Category Archives: DDoS News

Someone is trying to take down the Drudge Report, and it’s a mystery who’s behind it

The Drudge Report, the highly trafficked conservative news website, has been knocked offline for extended periods during the past two weeks, succumbing to large distributed denial of service attacks, according to its founder, Matt Drudge. And it’s a mystery who’s behind it. Drudge wrote on Twitter that a December 30 attack was the “biggest DDoS since site’s inception.” A DDoS attack is executed by using hijacked computers or electronic devices to flood a website with redundant requests, aiming to overload the website’s hosting server and render it unavailable. But, according to cybersecurity experts who spoke with Business Insider, using such a method to take down the Drudge Report would not be easy. The site is already equipped to handle a high volume of visitors and scale out to accommodate spikes in traffic. Moreover, a website that generates so many page views would most likely employ strong defense measures, the cybersecurity experts said. “The Drudge Report has a massive readership,” said Ajay Arora, the CEO and cofounder of the cybersecurity firm Vera. “Generally someone that has that kind of viewership is going to have sophisticated hosting and counter defenses against DDoS attacks.” Since emerging in 1996, the Drudge Report has been a home to conservatives who feel disenfranchised by traditional media. Drudge has marketed his site as a news destination not controlled by corporate interests or politicians. And he’s had great success. SimilarWeb, an analytics firm, continually ranks the Drudge Report as one of the five most-trafficked media publishers in the US. According to analytics posted to the site, the Drudge Report has amassed about 775 million page views in the past 31 days — all with hardly any traffic coming from social-media channels. It’s a high-prized target, one that now sees itself under attack by an unknown culprit. Drudge has pointed the finger at the US government, tweeting that the traffic that downed his website had “VERY suspicious routing [and timing].” “Attacking coming from ‘thousands’ of sources,” he wrote on Twitter. “Of course none of them traceable to Fort Meade…” Drudge seemed to imply that his site was taken down in connection with punishment leveled against Russia for election-related hacking. The first attack on his site came hours after President Barack Obama announced the US would impose sanctions against Moscow, and the Drudge Report had previously been identified in a discredited Washington Post story as responsible for spreading Russian propaganda. “Maybe they think this is a proportional counterattack to Russia,” tweeted Sharyl Attkisson, a former CBS News investigative journalist. “After all they have decided @Drudge is Russian fake news, right?” Neither the White House nor the Office of the Director of National Intelligence responded to requests for comment. But cybersecurity experts who spoke with Business Insider discounted Drudge’s claim on grounds that the government attacking a US journalist’s site would be a blatant violation of the Constitution — as well as generally improbable. “If Putin wanted to take down a website, I’m sure he could order it,” said Jared DeMott, a former security engineer for the National Security Agency who is now the chief technology officer of Binary Defense Systems. “If Obama wanted to do something like that, he’d have to go to different people. It would be a hard conversation to have.” “Maybe if there was a military reason to have it,” DeMott added. “But domestically, there is no way.” DeMott, however, posited that another nation-state could be the potential culprit. “It definitely could be a nation-state,” he said. “They do stuff like that on an ongoing basis, whether they are looking for intel or trying to destabilize a political region.” Arora of the firm Vera agreed, saying that only a “small number of groups” in the world had the sophistication necessary to execute an attack to take out the Drudge Report for extended periods. “I would say it would be a group or nation-state that has pretty sophisticated methods and means,” he said. “Given the fact it’s happened a number of times and is persistent for well over a few minutes, and it’s coming from multiple sources, against a site that would have a lot of protection, it would indicate it’s someone pretty sophisticated.” Chris Weber, the cofounder of Casaba Security, agreed that because the Drudge Report was “getting so much traffic already,” a DDoS attack would need to be on a far “greater magnitude” to be effective against it. “It does seem unlikely that the Drudge Report would be easily taken down or slowed significantly by a standard DDoS attack,” he said. He surmised that the attack that took down the site was perhaps more on the scale of the massive cyberattack that temporarily knocked out Dyn, a large DNS company, in October. WikiLeaks said its supporters were behind that attack as a show of support for the group’s founder, Julian Assange. Outside nation-states, it is equally probable that the Drudge Report has come under fire from a “hacktivist” organization, perhaps unhappy with the political views espoused by the site’s founder. Drudge has always been a controversial conservative figure, but in 2016 he went all-in for President-elect Donald Trump, often igniting controversy with inflammatory headlines emblazoned on his site. But hacktivist organizations almost always take credit after a successful attack has been executed, experts said. So far, no one has claimed credit for the attacks on the Drudge Report. And without a group taking credit, it may be impossible to determine the culprit. “Attribution has always been hard in cyber,” DeMott said. “The science is just quite not mature.” Arora said any information Drudge “can provide in terms of motives” to a cybersecurity team would be helpful in identifying the responsible party. “There’s a lot of people that don’t like Matt Drudge,” he said. “He likes to push people’s buttons. Anyone who he specifically has knowledge of, who would be out to get him.” Arora added: “It’s not just a technology question. It’s also a motive question.” Source: http://www.businessinsider.com/hackers-ddos-drudge-report-2017-1

