Three men admit creating and running Mirai, a botnet used to block access to much of the web.
See the original article here:
Mirai botnet: Three admit creating and running attack tool
Three men admit creating and running Mirai, a botnet used to block access to much of the web.
See the original article here:
Mirai botnet: Three admit creating and running attack tool
The extraordinary volatility of the price of bitcoin has spurred speculators to employ a wide variety of tricks to make it swing between extremes, so that they can take advantage of it. The unregulated nature of the cryptocurrency ecosystem makes it possible for things like statements by widely esteemed financial executives to have a sizeable impact on the currency’s price. Another way to influence the price is through DDoS attacks against bitcoin exchange sites. There’s … More ?
View post:
DDoS attackers increasingly targeting cryptocurrency exchanges
Organizations experienced an average of 237 DDoS attack attempts per month during Q3 2017 – equivalent to 8 DDoS attack attempts every day – as hackers strive to take their organisations offline or steal sensitive data, according to Corero Network Security. The data, which is based on DDoS attack attempts against Corero customers, represents a 35% increase in monthly attack attempts compared to the previous quarter (Q2 2017), and a 91% increase in monthly attack … More ?
Read the original:
Criminals leverage unsecured IoT devices, DDoS attacks surge
Hacktivist group Anonymous has been firing up its DDoS cannon again, this time aiming it at Spanish government websites, in support of Catalan independence. The group claimed to have taken offline the website of the constitutional court, which ruled the Catalonian referendum illegal last week. It also defaced the website of the Spanish Ministry of Public Works and Transport with a “Free Catalonia” message. A statement from the group had the following: “In the name of all the Catalan independence and democracy, Anonymous Catalonia asks all the Anons of the world who are in favour of the freedom of expression […] and peaceful dialogue to persist in the #FreeCatalonia operation until 29 October 2017.” Various accounts associated with the disparate group have been tweeting messages with #opCatalunya and #FreeCatalonia, claiming “big attacks are coming”, although the government sites in question appear to be back to normal now. “We wish to state that the Catalan people’s desire to express their will via a referendum is the majority view and cuts across all strata of society and is in keeping with the civic, peaceful and democratic determination expressed in the multitudinous demonstrations held by organised society in favour of its right to decide,” noted another Anonymous branded video. Stephanie Weagle, VP at Corero Network Security, argued that DDoS attacks continue to function as an effective disrupter of businesses and in some cases help to distract IT teams while information is stolen. “In order to effectively protect their networks, prevent disruptions to customer operations, and better protect against service outages, downtime and potential data theft, companies need real-time visibility and mitigation of all DDoS attack traffic targeting their networks, regardless of size or duration,” she added. “Traditional security infrastructure will not stand up to these service interrupting attacks—a dedicated layer of DDoS mitigation is required to eliminate the DDoS threat. Source: https://www.infosecurity-magazine.com/news/anonymous-attacks-spanish/
Continue reading here:
Anonymous Attacks Spanish Government Sites
But numbers aren’t everything, are they, Dyn? The Reaper IoT botnet is nowhere near as threatening as previously suggested, according to new research.…
View article:
Reaper IoT botnet ain’t so scary, contains fewer than 20,000 drones
Malware Reaper is acquiring internet-connected devices for coordinated attack, say State Cyber Police Mumbai: The Maharashtra Cyber Department is in the process of issuing a State-wide advisory outlining steps to prevent potential targets from falling prey after the New Delhi-based Computer Emergency Response Team (CERT) said it has received intelligence inputs about a massive cyber attack on several countries, including India. The CERT is the country’s central cyber security agency. Maharashtra Cyber Police officers confirmed to The Hindu that the attack would be similar to the Distributed Denial of Service (DDOS) attack that hit the State last year. In July 2016, The Hindu had reported how small and medium Internet Service Providers were under attack from unknown parties, who were pinging their servers incessantly to the point where the servers crashed, denying service to their clients and causing loss of revenue. According to sources, the imminent DDOS attack, which is believed to be on a much larger scale, is being readied using malware known by two names, Reaper and IoTroop, and is currently taking over thousands of machines connected to the internet to be used for a synchronised attack on the target servers. Maharashtra IG (Cyber) Brijesh Singh said, “Mirai had acquired five lakh devices. The Reaper malware has already affected two million devices worldwide, and is acquiring 10,000 devices per day. It seems to be targeting CCTV camera systems and Digital Video Recorders connected to the internet.” Bot attack A Cyber Police officer said, “It’s difficult to say at this point exactly who the targets are, but we have enough information to indicate that machines connected to the