Category Archives: DDoS Vendors

DOSarrest Expands Into Second City in Asia

DOSarrest Expands Into Second City in Asia VANCOUVER, BRITISH COLUMBIA–(Marketwired – Aug. 30, 2016) –  DOSarrest Internet Security announced today that they have expanded their DDoS protection cloud in Asia, with a new DDoS mitigation node in Hong Kong. The new node will work in conjunction with their existing nodes in New York, Los Angeles, London, Singapore and Vancouver and will have the same connectivity as the others, including multiple 10 Gb/Sec uplinks to multiple carriers. Mark Teolis, CEO at DOSarrest says, “This new Hong Kong scrubbing center will have excellent connectivity in the region including multiple Chinese upstream providers. To compliment the 6 upstream providers there will be an additional 10Gb/Sec link into the Hong Kong Internet Exchange (HKiX) for even better route diversity. Our customers have asked for it and we are delivering” Teolis adds, “Having great connectivity into China allows us to offer our customers great performance using our caching engine and also more importantly it allows us to stop attacks closer to the source if need be.” Jag Bains, CTO at DOSarrest states, “This new Hong Kong node is part of our global capacity expansion that includes, new hardware in all existing locations, plus the addition of 100+ Gb/Sec of Internet capacity. We need this in order to offer some new services that we will be rolling out in 2017.” About DOSarrest Internet Security: DOSarrest founded in 2007 in Vancouver, B.C., Canada is one of only a couple of companies worldwide to specialize in only cloud based DDoS protection services. Additional Web security services offered are Cloud based  W eb  A pplication  F irewall (WAF) ,  V ulnerability  T esting and  O ptimization  (VTO) as well as  cloud based global load balancing . More information at  www.DOSarrest.com CONTACT INFORMATION Media Contact: Jenny Wong Toll free CAD/US 1-888-818-1344 ext. 205 UK Freephone 0800-016-3099 ext. 205 CR@DOSarrest.com Source: http://www.marketwired.com/press-release/-2154179.htm