See the article here:
Someone is trying to take down the Drudge Report, and it’s a mystery who’s behind it

Biggest British Hosting Company 123-Reg Suffers Major DDoS Attack

123-Reg, the biggest hosting company in the UK, is targeted a second time in as many years with a chain of major DDoS attacks. The biggest provider of domain registrations in the UK, 123-reg, has once again been the target of a DDoS attack. The result was that users weren’t able to get into their websites or email accounts. Considering this is just the start of 2017, the company has had to deal with another major blow. The company informed of the attacks formally using Twitter, explaining that they believed the attack had just begun and they were working on options to redress the situation and were attempting to work out the impact of the attack. They promised updates would follow. They continued to explain that the company’s network teams kept scrubbing and rerouting bad traffic. Of course, apologies were made for any problems their customers were experiencing. Once again, they reiterated that their team was still rerouting traffic and that they would provide further information soon. The DDoS attack took place on Friday, with the company stating that their IT team had mitigated the DDoS attacks, as evidenced by the resumption of services at around 1 PM. However, some users are still complaining today that they can’t get into their websites. 123-Reg sent out another two tweets in which they attempted to explain that the DDoS attack had just begun and they were attempting to resolve the issue. Later that day, they issued another tweet, stating that the problem had been fixed by 1 PM and that they apologized for any issues. In 2016, 123-Reg was the target of 2 big DDoS or Distributed Denial of Service, attacks. One took place in April, while one occurred in August. The firm stated that it was possible they lost a small amount of user information after the attack that occurred in April. Customers were very displeased at the time because, even after doing their best, the firm only succeeded in bringing back online only 39 percent of their Virtual Private Servers after a week. In August, the company was once again hit by a huge 30Gbps DDoS attack, which completely brought their site down. OVH, a French hosting company, was also the target of large DDoS attacks going up to 1Tbps last year. The firm stated that the Mirai botnet malicious code had been used in the attacks against them but 123-Reg did not make any similar statements. Source: https://www.socpedia.com/biggest-british-hosting-company-123-reg-suffers-major-ddos-attack

View original post here:
Biggest British Hosting Company 123-Reg Suffers Major DDoS Attack

3… 2…1… and 123-Reg hit by DDoSers. Again

Happy New Year! Updated Just days into the new year, and poor old 123-Reg is already experiencing problems, this time in the form of a DDoS attack – something it is no stranger to.…

