber criminals, we also want to deter the young from starting down this path.” Law enforcement agencies participated from Australia, Belgium, France, Hungary, Lithuania, the Netherlands, Norway, Portugal, Romania, Spain, Sweden, the United Kingdom and the United States, and the combined effort led to 34 arrests and 101 suspects interviewed and cautioned. The effort mainly targeted hackers under 20 who were suspected of paying for services that would maliciously flood an online target with so much data that users would be unable to gain access. The operation also marks the kick-start of a campaign in all participating countries to raise awareness of young people getting involved in cyber crime and to point those people toward positive outlets for their hacking skills. “Today’s generation is closer to technology than ever before, with the potential of exacerbating the threat of cyber crime,” said Steven Wilson, Head of Europol’s European Cybercrime Centre (EC3). “Many IT enthusiasts get involved in seemingly low-level fringe cyber crime activities from a young age, unaware of the consequences that such crimes carry. One of the key priorities of law enforcement should be to engage with these young people to prevent them from pursuing a criminal path, helping them understand how they can use their skills for a more constructive purpose.” Europol also identified that young hackers are most likely to be responsible for crimes in which they hack to take control or information from a computer, create or use malware and viruses, and carry out DDos attacks. “No law enforcement agency or country can defeat cyber crime alone,” an FBI statement said. “This demands a collective global approach.” Source: https://www.meritalk.com/articles/fbi-tries-to-curb-young-ddos-hackers/

Follow this link:
FBI Tries to Curb Young DDoS Hackers

Cryptocurrency exchange BTC-e resumes operations after DDoS attack

Leading cryptocurrency exchange BTC-e announced on early Thursday morning (around 5:30 am EST) that it was under Distributed Denial of Service (DDoS) attack, CoinTelegraph reported. The website went offline after the attack and displayed a white page saying “DB connect error”. The DDoS attack tries to make an online service unavailable by flooding it with traffic from multiple sources. BTC-e soon resolved the issues and was back online within a few hours. Earlier in January, BTC-e suffered another DDoS attack with its website offline for several hours, CoinTelegraph reported. The startup has been facing such attacks for almost two years now. In February 2014, it also suffered a DDoS attack. In addition, data breach monitoring service LeakedSource in September revealed that BTC-E.com suffered major hack in 2014. It said that over 500,000 users of BTC-E.com were hacked in October 2014. The data contained usernames, emails, passwords, ip addresses, register dates, languages and some internal data such as how many coins the user had. The cryptocurrency ecosystem is frequently facing DDoS attacks. In June 2016, BitGo Inc., a leading multi-sig bitcoin wallet provider, announced that it was under Distributed Denial-of-Service (DDoS) attack. Another bitcoin startup Coinkite Inc. decided to close its secure wallet service this year due to never ending DDoS attacks. Source: http://www.econotimes.com/Cryptocurrency-exchange-BTC-e-resumes-operations-after-DDoS-attack-454313

See more here:
Cryptocurrency exchange BTC-e resumes operations after DDoS attack

Parliament website brought down by DDoS attack ‘just ten minutes’

House of Representatives Secretary General Surasak Pianwej Friday expressed confidence that the Parliament website has been effectively guarded against DDoS attack, saying the attack by angry Internet users brought down the site just ten minutes Thursday night. Surasak dismissed claimed by the group of “Citizens Against Single Gateway: Thailand Internet Firewall” that a DDoS attack organized by the group brought the down the webiste for an hour at 8:55 pm Thursday. “The system went down just 10 minutes and it resumed,” Surasak said. The group has urged Thai Internet users to join another DDoS attack at 2 pm Friday. Surasak said the officials will step up measures to prevent the attack. The group staged the attack after the National Legislative Assembly refused to abort the final reading of the new computer crime bill. Source: http://www.nationmultimedia.com/news/breakingnews/30302233

Read the original:
Parliament website brought down by DDoS attack ‘just ten minutes’

DDoS in 2017: Strap yourself in for a bumpy ride

2016 sucked. 2017 won’t be much better, sorry DDoS attacks have been around since at least 2000, and they’re not going away. In fact, as the number of devices online grows, the volume and velocity of these attacks is also increasing.…

Read more here:
DDoS in 2017: Strap yourself in for a bumpy ride

OpEdNews Attacked by DDoS Denial of Service Attack

OpEdNews was victim of an aggressive DDoS denial of service attack yesterday. OpEdNews was victim of an aggressive DDoS denial of service attack yesterday. The attack came in the form of tens of thousands of emails bombarding our server. These took up all our bandwidth resources and caused the site to either shut down or run very slowly. We don’t know who initiated the attack, but it shut down our server several times yesterday and has caused some problems with our view tracking. Senior OEN editor Josh Mitteldorf observed, “We might start by asking whose lies are we undermining? What powers are we speaking truth to?” At the same time the DDoS attack was going on, we’ve been in the middle of transferring OpEdnews to a new, much better, faster, higher bandwidth server– shifting from two to 32 gigabytes of RAM, with a much faster processor and faster SSD hard drive. OpEdNews hope to have the transition to the new server finished by tomorrow, after which we’ll be able to better sort out the problem with article view tracking. There may be a brief time, during the transfer, when you can’t submit content– articles, comments. That will pass as soon as the DNS servers shift the site from the old server to the new server. This varies with your location. In simpler language, the pause in the ability to submit will last until the site domain name has been fully shifted to be pointed to the new server. Source: http://www.opednews.com/Diary/OpEdNews-Attacked-by-dDOS-by-Rob-Kall-Distributed-Denial-Of-Service-Attack-DDOS_OpEdNews-161215-445.html

