Accused will tap the boards before the beak today An unnamed London teenager has been charged with a series of criminal offences following a series of denial-of-service attacks against internet exchanges and the Spamhaus anti-spam service last year.…
See the original article here:
London teen charged over Spamhaus mega-DDoS attacks
DOSarrest Internet Security had a run in with the notorious Brobot Botnet, if the name sounds familiar it’s because this bot was responsible for sporadic outages on a number of large US based financial institutions in 2013. Said to be operated by al-Qassam Cyber Fighters (AKA QCF). Botnets are born, die, grow, shrink, and morph on a daily basis, if not hourly. It’s hard to keep track of them all. Then there are particularly nasty ones that are large, powerful and sophisticated. These particular botnets have some of their zombies or bots corralled off for research purposes by a number of organizations including private Botnet hunters, government cyber surveillance departments and other large law enforcement agencies. On to the attack Why ? One of our customers is a large media outlet specializing in Middle Eastern news. With all the conflict over there these days, they must have written a few stories that the attackers were not in agreement with. How ? Using Brobot, the attackers threw millions of TCP port 80 requests at the website. Unlike a SYN attack that tries to exhaust your TCP open sessions table buffers, this attack would open and close each session/request: 1) Request a TCP connection 2) Once established they would send one character 3) Then request the TCP session to close. The problem arises when you are receiving approximately 50 million of these per second. Where ? This botnet is comprised of infected webservers using PHP, hosted on various webhosting companies around the globe. Some hosting companies seem to be represented a little more than others. One notable observation of the Brobot is that it’s very US centric, not all of the bots are based in the US but approximately 40% are, which makes filtering based on countries very difficult. When under a large TCP port 80 attack, usually it is not evenly divided across our scrubbing nodes in the US and Europe. This was different, virtually all of our upstream links in every city had pretty much the same amount of Packets Per Second and Bandwidth. I can’t ever remember seeing that in the last 7 years All links had a graph like the one above Who cares ? Within a couple of hours of the attack starting we were contacted by a private Botnet hunter that knew we were dealing with Brobot. Soon followed by visits to our website from two US federal Law enforcement agencies. Hence the title, not all botnets are equal.
Visit link:
Brobot botnet used to launch DDoS attack
Hackers and cyber attacks are getting evil and worst nightmare for companies day-by-day. Just last week a group of hackers ruined the code-hosting and software collaboration platform, ‘Code Spaces’ by destroying their Amazon cloud server, complete data and its backup files too. Recently, the largest ever and most severe Distributed Denial of Service (DDoS) attacks in the history of the Internet has been recorded that hit the online democracy poll promoting opinion on the upcoming Hong Kong elections. PopVote, an online mock election operated by The University of Hong Kong’s Public Opinion Program, by Saturday recorded more than half a million votes in less than 30 hours in the unofficial referendum that provided permanent residents of Hong Kong to choose their preferred political representatives, that is suppose to be continued until June 29. However, the Chief Executive is officially chosen by a 1,200-member Election Committee under the current political system and drawn largely from pro-Beijing and business camps. On the first day of voting, China’s State Council denounced the voting as “ illegal and invalid .” Hong Kong’s chief executive, Leung Chun-ying, said all the proposals on the ballot are not complied with Hong Kong’s Basic Law, the territory’s de facto constitution. On Friday, Matthew Prince , the CEO and co-founder of San Francisco based CloudFlare, the web performance company maintaining the voting website, said that the DDoS attack on the Occupy Central’s voting platform was “ one of the largest and most persistent ” ever. According to Prince, the cybercriminals appeared to be using a network of compromised computers around the world to effectively disable the service of the voting website with an overwhelming amount of traffic. In such cases of attacks, the computer users who are exploited are usually unaware that their systems have been compromised. Prince also wrote on Twitter: “ Battling 300Gbps+ attack right now ,” on the first day that the vote began. Three hundred gigabits per second is an enormous amount of data to take down any huge servers. Also a DDoS attack last year on Spamhaus, a non-profit organisation that aims to help email providers filter out spams and other unwanted contents, is largely considered to be the biggest DDoS attack in the history, which the Cloudflare said the attack “almost broke the Internet.” Source: http://thehackernews.com/2014/06/largest-ddos-attack-hit-hong-kong.html