internet, including cell phones, laptops, CCTV cameras and other devices, are susceptible. A large number of such machines are being hacked and turned into bots as we speak. Our cyber intelligence network indicates a lot of abnormal behaviour on the internet, consistent with hacking of devices.” A bot, or robot, is an automated programme. In this kind of cyber attack, hackers use malware to infect devices to turn them into bots that do their bidding. Sources said the perpetrators of Reaper are currently creating a huge network of bots, called a botnet in cyberspeak. In October 2016, a malware known as Mirai had executed multiple DDOs attacks on servers of Dyn, a leading domain name service provider, affecting several popular websites including Twitter, Netflix and Reddit. Cyber Police officers said Reaper is amassing bots on a much larger scale than Mirai. “Once the botnet is ready as per the perpetrators’ requirements, they simply have to command the bots to ping servers of the target all at once, resulting in a server crash. Depending on the size of the company or industry targeted, it will result in massive losses of revenue.” A possible way to execute the attack would be that the bots are pre-programmed to strike on a particular day. This possibility is also being probed, officers said. Superintendent of Police Balsing Rajput, Maharashtra Cyber Police, confirmed that intelligence inputs about Reaper have been received. “We are working on the information and will soon be coming out with an advisory regarding the same.” Source: Malware Reaper is acquiring internet-connected devices for coordinated attack, say State Cyber Police Mumbai: The Maharashtra Cyber Department is in the process of issuing a State-wide advisory outlining steps to prevent potential targets from falling prey after the New Delhi-based Computer Emergency Response Team (CERT) said it has received intelligence inputs about a massive cyber attack on several countries, including India. The CERT is the country’s central cyber security agency. Maharashtra Cyber Police officers confirmed to The Hindu that the attack would be similar to the Distributed Denial of Service (DDOS) attack that hit the State last year. In July 2016, The Hindu had reported how small and medium Internet Service Providers were under attack from unknown parties, who were pinging their servers incessantly to the point where the servers crashed, denying service to their clients and causing loss of revenue. According to sources, the imminent DDOS attack, which is believed to be on a much larger scale, is being readied using malware known by two names, Reaper and IoTroop, and is currently taking over thousands of machines connected to the internet to be used for a synchronised attack on the target servers. Maharashtra IG (Cyber) Brijesh Singh said, “Mirai had acquired five lakh devices. The Reaper malware has already affected two million devices worldwide, and is acquiring 10,000 devices per day. It seems to be targeting CCTV camera systems and Digital Video Recorders connected to the internet.” Bot attack A Cyber Police officer said, “It’s difficult to say at this point exactly who the targets are, but we have enough information to indicate that machines connected to the internet, including cell phones, laptops, CCTV cameras and other devices, are susceptible. A large number of such machines are being hacked and turned into bots as we speak. Our cyber intelligence network indicates a lot of abnormal behaviour on the internet, consistent with hacking of devices.” A bot, or robot, is an automated programme. In this kind of cyber attack, hackers use malware to infect devices to turn them into bots that do their bidding. Sources said the perpetrators of Reaper are currently creating a huge network of bots, called a botnet in cyberspeak. In October 2016, a malware known as Mirai had executed multiple DDOs attacks on servers of Dyn, a leading domain name service provider, affecting several popular websites including Twitter, Netflix and Reddit. Cyber Police officers said Reaper is amassing bots on a much larger scale than Mirai. “Once the botnet is ready as per the perpetrators’ requirements, they simply have to command the bots to ping servers of the target all at once, resulting in a server crash. Depending on the size of the company or industry targeted, it will result in massive losses of revenue.” A possible way to execute the attack would be that the bots are pre-programmed to strike on a particular day. This possibility is also being probed, officers said. Superintendent of Police Balsing Rajput, Maharashtra Cyber Police, confirmed that intelligence inputs about Reaper have been received. “We are working on the information and will soon be coming out with an advisory regarding the same.” Source: http://www.thehindu.com/news/cities/mumbai/cert-issues-cyber-attack-warning-for-india/article19920037.ece
Read the original post:
CERT issues cyber attack warning for India