View article:
OpEdNews Attacked by DDoS Denial of Service Attack

Bitcoin Exchange BTC-e Is Taken Down By New DDoS Attack

Early on Thursday morning, about 5:30 AM Eastern Standard Time to be exact, the Bitcoin exchange BTC-e is reporting that they are under DDoS attack and their site is currently offline. Going to the btc-e.com website returns a white page saying “DB connect error,” so there is no more information available from BTC-e. This is the second time this year that BTC-e has been taken down in this fashion. On Jan. 7th, they also suffered a distributed denial-of-service attacks, knocking it offline for several hours before returning to full service. Similar attacks have plagued the site since 2014. During Feb. 10-11, 2014 they also suffered a DDoS attack. BTC-e refused to stop the services with their team publishing a disclaimer on Twitter stating that due to the attack the withdrawal of the digital coins during those two days. BTC-e is ranked as a top 10 Bitcoin exchange by transaction volume over the last thirty days by bitcoinity.org, specializing in the use of USD, Russian Rubles, and Euros for the exchange of Bitcoins. We’ll keep you updated on this situation as more information comes in. Source: https://cointelegraph.com/news/bitcoin-exchange-btc-e-is-taken-down-by-new-ddos-attack

Visit site:
Bitcoin Exchange BTC-e Is Taken Down By New DDoS Attack

34 People Arrested in Global Crackdown on DDOS Attack Service Users

Today’s topics include the arrest of 34 individuals in 13 countries charged with using online services that provide denial-of-service attacks to order, Apple’s security patch for its macOS and iOS, the release of Facebook’s Certificate Transparency Monitoring tool and Google’s improvements to its machine learning technology through its Embedding Projector technology. International law enforcement agencies in more than dozen countries arrested 34 individuals in a cyber-crime sweep that focused on customers of online services that provide denial-of-service attacks to order. In the United States, the FBI arrested a 26-year-old University of Southern California graduate student allegedly linked to distributed denial-of-service (DDoS) attack that knocked a San Francisco chat-service company offline. The suspect, Sean Sharma, was charged on Dec. 9 with purchasing a DDoS tool used to mount the attack, the FBI stated in a release. Since last week, the FBI’s International Cyber Crime Coordination Cell, or IC4, and other law enforcement agencies—including Europol and the U.K.’s National Crime Agency—have arrested 34 suspects and conducted interviews with 101 individuals. Apple is updating both its desktop macOS Sierra and iOS mobile operating systems for multiple security vulnerabilities. The iOS 10.2 update was officially released on Dec. 12, while the macOS 10.12.2 update followed a day later on Dec. 13. Among the items fixed in iOS 10.2 is a vulnerability that was first publicly disclosed in a YouTube video on Nov. 16 that can enable a potential attacker to access a user’s photos and contacts from the iPhone’s lock screen. The vulnerability is identified as CVE-2016-7664 and was reported by Miguel Alvarado of iDeviceHelp. On Dec. 13, Facebook announced the launch of its freely-available Certificate Transparency Monitoring tool, providing users with a simple way to search for recently issued certificates and to be alerted when a new certificate is issued for a specific domain. SSL/TLS is the encryption standard used across the internet to secure websites. A best practice for SSL/TLS is for the security certificates to be issued by a known Certificate Authority (CA) to help guarantee authenticity and integrity. Defective Certificates can be accidentally or maliciously issued, which is a risk that the Certificate Transparency effort aims to help mitigate. Google initiated the Certificate Transparency initiative, which involves Certificate Authorities publishing newly issued certificates to a Certificate Transparency (CT) log. Facebook’s tool enables users to search CT logs for certificates as well as provides a mechanism to subscribe to alerts on domains. Google has open sourced its Embedding Projector, a web application that gives developers a way to visualize data that’s being used to train their machine learning systems. Embedding Projector is part of TensorFlow, the machine learning technology behind some popular Google services like image search, Smart Reply in Inbox and Google Translate. In a technical paper, Google researchers described the Embedding Projector as an interactive visualization tool that developers can use to interpret machine-learning models that rely on what are known as “embeddings.” “With the widespread adoption of ML systems, it is increasingly important for research scientists to be able to explore how the data is being interpreted by the models,” Google engineer Daniel Smilkov said in Google’s open source blog. Source: http://www.eweek.com/video/34-people-arrested-in-global-crackdown-on-ddos-attack-service-users.html?=large-video-widget

Read the original post:
34 People Arrested in Global Crackdown on DDOS Attack Service Users