More:
3… 2…1… and 123-Reg hit by DDoSers. Again

DDoS Attacks on the Rise—Here’s What Companies Need to Do

Distributed denial-of-service (DDoS) attacks have been going on for years. But in recent months they seem to have gained much more attention, in part because of high-profile incidents that affected millions of users. For instance, in late October 2016 a massive DDoS assault on Domain Name System (DNS) service provider Dyn temporarily shut down some of the biggest sites on the Internet. The incident affected users in much of the East Coast of the United States as well as data centers in Texas, Washington, and California. Dyn said in statements that tens of millions of IP addresses hit its infrastructure during the attack. Just how much attention DDoS is getting these days is indicated by a recent blog post by the Software Engineering Institute (SEI) at Carnegie Mellon University. The post, entitled, “Distributed Denial of Service Attacks: Four Best Practices for Prevention and Response,” became SEI’s most visited of the year after just two days, said a spokesman for the institute. To help defend against such attacks, organizations need to understand that this is not just an IT concern. “While DDoS attack prevention is partly a technical issue, it is also largely a business issue,” said Rachel Kartch, analysis team lead at the CERT Division of SEI, a federally funded research and development center sponsored by the U.S. Department of Defense and operated by CMU, and author of the DDoS post. Fortunately there are steps organizations can take to better protect themselves against DDoS attacks, and Kartch describes these in the post. In general, organizations should begin planning for attacks in advance, because it’s much more difficult to respond after an attack is already under way. “While DDoS attacks can’t be prevented, steps can be taken to make it harder for an attacker to render a network unresponsive,” Kartch noted. To fortify IT resources against a DDoS attack, it’s vital to make the architecture as resilient as possible. Fortifying network architecture is an important step not just in DDoS network defense, Kartch said, but in ensuring business continuity and protecting the organization from any kind of outage. To help disperse organizational assets and avoid presenting a single rich target to an attacker. organizations should locate servers in different data centers; ensure that data centers are located on different networks; ensure that data centers have diverse paths, and ensure that the data centers, or the networks that the data centers are connected to, have no notable bottlenecks or single points of failure. For those organizations that depend on servers and Internet presence, it’s important to make sure resources are geographically dispersed and not located in a single data center, Kartch said. “If resources are already geographically dispersed, it is important to view each data center as having more than one pipe to [the] Internet, and ensure that not all data centers are connected to the same Internet provider,” she said. While these are best practices for general business continuity and disaster recovery, they will also help ensure organizational resiliency in response to a DDoS attack. The post also describes other practices for defending against DDoS. One is to deploy appropriate hardware that can handle known attack types and use the options in the hardware that can protect network resources. While bolstering resources will not prevent a DDoS attack from happening, Kartch said, doing so will lessen the impact of an attack. Certain types of DDoS attacks have existed for a long time, and a lot of network and security hardware is capable of mitigating them. For example, many commercially available network firewalls, web application firewalls, and load balancers can defend against protocol attacks and application-layer attacks, Kartch said. Specialty DDoS mitigation appliances also can protect against these attacks. Another good practice is to scale up network bandwidth. “For volumetric attacks, the solution some organizations have adopted is simply to scale bandwidth up to be able to absorb a large volume of traffic if necessary,” Kartch said. “That said, volumetric attacks are something of an arms race, and many organizations won’t be able or willing to pay for the network bandwidth needed to handle some of the very large attacks we have recently seen. This is primarily an option for very large organizations and service providers.” It’s likely that DDoS attacks will continue to be a major issue for organizations. A 2016 study by content delivery network provider Akamai said these types of incidents are rising in number as well as in severity and duration. The company reported a 125% increase in DDoS attacks year over year and a 35% rise in the average attack duration. Cyber security executives need to make it a top priority to protect their organizations against DDoS. Source: http://www.itbestofbreed.com/sponsors/bitdefender/best-tech/ddos-attacks-rise-here-s-what-companies-need-do

Originally posted here:
DDoS Attacks on the Rise—Here’s What Companies Need to Do

US Government Attacks Drudge Report? Conservative Website Down Because Of DDoS Attack, Matt Drudge Tweets