The Czech statistical office has reported DDoS (Distrubuted Denial of Service) attacks on websites related to the recent parliamentary elections during the vote count. A number of websites of the Czech statistical office (CZSO) have been subject to cyberattacks during the counting of votes in the Czech parliament’s lower house election, Petra Bacova, the CZSO spokeswoman, told Sputnik Sunday. “The websites related to the parliamentary elections — volby.cz and volbyhned.cz — have temporary failed to function due to DDoS attacks [Distributed Denial of Service] during the vote count on Saturday. These attacks have not affected the overall progress of the election,” Bacova said. The police along with the Czech National Cyber and Information Security Agency have already launched an investigation into the attacks. “Thanks to the rapid response, the attacks on the both aforementioned servers have been neutralized, while the work of the websites has been resumed,” Bacova said. The Czech Republic held an election to the lower house of the parliament on Friday-Saturday. The centrist ANO political party won the election, receiving 29.64 percent of votes. Czech President Milos Zeman stated that he was ready to appoint Andrej Babis, ANO’s leader, as Czech prime minister. Source: https://sputniknews.com/europe/201710231058456317-czech-election-hit-cyberattack/
Follow this link:
Czech Parliamentary Election Websites Hit by Cyberattacks
Necurs botnet spreads ransomware carried in Office documents The ever-vigilant folk at the Internet Storm Centre (SANS) have spotted yet another campaign trying to drop the Locky ransomware using compromised Word files.…
Link:
New phishing campaign uses 20-year-old Microsoft mess as bait
Security researchers are warning about malware that’s been enslaving routers, webcams and DVRs across the world to create a giant botnet capable of disrupting the internet. The malware, called Reaper or IoTroop, isn’t the first to target poorly secured devices. But it’s doing so at an alarmingly fast rate, according to security firm Check Point, which noticed the malicious code last month. The malware has infected “hundreds of thousands” of devices, said Maya Horowitz, threat intelligence group manager at Check Point. Reaper brings up memories of malware known as Mirai, which formed its own giant botnet in 2016 and infected over 500,000 IoT devices, according to some estimates. It then began launching a massive distributed denial-of-service (DDoS) attack that disrupted internet access across the US. Reaper could be used to launch a similar attack, Check Point researchers said. The good news is the infected bots haven’t launched any DDoS campaigns. Instead, they’re still focused on enslaving new devices. Researchers at security firm Qihoo 360 also noticed the Reaper malware, and found evidence it was trying to infect at least 2 million vulnerable devices. Reaper even borrows some source code from Mirai, though it spreads itself differently, Qihoo said. Unlike Mirai, which relies on cracking the default password to gain access to the device, Reaper has been found targeting around a dozen different vulnerabilities found in products from D-Link, Netgear, Linksys, and others. All these vulnerabilities are publicly known, and at least some of the vendors have released security patches to fix them. But that hasn’t stopped the mysterious developer behind Reaper from exploiting the vulnerabilities. In many cases, IoT devices will remain unpatched because the security fixes aren’t easy to install. Who may have created the malware and what their motives are still isn’t known, but all the tools needed to make it are actually available online, Horowitz said. For instance, the source code to the Mirai malware was dumped on a hacking forum last year. In addition, data about the vulnerabilities Reaper targets can be found in security research posted online. “It’s so easy to be a threat actor when all these public exploits and malware can be just posted on GitHub,” she said. “It’s really easy to just rip the code, and combine, to create your own strong cyber weapon.” Unfortunately, little might be done to stop the Reaper malware. Security experts have all been warning that poorly secured IoT devices need to be patched, but clearly many haven’t. “This is another wakeup call” for manufacturers, Horowitz said. Source: https://www.pcmag.com/news/356926/new-mirai-like-malware-targets-iot-devices
Read the original post:
New Mirai-Like Malware Targets IoT Devices
The Sockbot malware has made its way into at least eight Apps in the Google Play Store with the intent of adding devices to botnets and performing DDoS attacks. Symantec researchers said the malicious apps have each been downloaded between 600,000 and 2.6 million times respectively and has primarily targeted users in the United States although infections have been spotted in Russia, Ukraine, Brazil, and Germany, according to an Oct 18 blog post. One of the malicious apps poses as an app that will allow users to modify their Minecraft characters. The app uses a SOCKS proxy mechanism and is commanded to connect to an ad server and launch ad requests. “This highly flexible proxy topology could easily be extended to take advantage of a number of network-based vulnerabilities, and could potentially span security boundaries,” the post said. “In addition to enabling arbitrary network attacks, the large footprint of this infection could also be leveraged to mount a distributed denial of service (DDoS) attack.” Researchers contacted Google Play on Oct. 6 and the malicious apps have since been removed from the store. To prevent downloading similar malicious apps users should keep software updated, refrain from downloading apps from unfamiliar sites, only install apps from trusted sources, and pay close attention to the permissions requested by an app. Users should also install mobile security apps and make frequent backups of data. Source: https://www.scmagazine.com/sockbot-malware-adds-devices-to-botnets-executes-ddos-attacks/article/701189/
Visit site:
Android malware on Google Play grows botnets, launches DDoS attacks