Read More:
DOSarrest Expands Into Second City in Asia

?The top 5 least-wanted malware in any corporate IT infrastructure

Ask a group of people to define malware, and you’re likely to get a range of different answers. The term has become a catch-all description for a broad collection of different cyber threats that keep IT managers awake at night. Categories falling under the malware banner include viruses and worms, adware, bots, Trojans and root kits. Each category is different but all can cause disruption and loss if not detected and quickly removed. Of the malware types in the wild, the top five are: 1. Remote Access Trojans (RATs) RATS comprise malicious code that usually arrives hidden in an email attachment or as part of a downloaded file such as a game. Once the file is open, the RAT installs itself on the victim’s computer where it can sit unnoticed until being remotely trigged. RATs provide attackers with a back door that gives them administrative control over the target computer. This can then be used to steal data files, access other computers on the network or cause disruption to business processes. One of the first examples, dubbed Beast, first appeared in the early 2000s. It was able to kill running anti-virus software and install a key logger that could monitor for password and credit card details. Sometimes it would even take a photo using the target computer’s web cam and send it back to the attacker. 2. Botnets Some liken botnets to a computerised ‘zombie army’ as they comprise a group of computers that have been infected by a backdoor Trojan. Botnets have similar features to a RAT, however their key difference is that they are a group of computers being controlled at the same time. Botnets have been described as a Swiss Army knife for attackers. Linked to a command-and-control channel, they can be instructed to forward transmissions including spam or viruses to other computers in the internet. They can also be used to initiate distributed denial of service (DDoS) attacks similar to the one suspected to have disrupted the Australian census. Some attackers even rent their botnets out to other criminals who want to distribute their own malware or cause problems for legitimate websites or services. 3. Browser-based malware This type of malware targets a user’s web browser and involves the installation of a Trojan capable of modifying web transactions as they occur in real time. The benefit for malware of being in a browser is that it enables it to avoid certain types of security protection such as packet sniffing. Some examples of the malware generate fake pop-up windows when they know a user is visiting a banking web site. The windows request credit card details and passwords which are then sent back to the attacker. Security experts estimate that there have been around 50 million hosts infected by browser-based malware and estimated financial losses have topped $1 billion. 4. Point-of-sale (POS) Malware This is a specialised type of malware that seeks out computers specifically used for taking payments in retail outlets. The malware is designed to infect the computer to which POS terminals are attached and monitor it for credit card details. One example, called Backoff, appeared in late 2013 and managed to infect more than 1000 businesses including the large US-based retailer Dairy Queen. 5. Ransomware This category of malware is designed to take over a computer and make it or the data stored on it unusable. The code usually encrypts data and then the attacker demands payment from the user before providing the encryption key. One of the more prevalent ransomware versions is called Locky and appeared in early 2016. It has already infected a large number of individuals, companies and public facilities such as hospitals. While early examples used poor encryption techniques, ransomware has quickly evolved to the point where many varieties now use industry-standard 256-bit encryption which is effectively impossible to crack without the private key. The best anti-malware steps to take While the impact of a malware infection can be significant for individuals or an organisations, there are steps that can be taken to reduce the likelihood of infection. They include: General awareness It’s important for users to be aware of the threats that malware brings. Staff should be educated about phishing attacks and to be cautious when downloading files or opening attachments from unfamiliar parties. Regular backups Regular back-ups of critical data are a vital part of any security strategy. In larger organisations, a global share drive can be created in which all important files should be stored. This drive can then be backed up as often as is needed. Copies of backups should also be kept offline as an additional layer of protection.   Defence in depth In a complex IT infrastructure, there should be multiple layers of security designed to stop attacks. While no single defence can protect completely, creating a defence in depth strategy will ensure systems and data are as secure as they can be. Layered protection should range from firewalls and anti-virus software through to network intrusion and advanced persistent threat tools. By taking a comprehensive and multi-layered approach to security, organisations can reduce the likelihood they will fall victim to malware attacks and avoid the disruptive and potentially costly problems they can cause. Source: http://www.cso.com.au/article/605901/top-5-least-wanted-malware-any-corporate-it-infrastructure/

View original post here:
?The top 5 least-wanted malware in any corporate IT infrastructure

DNSSEC: Don’t throw the baby out with the bath water

A recent report raiseed concerns about the abuse of DNSSEC to conduct DDoS attacks. The article reported that DNSSEC-signed domains can be used to conduct reflected DDoS attacks with large amplification factors (averaging 28.9x in their study) that could potentially cripple victim servers. The report went on to recommend that organizations deploying DNSSEC should configure their DNS servers to prevent this and other types of abuse. While this report presents some useful information about the … More ?

