Category Archives: DDoS News

Japanese teens DDoS attack takes out 444 school websites

A Japanese teenager was charged on May 11 for allegedly launching a DDoS attack against the Osaka Board of Education, which shut down 444 school websites. The 16-year-old faces obstruction of business charges for the attack, which was carried out last November, and marked the first time in Japan’s history that a cyber attack was launched against a local government, according to Japan Today. The teen said he launched the attack to remind his teachers “of their own incompetence,” according to the publication. The student reportedly told police he wanted to join the hacking collective Anonymous and that he didn’t know that schools other than his own would be impacted. He faces up to three years in prison and a 500,000 yen fine. Source: http://www.scmagazine.com/japanese-teen-launches-massive-ddos-attack-to-remind-teachers-they-are-incompetent/article/496756/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+SCMagazineHome+%28SC+Magazine%29

View article:
Japanese teens DDoS attack takes out 444 school websites

A million machines enslaved by MitM Google ad fraud botnet

Better the devil you know as malware replaces Alphabet ads with less sanitary banners About a million computers have been enslaved into a newly-identified botnet that is plundering Google advertising revenues, a security trio says.…

View post:
A million machines enslaved by MitM Google ad fraud botnet

Anonymous teams up with GhostSquad to attack major banks

Anonymous has joined forces with GhostSquad to launch successful cyberattacks on eight international banks that were forced to shut down their websites. The hacktivist collective alongside the hacker group GhostSquad have launched a new operation called Op Icarus which aims to punish corrupt banks and individuals in the financial sector. So far the Central Bank of the Dominican Republic, the Guernsey Financial Services Commission, the Central Bank of Maldives and the Dutch Central Bank were all offline for a brief period on May 6 after being hit with distributed denial of service (DDoS) attacks. A day later, the National Bank of Panama and the Central Bank of Kenya were hit with cyberattacks, followed by the Central Bank of Bosnia and Herzegovina and the Central Bank of Mexico were taken offline as a result of DDoS attacks. All eight of the international banks that have been targeted by Op Icarus have managed to bring their systems back online. Anonymous did send a warning to the banking community in the form of a video that was posted on May 4 which said: “We will not let the banks win, we will be attacking the banks with one of the most massive attacks ever seen in the history of Anonymous”. Members of the group also reportedly told the site Hack Read that: “The National Bank of Panama was a special target considering the importance of the Panama leaks. We want to make sure the corrupt elite named in the papers would be punished one day”. With the addition of the cyberattack against the Central Bank of Greece and the Central Bank of Cyprus, Anonymous has now launched 10 attacks on international banks on its list of 160 potential banks that could be targeted by its members. Anonymous has planned Op Icarus to be a month long campaign against the banking industry as a whole. The US Federal Reserve Bank, the IMF, the World Bank, the New York Stock Exchange and the Bank of England are all listed by the group as potential targets and with more than half of the campaigns’ allotted time remaining, this will most likely not be the group’s grand finale. Source: http://betanews.com/2016/05/12/anonymous-op-icarus/

See the original post:
Anonymous teams up with GhostSquad to attack major banks

Viking Horde botnet malware lurks on Google Play

Five apps on Google Play carry Viking Horde, a new malware family that ropes Android devices into an ad-clicking botnet, but can also make them send out spam, send SMS messages to premium-rate numbers, download additional apps, and even participate in DDoS attacks. The discovery was made by Check Point researchers, and they have notified Google about it on May 5, but as I’m writing this, the apps are still available on Android’s official app … More ?

Continue Reading:
Viking Horde botnet malware lurks on Google Play

Whitepaper: Protecting financial institutions from DDoS attacks

In response to the growing DDoS threat, the FFIEC issued a statement requiring banks and financial institutions to monitor their networks for DDoS attacks and proactively implement DDoS mitigation strategies. Whitepaper Read the Protecting financial institutions from DDoS attacks whitepaper and find out: What are the implications of DDoS attacks for the financial industry. What are the best practices for minimizing the risk of a DDoS attack. How Incapsula’s DDoS Protection service helps you comply … More ?

Taken from:
Whitepaper: Protecting financial institutions from DDoS attacks

Jaku botnet hides targeted attacks within generic botnet noise

Botnets are usually created by cyber criminals that use them to launch DDoS attacks, deliver spam, effect click fraud. The recently discovered Jaku botnet can effectively do all those things, if its botmaster(s) choose to do so, but it seems that they have other things in mind. The botnet which, according to Forcepoint researchers, numbered as many as 17,000 victims at different points in time, consists of several botnets “answering to” different C&C servers. The … More ?

Continue Reading:
Jaku botnet hides targeted attacks within generic botnet noise

Geopolitical events fuel uptick in region-specific DDoS attacks

An attack research group was the No.1 target of DDoS attacks, and the Middle East region also saw a sharp increase in attacks last quarter, according to Nexusguard. Researchers found the attack type of choice against researchers was NTP, with some victims receiving attacks almost daily. The increase in attacks against researchers contributed to the spike in popularity of NTP-style attacks, taking back the No.1 spot from DNS vulnerabilities. “Low-level attacks are usually not intended … More ?