See the original article here:
DDoS Attack Hit Hong Kong Democracy Voting Website
Days after Feedly and Evernote were briefly forced offline by hackers demanding a ransom payment, a code-hosting service was run out of business by a similar scheme. CodeSpaces.com closed its doors this week, following a security breach that began with a distributed denial-of-service (DDoS) attack, and ended 12 hours later after an attempt to extort money from the company. No stranger to DDoS attacks, Code Spaces thought it could handle the situation, but the situation quickly spiraled out of control. On Tuesday, an unauthorized person—not believed to be employed by the site—gained access to Code Spaces’s Amazon EC2 control panel. When the team fought back, the hacker deleted “most of our data, backups, machine configurations and offsite backups,” the company said. “Code Spaces will not be able to operate beyond this point,” an online notice said, citing the price of resolving the issue, as well as the expected cost of refunding paying customers. This week’s attack “will put Code Spaces in [an] irreversible position both financially and in terms of ongoing credibility.” “All that we have to say at this point is how sorry we are to both customers and to the people who make a living at Code Spaces for the chain of events that lead us here,” the company said. Users can expect more details once Code Spaces sorts out its customers’ needs. Those who have stored data on the site can email support@codespaces.com with an account URL, and if you’re lucky, some remaining crumbs will be returned. For more, watch PCMag Live in the video below, which the Code Spaces dilemma. It’s been a banner month for DDoS attacks: Evernote suffered a blow last week, but was back on its feet within a few hours. Feedly wasn’t so lucky, however. The RSS service was hit twice in two days, though the company promised user data remained safe. Similarly, Ancestry.com just recovered today from a three-day bout of DDoS, in which the site was overloaded with traffic and crashed. No user information was compromised. Source: http://www.pcmag.com/article2/0,2817,2459765,00.asp
Read More:
DDoS Attack Puts Code Spaces Out of Business
The genealogy website Ancestry.com is working to fully restore its service after it was hit by a Distributed Denial of Service attack. Company spokeswoman Heather Erickson says it means ancestry.com was overwhelmed with bogus traffic Monday. “The attack was overloading our systems with massive amounts of traffic, but it did not access any data in servers,” Erickson said. The site, which has more than 2 million subscribers, was down for much of Tuesday and wasn’t fully operational Wednesday afternoon. Its Web team neutralized the DDoS attack and was working to fully restore services. “This has been a very frustrating and overwhelming experience, and our teams have been fantastic, working around the clock to make it neutralized,” Erickson said. Company officials are hoping to fully recover from the attack soon. Ancestry.com is posting updates on its Facebook and Twitter pages. Erickson said she doesn’t know where the attack came from. “These types of attacks aren’t unique to Ancestry. We know of many other companies that have been victim to these types of attacks. It’s unfortunate that any company has to go through something like this,” she said. The attack also impacted Ancestry.com’s sister site Find a Grave, though as of Wednesday afternoon it was back up, according to its Facebook page. Company officials said the sync and search feature in Family Tree Maker were still disabled until the site stability had been fully restored. They recommended people use the feature offline. Source: http://www.deseretnews.com/article/865605393/Ancestrycom-working-to-fully-restore-services-following-DDoS-attack.html
More:
Ancestry.com working to fully restore services following DDoS attack
Pandemiya is 25,000 lines of original password-pinching botnet badassery An RSA researcher claims to have found an entirely new trojan during his trawls of the criminal underground.…
Follow this link:
Entirely new trojan quietly wheeled into black hat forums