See more here:
DNSSEC: Don’t throw the baby out with the bath water

Attacks increase as a result of DDoS-for-hire services

DDoS attacks have increased in frequency, scale and complexity over the past year, driven by DDoS-for-hire services, according to a new report. DDoS-for-hire services have caused attacks to become more affordable by enabling unsophisticated threat actors to launch attacks, stated Imperva’s DDoS Threat Landscape Report 2015-2016. The proliferation of these services, also known as “stressers” and “booters,” accounted for an increase in the number of DDoS attacks from 63.8 percent in Q2 2015 to 93 percent in Q1 2016. The U.S. and U.K. are the most frequently targeted countries in DDoS attacks, the report said. In speaking to SCMagazine.com on Thursday, Tim Matthews, vice president of marketing at Imperva Incapsula, said it has become inexpensive to mount DDoS attacks as these kits become “readily available,” creating a “perverse economic ecosystem.” Other security pros have noticed a similar trend. Maxim Goncharov, security researcher at Shape, wrote in an email to SCMagazine.com on Thursday that in the underground community, there are “literally thousands of offers from DDoS professionals.” While a 100-plus GB DDoS attack was virtually unheard of just 18 months ago, attacks of that magnitude are no launched by large scale botnets, according to Tom Kellermann, CEO at Strategic Cyber Ventures. “Mitigation through content delivery and ISP is key here,” wrote Kellermann, formerly CISO of Trend Micro, in an email to SCMagazine.com. Allison Nixon, director of security research at Flashpoint, noted in an email to SCMagazine.com on Thursday that her firm has seen a rise in DDoS-as-a-service in recent years, both in number of services and the power of their attacks. “The problem is that these DDoS services are getting more powerful, and these attacks cause a lot of collateral damage,” she wrote. “Unfortunately, due to the widespread availability of DDoS power, many businesses are learning that purchasing DDoS protection is a requirement to engage in commerce.” Imperva’s Matthews said there has been an uptick in job postings that require technical skills and experience countering these attacks. The rise in DDoS-as-service attacks has become a significant concern for law enforcement, according to William MacArthur, threat intelligence analyst at RiskIQ. The adoption of IPv6 mixed with normal traffic protocol patterns is a method used by attackers that the “current hardware in use in most places of business is not ready to handle,” he wrote in an email to SCMagazine.com on Thursday. Michael Covington, VP product, Wandera, noted that the increase in sophisticated DDoS attacks causes secondary challenges for organizations. “In many situations, a DDoS attack is just a smokescreen for something else the malicious actor is trying to accomplish, whether it involves installing malware, exfiltrating sensitive data or attacking an associate of the target,” he wrote to this publication. Yogesh Amle, managing director and head of software at Union Square Advisors, agreed, noting that DDoS “is one of the most prevalent and common tactics used by cyberterrorists.” However, he also informed this publication that DDoS attacks are increasingly used to distract businesses. He called DDoS the “gateway” to a bigger prize. Amle noted that the rise of the DDoS-as-a-service model is an example of a “dark economy” emerging on the internet. “With money to be made, amateurs and sophisticated hackers are jumping into the fray,” he said. Source: http://www.scmagazine.com/attacks-increase-as-a-result-of-ddos-for-hire-services/article/518544/