A tweet from conservative media icon Matt Drudge’s verified Twitter account Thursday night appeared to accuse the government of interfering with his website, DrudgeReport.com , just hours after the Barack Obama administration announced new sanctions against Russia over election hacking. “Is the US government attacking DRUDGE REPORT? Biggest DDoS since site’s inception. VERY suspicious routing [and timing],” the tweet to Drudge’s 457,000 followers read. There were no other tweets from the account at the time. A large-scale distributed denial of service attack, or DDoS, can cause major Internet disruptions. In the past, such attacks have shut down major websites such as Twitter, Spotify, Netflix, Amazon, Tumblr, and Reddit. The attack sends a server many illegitimate requests to make it hard for real requests to get through, effectively shutting down the site. Drudge Report was down briefly around 7 p.m. EST, but working hours later. The top headline read: “MOSCOW MOCKS OBAMA ‘LAME DUCK’” Meanwhile, the conservative Washington Times wrote: “Matt Drudge suggests U.S. government cyberattack on Drudge Report website. DDoS attack comes same day Obama announced countermeasures against Russia for hacking of Democrats.” Conservatives on Twitter also accused the government of shutting down the Russian news website, RT. “Numerous reports of Russian state-run Network RT being unavailable. Drudge Report also under ‘Biggest DDoS attack since site’s inception,’” wrote one user. President Barack Obama announced Thursday sanctions against several Russian agencies and individuals after cyberattacks during the 2016 presidential election against Democratic Party institutions that appeared to help Donald Trump win over Hillary Clinton. “All Americans should be alarmed by Russia’s actions. In October, my administration publicized our assessment that Russia took actions intended to interfere with the U.S. election process,” Obama said. “These data theft and disclosure activities could only have been directed by the highest levels of the Russian government. Moreover, our diplomats have experienced an unacceptable level of harassment in Moscow by Russian security services and police over the last year. Such activities have consequences.” Government officials have wrangled with Drudge before over his alleged false claims. With 2 million daily unique visitors and around 700 million monthly page views, DrudgeReport.com was the top site for referral traffic in 2014 to the Daily Mail, CNN, Fox News, Roll Call, Breitbart, The New York Times, USA Today, Associated Press and other news sites. Its readers were loyal, staying on the site for an average of 30 minutes, Politico reported. “People are religious in how they come to Drudge,” Vipul Mistry, Intermarket’s Business Development manager, told Politico’s On Media blog. “When we analyzed all our audience that’s what it is, people are on there not only in morning, they tend to leave it open as it refreshes.” Source: http://www.ibtimes.com/us-government-attacks-drudge-report-conservative-website-down-because-distributed-2467391

Continued here:
US Government Attacks Drudge Report? Conservative Website Down Because Of DDoS Attack, Matt Drudge Tweets