Various websites associated to the World Cup have been struck by a distributed denial of service (DDoS) attack ahead of the tournament’s opening match on Thursday. The official government World Cup website has been down for more than a day, as well as the websites of some host states. Hacking collective Anonymous has claimed responsibility for the attacks. The hacker group has published a list of over 60 websites that have successfully taken down and are still offline at the time of writing, including as the Brazil website of recording giant Universal Music. Public figures that are perceived by the hackers as supportive of the government and the World Cup are also being targeted. Various performers such as Caetano Veloso, Mariana Aydar, and Filipe Catto have had the content of their websites replaced by anti-FIFA messages or taken down. Last month, the internal communications system of the Brazilian Ministry of External Relations was also hacked, with a possible leak of confidential information. Even though Anonymous has not claimed direct responsibility for the attack, it has released a YouTube video justifying it and citing general dissatisfaction with the World Cup. Back in February, the hackers said they were preparing for a string of cyberattacks to FIFA and sponsor websites during the World Cup, including DDoS attacks, as well as website defacement and data theft. The Anonymous group has vowed to continue the attacks and is posting regular updates on Twitter under the hashtags #OpHackingCup and #OpWorldCup. Source: http://www.zdnet.com/world-cup-websites-struck-down-by-ddos-attacks-7000030479/#ftag=RSSbaffb68
See the article here:
World Cup websites struck down by DDoS attacks
Feedly, one of the most popular post-Google Reader RSS readers, has been unavailable for hours due to a denial of service attack against the site. According to a post on Feedly’s blog, whoever is perpetrating the attack is trying to extort money from the company, but it “refused to give in.” Feedly is currently working on infrastructure changes that will prevent this kind of thing from happening in the future. I have long been of the opinion that denial of service attacks – the process of flooding a website with so many requests for web pages that it essentially becomes overwhelmed and stops working – doesn’t really qualify as hacking. It doesn’t grant the person doing it with access to anyone’s data. In fact, it doesn’t really have any effect on the data at all. It’s more like a sit-in, effectively shutting down a business by blocking access. Don’t get me wrong, it’s a nuisance. If I were the owners of Feedly, I’d be apoplectic. But I think if no data is stolen or damaged, the punishments for these types of behaviors generally exceeds the seriousness of the crime. Extortion, on the other hand, is a different thing entirely. Here’s hoping Feedly is back on its feet soon. Source: http://www.onthemedia.org/story/rss-reader-feedly-being-held-hostage-ddos-attack/
Continue Reading:
RSS Reader Feedly is Being Held Hostage By a DDOS Attack
RSS bods stand up to cyber creeps News aggregator Feedly has been knocked offline by a distributed denial of service (DDoS) attack after refusing to pay criminals to stop the attack.…
More here:
Feedly DDoSed by ransom-threat crims: ‘We refused to give in’
The popular online notes and web clippings saving service Evernote has suffered disruption after coming under cyberattack. The firm said it was hit by a distributed denial of service attack that began on Tuesday. Some members were temporarily unable to synchronise their filings from one device to another while it continued. The California-based company announced last month that it had more than 100 million users. Distributed denial of service (DDoS) attacks are caused by what can be thousands of computers sending huge amounts of data to a target’s servers in an effort to overwhelm them. This sometimes involves hijacked PCs – whose owners may be unaware of their involvement – in what is known as a botnet. This is not the first time the storage service has been compromised. In 2013 it said hackers had managed to access user names, email addresses and encrypted passwords. However, it appears that the latest cyber-assault is more limited. Spokeswoman Ronda Scott told the BBC that the cyber-assault, caused by an unknown perpetrator, began at 14:25 local time [22:25 BST] on Tuesday and had not yet ended. “We continue to mitigate the effects of the attack, but have successfully returned Evernote to service,” she added. “As is the nature of DDoS attacks, there was no data loss, and no accounts were compromised.” Source: http://www.bbc.com/news/technology-27790068