Originally posted here:
Attacks increase as a result of DDoS-for-hire services

Why smart companies don’t sweat the SSL stuff in DDoS defense

The average company suffers 15 DDoS attacks per year, with average attacks causing 17 hours of effective downtime, including slowdowns, denied customer access or crashes, according to a recent IDG Connect report based on a survey commissioned by A10 Networks. DDoS attacks have rapidly proliferated in terms of bandwidth (Gbps) and packets per second (pps). In the survey, 59% of organizations polled have experienced an attack over 40 Gbps. Average attack bandwidth are peaking at a staggering 30 to 40 Gbps and 77% of organizations expect multi-vector attacks, which include volumetric and application-layer attacks, to pose the greatest danger in the future. In recent years, multi-vector DDoS attacks have tunneled over encrypted SSL connections to evade cyber defenses. Some attacks have exploited the SSL protocol to cause denial of service by repeating ‘renegotiation’ in the same connection but stop short of creating a secure channel. Others flood SSL traffic over the created secure channel without being distinguished as a malicious connection. The reason is that while most organizations protect their websites and online services with SSL, many existing enterprise security products are either woefully blind to encrypted SSL traffic or debilitated when trying to decrypt and analyze it. From urgent threat to FYI notification Amid growing virtualization, cloud networking and mobility, SSL encryption requirements to protect data and secure commnuications will surge. In other words, organizations must rethink their SSL offload and SSL inspection strategies, especially in defending against DDoS attacks. The IDG Connect report shows that more than half of the organizations surveyed plan to increase DDoS prevention budgets in the next six months. “DDoS attacks are called ‘sudden death’ for good reason,” says Raj Jalan, CTO of A10 Networks. “If left unaddressed, the costs will include lost business, time-to-service restoration and a decline in customer satisfaction. The good news is our findings show that security teams are making DDoS prevention a top priority. With a better threat prevention system, they can turn an urgent business threat into an FYI-level notification.” To stop SSL at the data center perimeter, some organizations have deployed application delivery controllers (ADCs) equipped with crypto engines to help off-load SSL from servers and security appliances. Some ADCs also offer web application firewalls (WAFs) to inspect the traffic and detect attacks. To eliminate SSL blind spots in corporate defenses and enable security devices to regain their effectiveness, application networking and security leader A10 Networks introduced the Thunder SSL Insight (SSLi) standalone security product built on its  SSL inspection technology and 64-bit ACOS Harmony platform. The Thunder SSLi appliances decrypt SSL traffic and offer comprehensive inspection of multiple ciphers that deliver up to 48 Gbps of SSL inspection throughput. Their high density 1 GbE, 10 GbE and 40 GbE port options fulfill the highest networking bandwidth demands. Clear and ever present security The appliances are also complemented by intelligence-driven protection policies.  The A10 URL Classification Service monitors, blocks, or selectively bypasses specific websites to provide privacy for healthcare and financial Internet activity while the A10 Threat Intelligence Service blocks users from accessing known bad IP addresses. Well-known global manufacturer of consumer gadgets, Casio Computer Company, has seized the opportunity to enhance security by analyzing encrypted communications using A10 Networks’ SSL Insight technology. Having deployed the A10 Thunder ADCs to provide its employees smooth cloud access, Casio seeks the ability to differentiate between personal use and work-related cloud-bound traffic, according to Koji Kawade of Casio Information Systems Co Ltd’s User Support Group. A10 Networks’ ADCs are equipped with SSL acceleration hardware that provides near-parity performance to handle 4096-bit keys at high-quality production levels, providing highly scalable flow distribution and DDoS protection capabilities.. The A10 Thunder TPS Series, for example, leverages SSL security processors to detect and mitigate SSL-based attacks, such as the POODLE vulnerability, and offers a mitigation throughput capacity ranging from 10 Gbps to 1.2 Tbps (in a list synchronization cluster) to deal with the largest multi-vector DDoS attacks effectively. Clearly, A10 ADCs will continue ramping up L4 and L7 connections per second and SSL performance benchmarks to meet increasing performance and security needs against greater multi-vector DDoS attacks. Source: http://www.networksasia.net/article/why-smart-companies-dont-sweat-ssl-stuff-ddos-defense.1471880795

Continued here:
Why smart companies don’t sweat the SSL stuff in DDoS defense

Attackers could abuse DNSSEC-secured domains for DDoS attacks: report

A majority or 80% of DNSSEC-secured domains could be used to amplify distributed denial of service (DDoS) attacks, at an average factor of 28.9 times, according to a recent report by Neustar which studied nearly 1,350 domains with DNSSEC deployed. The report points out that the domains had not properly deployed DNSSEC-signing of their domains, leaving them vulnerable to DDoS attacks. “Neustar has correctly pointed out the additional amplification factor related to misconfigured DNSSEC vs. legacy DNS, where the inclusion of the digital signature allows for a somewhat higher than a normal DNS amplification attack,” says Corero Network Security COO Dave Larson, in a statement. “However, the point that must be stressed related to this or any other DDoS amplification vectors is that operators of any network – whether they include DNS service or not – should have their networks configured not to respond to spoofed IP requests.  In addition, DNS operators should configure their DNS servers not to respond to ‘ANY’ requests in order to squelch the opportunity for the server to be leveraged for malicious use.” Larson adds that on the flip side, the impact to the receiving end of the attack can be especially problematic. The fragmented and amplified attack technique, utilizing DNS or DNSSEC can cause outages, downtime and potential security implications for Internet Service Providers if they are relying on out-of-band DDoS protection mechanisms. Furthermore, organizations relying on traditional IT and security infrastructure such as firewalls and load balancing equipment are no match for these attacks. “A comprehensive in-line and automatic mitigation method for removing DDoS attacks is the recommended approach for dealing with all types of DDoS attacks – DNS and beyond,” noted Larson. Source: http://www.networksasia.net/article/attackers-could-abuse-dnssec-secured-domains-ddos-attacks-report.1471485281