2017 predictions: US isolationism, DDoS, data sharing

Without a doubt, 2016 was the year of the DDoS. The year came to a close with a major DDoS attack on DNS provider Dyn, which took down several major internet sites on the Eastern US seaboard. This attack was different – not so much in terms of its volume or its technique, but in the fact that instead of being directed at its intended target, it was targeted at network infrastructure used by the target. I think we are likely to see more DDoS attacks in 2017, both leveraging amplification attacks and direct traffic generated by the Internet of Things. However, we will also see a growing number of incidents in which not just the target experiences outages, but also the networks hosting the sources of the DDoS, as they also need to support significant outbound traffic volumes. This is likely to lead to increasing instability – until such a time as network operators start seeing DDoS as an issue they need to respond to. In this sense, the issue of DDoS is likely to increasingly self-correct over time. The other main trends and developments that I foresee for the year ahead are as follows: ? I think we are likely to see the first few cases where attribution of nation states accountable for attacks starts to backfire. Over the past few years, corporations and nation states have published a lot of theories on espionage campaigns. One issue with these incidents is the fact that often, contrary to human intelligence, the malware and tools that are used in these attacks leave the intent of the attack open to interpretation. Was the goal to spy on the development of a country and its international relations? Was it to steal information for economic gain? Or was the attack intended to result in sabotage? Those are the all-important questions that are not always easy to answer. The risk of one country inadvertently misunderstanding an attack, and taking negative action in response, is increasing. When a nation’s critical infrastructure suddenly fails, after the country has been publicly implicated in an attack, was it a counterattack or a simple failure? ? In the new policy environment being introduced by President-elect Donald Trump, there is some risk that the United States may start to withdraw from the international policy engagement that has become the norm in cyber security. This would be unfortunate. Cyber security is not purely a domestic issue for any country, and that includes the United States. Examples of great cyber security ideas hail from across the world. For instance, recent capture-the-flag competitions show that some of the best offensive cyber security talent hails from Taiwan, China and Korea. In addition, some tools such as Cyber Green, which tracks overall cyber health and makes international security measurable, originate in Japan rather than the United States. Withdrawing from international cooperation on cyber security will have a number of negative implications. At a strategic level it is likely to lead to less trust between countries, and reduce our ability to maintain a good channel of communications when major breaches are uncovered and attributed. At a tactical level it is likely to result in less effective technical solutions and less sharing around attacks. ? Meanwhile, across the pond, Presidential elections in France, a Federal election in Germany, and perhaps a new president taking power in Iran will all lead to more changes in the geopolitical arena. In the past, events of major importance such as these have typically brought an increase in targeted attack campaigns gathering intelligence (as widespread phishing) and exploiting these news stories to steal user credentials and distribute malware. ? Companies will become more selective about what data they decide to store on their users. Historically, the more data that was stored, the more opportunities there were for future monetisation. However, major data breaches such as we have seen at Yahoo! and OPM have highlighted that storing data can lead to costs that are quite unpredictable. Having significant data can result in your government requesting access through warrants and the equivalent of national security letters. It can also mean that you become the target of determined adversaries and nation states. We have started seeing smaller companies and services, such as Whisper Systems, move towards a model where little data is retained. Over time, my expectation is that larger online services will at least become a little bit more selective in the data they store, and their customers will increasingly expect it of them. ? We will see significant progress in the deployment of TLS in 2017. Let’s Encrypt, the free Certificate Authority, now enables anyone to enable TLS for their website at little cost. In addition, Google’s support for Certificate Transparency will make TLS significantly more secure and robust. With this increased use of encryption, though, will come additional scrutiny by governments, the academic cryptography community, and security researchers. We will see more TLS-related vulnerabilities appear throughout the year, but overall, they will get fixed and the internet will become a safer place as a result. ? I expect that 2017 will also be the year when the security community comes to terms with the fact that machine learning is now a crucial part of our toolkit. Machine learning approaches have already been a critical part of how we deal with spam and malicious software, but they have always been treated with some suspicion in the industry. This year it will become widely accepted that machine learning is a core component of most security tools and implementations. However, there is a risk here as well. As the scale of its use continues to grow, we will have less and less direct insight into the decisions our security algorithms and protocols make. As these new machine learning systems need to learn, rather than be reconfigured, we will see more false positives. This will motivate protocol implementers to “get things right” early and stay close to the specifications to avoid detection by overzealous anomaly detection tools. Source: http://www.itproportal.com/features/2017-predictions-us-isolationism-ddos-data-sharing/

Taken from:
2017 predictions: US isolationism, DDoS, data sharing

Education Ministry website is under DDoS-attacks

Website of the Ministry of Education and Science does not work due to DDoS-attack. As noted by Interfax-Ukraine, citing the press service of the department, the attack on the portal has been made yesterday. “The attack was made on the weekend, and as a result of it the website is down”, noted in the department. According to the ministry, at the moment the attack has been finished, the work to restore the website is underway, but they have not completed it yet. Earlier the websites of the Ministry of Finance, the State Treasury and the Pension Fund also suffered from the hacker attacks. Source: http://112.international/society/education-ministry-website-is-under-ddos-attacks-12465.html