Read the original:
Geopolitical events fuel uptick in region-specific DDoS attacks

New Jaku Botnet Already Has 19,000 Zombies, Ideal for Spam and DDoS Attacks

Group has ties to the Darkhotel APT attacks Security researchers from Forcepoint say that a new botnet has slowly risen and grown to contain over 19,000 zombies all over the world, but predominantly in Asian countries. Named Jaku ( Star Wars reference alert — Jakku ), the botnet has made most of its victims in countries such as Japan and South Korea, which count 73 percent of all infections. Nevertheless, security experts claim they detected infections with Jaku’s malware in 134 different countries, even if sometimes they comprised one or two users. Jaku is one of the most sophisticated and resilient botnets around Researchers say that first signs of the botnet appeared last September, and in a six-month timeframe, Jaku grew tremendously compared to other similar threats. The group behind Jaku controls the botnet through multiple C&C (command-and-control) servers, most of which are located in countries in the APAC region, such as Singapore, Malaysia, and Thailand. In ordered to stay hidden from sight, the Jaku group deployed three different C&C mechanisms but also used obfuscated SQLite databases on the client-side to store configuration files. The Jaku botnet can be used to deliver spam, to launch DDoS attacks, but also to implement other types of malware. This second-stage delivery process occurs with the help of steganography, which crooks use to bundle their malicious code inside image files. Jaku infects users via poisoned torrent files Forcepoint says that infections usually takes place via malware-laced files shared via BitTorrent. The group usually goes after high-value targets but doesn’t mind if other users are infected as well. Security researchers say the group has shown interest in international Non-Governmental Organizations (NGOs), engineering companies, academic institutions, scientists and government employees. “The Jaku campaign has clear connections with the TTPs used by the threat actors discussed by Kaspersky in the Darkhotel investigations from November 2014,” Forcepoint researchers point out. The Darkhotel group was later known as Dark Seoul , and has recently been connected to hackers in North Korea, part of the Lazarus Group . Source: http://news.softpedia.com/news/new-jaku-botnet-already-has-19-000-zombies-ideal-for-spam-and-ddos-attacks-503689.shtml

Read the original post:
New Jaku Botnet Already Has 19,000 Zombies, Ideal for Spam and DDoS Attacks

Anonymous Target Bank of Greece Website with Massive DDoS Attack

Anonymous shut down the bank of Greece website in a powerful DDoS attack — Vows to target more banks against financial corruption. The online hacktivist Anonymous recently relaunched operation OpIcarus directed towards banking sector in Europe and the United States — The first bank coming under the fire is the Bank of Greece who had their website under a series of distributed denial-of-service attacks ( DDoS ) forcing the servers to remain offline for more than 6 hours. OpIcarus is all about targeting banking and financial giants Anonymous’ Operation OpIcarus was launched in January 2016 and restarted in March 2016. The hacktivists behind the operation believe banks and financial giants are involved in corruption and to register their protest they had to take the war to a next level. In an exclusive conversation with one of the hacktivists behind the Greek bank DDoS attack, HackRead was told that: “The greek central bank has been offline all day. we would like all banks out there to know that unless they hold themselves accountable for their crimes against humanity that we will strike a new bank every single day and punish them #OpIcarus.” Source: https://www.hackread.com/anonymous-ddos-attack-bank-greece-website-down/ The hacktivists also released a YouTbe video revealing the reason and a list of banking websites that will be targeted. The list includes banking and financial institutions in Brazil, Bangladesh, China, USA, UK, Pakistan, Iran and several other countries.

Link:
Anonymous Target Bank of Greece Website with Massive DDoS Attack

Armada Collective Copycats Now Posing as Lizard Squad in DDoS Extortion Scheme

After terrorizing companies under the fake Armada Collective moniker, the same group appears to have switched to using the name of the infamous Lizard Squad hacking crew, CloudFlare reported today. Early this week on Monday, CloudFlare let everyone know there was a criminal goup sending out extortion emails to companies around the globe. The criminals were posing as Armada Collective , an infamous group known for carrying out DDoS attacks if victims didn’t pay a so-called “protection tax.” The crooks were basing their attacks on the victims googling their name and finding out about the tactics of the real Armada Collective. In fact, CloudFlare says it never saw a single DDoS attack carried out by this group against its targets. In another blog post today, CloudFlare says that three days after they exposed the group, the criminals dropped the Armada Collective name and started using Lizard Squad instead, another hacking crew, famous for downing the Xbox and PlayStation networks on Christmas 2014. The change was to be expected since extorted organizations that would google the Armada Collective name would see all the stories about the copycats instead. CloudFlare says that over 500 companies received extortion emails from this group claiming to be Lizard Squad and that all these emails were identical. As before, the group used one single Bitcoin address to receive payments. By using one Bitcoin address, the group would not be able to tell which companies paid the ransom and which didn’t, meaning this was almost sure the same group as before, launching empty threats once again. CloudFlare says that just like when claiming to be Armada Collective, the group never launched any DDoS attacks when posing as Lizard Squad. Below is a comparison of the two ransom notes received by companies, from the fake Lizard Squad group on the left, and from the fake Armada Collective group on the right. Source: http://justfreedownload.net/news/98693/armada-collective-copycats-now-posing-as-lizard-squad-in-ddos-extortion-scheme.html

See more here:
Armada Collective Copycats Now Posing as Lizard Squad in DDoS Extortion Scheme