Visit link:
Attackers could abuse DNSSEC-secured domains for DDoS attacks: report

DDoS attacks on the rise in Asia Pacific

The Asia Pacific region experienced 34,000 distributed denial of service (DDoS) attacks in the second quarter of 2016, according to Nexusguard’s Q2 2016 Threat Report – Asia-Pacific. The figure represents a 43 percent increase from the previous quarter. Even though Network Time Protocol (NTP) attacks dominated the type of attacks in the region (90 percent), such attacks were less common in other parts of the world (46 percent). The report also found that attack durations were longer in the Asia Pacific region as compared to global incidents, which is likely due to many scripted attack tools with set duration values. China remains as one of the top three target countries in the region. According to Nexusguard, a Chinese target was hit 41 times over the course of about a month of constant attacks. Nexusguard researchers attributed these attacks to the malware the victim had hosted over the last two years. The largest increase was observed in Hong Kong, accounting for a 57 percent rise in attacks. With hackers are experimenting with new attack methodologies, and events happening in the Asia Pacific region, Nexusguard researchers expect to see a spike in DDoS attacks in the third quarter of this year. “We expect the upward trend in the frequency of attacks to continue this year, especially with more attention on the Summer Olympics [in Brazil] and political dispute in the APAC region,” said Terrence Gareau, Chief Scientist at Nexusguard. “And as Pokémon Go gradually launches across the Asian market, Nexusguard analysts expect attack groups will launch more public attacks. This activity increases visibility and positioning as DDoS-for-hire services, the popularity of which we noted from the consistent time durations this quarter,” he added. Source: http://www.mis-asia.com/resource/security/ddos-attacks-on-the-rise-in-asia-pacific/