View article:
Education Ministry website is under DDoS-attacks

Thai police charge man in hacking attacks on gov’t sites

Police in Thailand on Monday charged a suspect with participating in recent hacking attacks on government computers that were billed as a protest against a restrictive law governing internet use. Natdanai Kongdee, 19, was one of nine people arrested in connection with the attacks that blocked access to some websites and accessed non-public files, Deputy Prime Minister Prawit Wongsuwan said. Police said he was a low-level hacker rather than a leader and had confessed to participating in the attacks. They said he belonged to several online groups specializing in hacking activities. Natdanai was present at Monday’s news conference but did not speak. He was charged with gaining unauthorized access to police data, along with illegal possession of firearms and marijuana, allegedly found when police searched his house. The legal status of the other people arrested was not explained. Groups promoting the attacks say they are in protest of passage of revisions to Thailand’s Computer Crime Act, which would restrict freedom of speech and facilitate targeting political dissidents. The new law would allow Thai authorities to intercept private communication and to censor websites without a court order. In addition to the leaking of documents, government sites have been subject to distributed denial of service, or DDoS, attacks, where access is denied by overloading the online server with requests. A Facebook group encouraged a simple version of such attacks by suggesting people repeatedly reload them by pressing the F5 key. “He (Natdanai) was naive to believe the (Facebook) group and hack into the system,” Siripong Timula of the police’s technology department said. The Facebook group, with the name Citizens Against Single Gateway, earlier this month called for a “cyberwar.” Its name reflects activists’ concerns about plans for a single gateway through which all international internet traffic would pass. The government claims such a system is necessary for national security, but opposition from many sectors has made the government evasive about whether it plans to implement a single gateway. The group on Dec. 19 claimed responsibility for temporarily bringing down the Thai defense ministry’s website. Since then, it has claimed to have brought down websites for Thailand’s military, customs department, police, foreign affairs ministry and additional government websites. Other hackers, operating as part of the informal activist network Anonymous, have been posting data they say is from government computers. Police said Monday that their systems are still “well protected” and that the attacks constitute minor hacks. Prime Minister Prayuth Chan-ocha said, “If we do not have any laws or write it down to make it clearer and if they continue to do this, what can we do?” Should hackers simply be allowed to poke into personal data, he asked reporters rhetorically. “We’ve talked about it many times. Everything is passed. Talk about something else,” said Prayuth, who is noted for his brusque manner of speaking. Source: http://www.dailymail.co.uk/wires/ap/article-4066212/Thai-police-charge-man-hacking-attacks-govt-sites.html

Read the original post:
Thai police charge man in hacking attacks on gov’t sites

Hackers hit Thai government with DDoS attacks protesting against restrictive internet law

Classified government records are believed to have been accessed by the hackers. Anonymous hackers have reportedly hit Thailand government websites with targeted DDoS attacks in retaliation for the passage of a bill which is feared to impose considerable restrictions on internet freedom. The bill introduced amendments to the country’s computer crime law and was unanimously passed by the military-appointed legislature on 16 December, according to reports. The new law allows Thai authorities to monitor and access private communications as well as censor online content without a court order. The DDoS attack knocked out Thailand’s defence ministry website. At the time of writing, the site remains inaccessible. Anonymous hackers also reportedly targeted the Thai Ministry of Digital Economy and Society, the Prime Minister’s Office and the Office of the National Security Council. A hacker, claiming to be part of the Anonymous campaign against the Thai government titled “Op Single Gateway”, going by the pseudonym “blackplans”, posted screenshots on Twitter of what he/she claimed were documents stolen from the compromised government sites. The Thai defence ministry said the attack accomplished little. “They couldn’t do anything because we have defence systems in place that are ready for such situations,” said Kongcheep Tantrawanich, a defence ministry spokesman,” ABC News reported. He warned that further attacks could lead to “destroying financial systems, banks, transportation systems, airports and can cause damage toward the population of an entire country”. The Thai government characterised the hackers as “thugs” bent upon “creating chaos” and “overstepping boundaries”. The government has also asked the public to come forward with information about the hackers. Thai cyber controls raise censorship and privacy concerns Privacy groups have raised concerns about Thailand’s new cyber laws, which are believed to infringe on human rights and freedom of expression. The UN Office of Human Rights said in a statement on Monday (19 December): “We are concerned by amendments to Thai legislation that could threaten online freedoms, and call on the government to ensure the country’s cyber laws comply with international human rights standards.” According to local reports, Amnesty International, in collaboration with the Thai Netizen Network, lodged a petition with the Thai National Legislative Assembly. The petition, which has also been endorsed by 300,000 internet users, calls for reconsideration of the amendments to the computer crime act. “The bill is very broad and open to interpretation and we will have to see how the government will implement these laws,” said Arthit Suriyawongkul of the Thai Netizen Network. “It’s not the law itself that is a rights violation, but the authorities’ extensive power when monitoring and censoring online content, which could raise privacy concerns.” Thai Prime Minister Prayuth Chan-ocha defended the amendments to the nation’s cyber laws. “This law is for when anyone posts something that is poisonous to society so that we know where it comes from,” Prayuth said, Reuters reported. “Don’t think this is a rights violation. This isn’t what we call a rights violation … this is what we call a law to be used against those who violate the law,” he said. Source: http://www.ibtimes.co.uk/hackers-hit-thai-government-ddos-attacks-protesting-against-restrictive-internet-law-1597339

Read this article:
Hackers hit Thai government with DDoS attacks protesting against restrictive internet law

Indian Bitcoin Exchange Suffers Outage as DDoS Attacks Continue

T he onslaught of DDoS attacks targeting bitcoin websites around the world isn’t showing any signs of abating as an Indian bitcoin exchange came under attack today. Indian bitcoin exchange Coinsecure saw a spike in traffic this Monday morning local time. The number of connections attempting to reach the website was enough to disrupt exchange activity. Operational delays ensued on its website, mobile application and other API-enabled platforms. In an email to customers, the bitcoin exchange revealed the reason for the delays. We were under a massive DDoS attack this morning that blocked traffic temporarily to our website, API and Android App. You may have experienced delays in withdrawals and deposits as well, this morning. The email, which reached customers afternoon in local time, confirmed that the website was fully operational again, following several hours of disruption. Bitcoin Exchanges. Ripe Targets? Bitcoin exchanges and websites are perhaps the most-obvious targets for DDoS extortionists seeking ransom in bitcoin. Still, Kraken CEO Jesse Powell told CCN in an earlier exchange that bitcoin companies aren’t always the best targets. “Most Bitcoin companies aren’t profitable and we’re therefore not great targets,” said Powell, whose exchange suffered a DDoS attack in November last year. Thai bitcoin exchange Bitcoin Co. Ltd., also suffered a DDoS attack in November 2015, albeit from a different perpetrator. “We have received several DDOS-ransom letters to https://bx.in.th,” Bitcoin Co. Ltd Managing Director David Barnes told CCN . “[The] last was supposedly from Armada Collective requesting 10BTC.” More importantly, he added: Attackers seem to lose interest quickly when you block them or don’t respond to their messages. CCN was also targeted in November 2015, with one extortionist communicating via email to demand 2 bitcoins in ransom. The email was ignored and we duly put up a 5 BTC reward for any information leading to a successful police report. While we came short of finding details, CCN continues to be targeted frequently with DDoS attacks. At the time in 2015, bitcoin was trading near peaks of $500 and has come a considerable way since while avoiding volatility. As the value of the cryptocurrency makes gains with stable footing, bitcoin businesses and websites continue to remain targets. A New Wave of Attacks The latest instances of DDoS disruptions could ostensibly be new wave of attacks targeting bitcoin websites. Last week, European bitcoin and altcoin exchange BTC-e was also targeted, resulting in temporary disruption of exchange activity. CCN was also the target of a DDoS attack last week. The website saw temporary disruption lasting 1-2 hours before the attacks were mitigated. Source: https://www.cryptocoinsnews.com/indian-bitcoin-exchange-suffers-outage-ddos-attacks-continue/

Continue reading here:
Indian Bitcoin Exchange Suffers Outage as DDoS Attacks Continue