More:
DDoS attacks on the rise in Asia Pacific

What You Need to Know about the Evolution of DDoS

In an attempt to define the modern-day DDoS attack, one must understand – there is more than one type of attack. Starting with the simplest first,  network level  DDoS attacks are the easiest to launch. They are fundamentally designed to crush networks and melt down firewalls. Aimed at filling state tables and consuming the available resources of network gear, today hackers require larger and larger botnets to be successful. As organizations install bigger pipes and improve their router, firewall, and switch capacity, this type of attack is becoming less effective.  Also, due to law enforcement taking notice of the larger botnets required to be successful, attackers had to devise a better tactic. Hence, the birth of the  reflective/amplified  attack. Using open DNS, NTP, and now UPnP devices located all over the Internet, attackers have learned how to amplify their attacks, and today they’re capable of filling large numbers of 10 Gbps pipes; using botnets of only a few-thousand machines. Firewall state tables and network resources are often not consumed in this case. Instead, pipes are filled with more traffic than they can forward. Packets can only travel so fast down a wire and when they backup, outages and latency ensue. It’s not the case of more packets; it’s the case of bigger packets. As a result of the amplification factor achieved, these attacks are now being  fragmented  as well. Too many fragmented packets are often a death sentence for devices performing deep packet inspection, like next-generation firewalls and IPS. Attackers can flood them with an excessive amount of fragments, consuming vast amounts of CPU, and these devices often melt down in no time at all. Even the highest performing next-generation firewalls and IPS will feel the effects of this type of attack. From an attacker perspective, interweave repetitive  application-layer  attacks designed to consume resources on servers, and you’ve got a recipe for success. Pound the final nail in the coffin by adding  specially crafted packet  attacks designed to take advantage of weak coding, and simply put – anyone will go offline without the right defenses. Attackers today use all five categories simultaneously, making it even harder to defeat without blocking vast amounts of good traffic. However, DDoS attacks are not always about bringing organizations offline. Today’s attackers are launching short-duration, partially saturating attacks that are intended to NOT take the victim offline. Instead, they’re designed to consume time, attention, “people” resources, and log storage. If the average enterprise had to choose between suffering from a DDoS attack or a data breach – they’d likely choose a DDoS attack – taking comfort in the fact that their most valuable information would remain intact, and out of the hands of a hacker. However, DDoS is all about hiding other attacks, and your data is the true target. DDoS is a serious threat – one that has vastly evolved from the simple, easily resolved attacks of the past. Often overlooked as a nuisance, any DDoS activity should raise a red flag for IT departments. When an attack lasts for a few hours (or even a few minutes), most organizations believe the attacker got tired, gave up, or the victim’s defenses withstood the onslaught. The misconception here is a sense of invincibility. However, the real reason the DDoS attack may have subsided is because the attacker achieved their objective – access to your data. Often attackers are targeting your data the whole time, while leading many to believe they’re trying to take organizations offline. Frequently, this is not their intention at all. This is emphasized by the recent rise in Dark DDoS attacks that act as a distraction to the IT department – while a damaging hack is enacted and data is stolen. If businesses are too complacent about DDoS protection, they can be financially ruined due to brand damage and the immediate decrease in customer confidence they often experience – as a result of an attack. This leads some to the point of no return. Often hidden by the Dark DDoS attack, the losses associated with the compromise of proprietary data ends up costing more to mitigate, than the attack itself. It is quite the vicious cycle. The most targeted organizations are obviously those who thrive on Internet availability, or gain the attention of hacking groups like Anonymous. Finance, news, social networks, e-retail, hospitality, education, gaming, insurance, government services, etc. are all seriously impacted by an outage. These organizations almost always make the news when downtime occurs, which in turn leads to a loss of customer confidence. In addition, any organization that has sellable data often finds themselves in the cross hairs of a Dark DDoS attack. Remember, attackers in this case want access to your data, and will do just about anything to get it. Attackers also love notoriety. News-making attacks are often like winning a professional game of chess. Their strategies, skills, and perseverance are all tested and honed. Hacker undergrounds take notice of highly skilled attackers. Often job agreements or an offer for “a piece of the action” is the reward for those with notable skills. While all of this activity may be considered illegal in just about every country, the reward seems to outweigh the punishment. As long as that is the case, attackers will continue their activities for the foreseeable future. So, what’s the solution? Put the right defenses in place and eliminate this problem – once and for all. It begins with understanding the importance of cloud-based DDoS defenses. These defenses are designed to defeat pipe-saturating attacks closest to their source. They also reduce latency involved with DDoS mitigation, and help eliminate the needs to backhaul traffic around the globe to be cleansed or null routed. Selecting a cloud provider with the highest number of strategically located DDoS defense centers that they operate themselves, makes the absolute best sense. In addition, selecting a cloud provider who can offer  direct connectivity  to your organization where applicable is also the recommendation. Diverting incoming traffic to the cloud to be cleansed is normally done via BGP. It’s simple, fast, and effective. However, returning the “clean” traffic back to the customer represents a new set of challenges. Most cloud providers recommend GRE tunnels, but that approach is not always the best. If you can connect “directly” to your cloud provider, it will eliminate the need for GRE and the problems that accompany that approach. The result of a direct connection is quicker mitigation and more efficient traffic reinjection. Are cloud-based DDoS defenses the end-all? Not really. The industry recognizes a better method called the hybrid-approach. The thought process here is that smaller, shorter DDoS attacks are more effectively defeated by on-premises technology, while larger and longer attacks are more efficiently defeated in the cloud. The combination of the two approaches will stop all DDoS attacks in their tracks. In addition, volumetric attacks are easily defeated in the cloud, closest to the source of attack. Low-and-slow attacks are more effectively defeated closer to the devices under attack. This combined approach provides the best of both worlds. Complete visibility is another benefit of the hybrid approach. Cloud-based DDoS defense providers who have no on-premises defense technology are blind to the  attacks against their own customers . Many cloud providers attempt to monitor firewall logs and SNMP traps at the customer’s premises to help detect an attack. However, that’s comparable to using a magnifying glass to study the surface of the moon – from earth. The magnifying glass is not powerful enough, nor does it offer enough granularity to detect the subtleties of the moon’s surface. Purpose-built, on-premises DDoS defense technologies are the eyes and ears for the cloud provider. The goal here is to detect the attack  before  a customer actually knows they’re under attack. This equates to immediate DDoS detection and defense. Detection is actually the hardest part of the DDoS equation. Once an attack is detected, mitigation approaches for the most part are similar from one vendor to another. Using a set of well-defined mechanisms can eliminate nearly every attack. Most defenses are based upon a thorough understanding of the way protocols work and the behaviors of abnormal visitors. Finding a vendor who has the most tools and features in their defensive arsenal is the best practice. The final recommendation is to select a vendor who has both cloud-based and on-premises defenses, especially if those defenses use the same underlying technologies. On-premises hardware manufacturers who also offer cloud-based services are the way to go. The reasoning is simple. If the cloud defenses are quite effective, adding on-premises defenses of the same pedigree will become even more effective. In addition, the integration of the two approaches becomes streamlined when working with a single vendor. Incompatibilities will never be an issue. If the recommendations in this article are followed, DDoS will never be an issue for you again. The vulnerability is addressed, the risk is mitigated, and the network is protected. That’s what IT professionals are looking for – a complete solution. Source: http://virtual-strategy.com/2016/08/15/need-know-evolution-ddos/

Read this article:
What You Need to Know about the Evolution of DDoS

New cryptocurrency ‘DDoSCoin’ incentivizes users for participating in DDoS attacks

The number of Distributed Denial of Service (DDoS) attacks, which tries to make an online service unavailable by flooding it with traffic from multiple sources, has been rising at an alarming rate. In a new research paper, Eric Wustrow, University of Colorado Boulder, and Benjamin VanderSloot, University of Michigan, have put forward the concept of DDoSCoin – a cryptocurrency with a ‘malicious’ proof-of-work (“Proof-of-DDoS”). “DDoSCoin allows miners to prove that they have contributed to a distributed denial of service attack against specific target servers”, the paper says. Presented at the Usenix 2016 security conference, the researchers explain the DDoSCoin system which enables miners to select the victim servers by consensus using a proof-of-stake protocol. The authors note that although the malicious proof-of-DDoS only works against websites that support TLS 1.2 (Transport Layer Security), as of April 2016, over 56% of the Alexa top million websites support this version of TLS. By design, miners are incentivized to send and receive large amounts of network traffic to and from the target in order to produce a valid proof-of-work. These proofs can be inexpensively verified by others, and the original miner can collect a reward. This reward can be sold for other currencies, including Bitcoin or even traditional currencies, allowing botnet owners and other attacks to directly collect revenue for their assistance in a decentralized DDoS attack. Wustrow told Motherboard that something like DDoSCoin could encourage hacktivists to use the system to incentivize others to perform attacks on their behalf. “However, it’s probably still easier and more effective to just pay a ‘reputable’ botnet to do this for you,” he said. “On the other hand, something similar to DDoSCoin might lower the barrier to collecting rewards for DoS attacks, ultimately driving down the cost for hacktivist consumers.” The researchers admit that the paper introduces an idea that could be used to incentivize malicious behavior. To that end, they say that in demonstrating the proof-of-concept and evaluating proof-of-DDoS code, they have only “attacked” websites they have ownership and authority over. They emphasize that they are not publishing a working altcoin that uses this proof-of-DDoS, but rather a conceptual description of one. Source: http://www.econotimes.com/New-cryptocurrency-DDoSCoin-incentivizes-users-for-participating-in-DDoS-attacks-262858

Read this article:
New cryptocurrency ‘DDoSCoin’ incentivizes users for participating in DDoS attacks