Tag Archives: cyberattacks

Teen who shook the Internet in 2016 pleads guilty to DDoS attacks

One of the operators behind a Mirai botnet pleaded guilty to their involvement in a huge DDoS attack that caused a massive Internet disruption during October 2016. Multiple high-profile websites and online services including Amazon, PayPal, Visa, Netflix, the PlayStation Network, and Airbnb were taken down as a direct result of this DDoS attack. The botnet, a variant of the Mirai botnet, was developed by the defendant with the help of others between roughly 2015 until November 2016, specifically for being used to target gaming platforms in DDoS attacks. The conspirators used it to infect and convert Internet-connected video cameras, recorders, and other Internet-of-Things (IoT) devices into bots that were used as the “army” that powered the group’s DDoS attacks. Over 100,000 infected devices used in the attack The defendant, a minor when the attacks took place, and his conspirators targeted their massive DDoS (Distributed Denial of Service) attack at the Sony PlayStation Network’s gaming platform but it also affected the systems of Domain Name System (DNS) provider Dyn. After the attack, many of the sites and services using Dyn’s DNS servers were also affected by this attack and remained down throughout the next day while the DNS provider was working to bring back up the main DNS servers targeted by the conspirators’ botnet. “We saw both attack and legitimate traffic coming from millions of IPs across all geographies,” Scott Hilton, Dyn EVP of Product, said in a summary of the attack. “It appears the malicious attacks were sourced from at least one botnet, with the retry storm providing a false indicator of a significantly larger set of endpoints than we now know it to be. “We are still working on analyzing the data but the estimate at the time of this report is up to 100,000 malicious endpoints.” Dozens of big sites and platforms affected The huge 2016 Dyn DDoS attack resulted in a massive Internet disruption later spread to hundreds of thousands of sites that used the DNS provider’s services. The list of impacted sites also included dozens of high-profile websites and online platforms that suffered losses from remediation costs and lost advertising revenues. The massive DDoS attack indirectly affected Dyn’s servers and brought down a substantial part of the Internet across both North America and Europe together with Sony’s PlayStation Network, the primary target of the attack. “According to court documents, on Oct. 21, 2016, the individual and others used the botnet they created to launch several DDoS attacks in an effort to take the Sony PlayStation Network’s gaming platform offline for a sustained period,” DoJ press release said. “The DDoS attacks impacted a domain name resolver, New Hampshire-based Dyn, Inc., which caused websites, including those pertaining to Sony, Twitter, Amazon, PayPal, Tumblr, Netflix, and Southern New Hampshire University (SNHU), to become either completely inaccessible, or accessible only intermittently for several hours that day. “ The identity of the defendant was withheld because they were juvenile at the time the offense was commissioned. The individual’s sentencing was scheduled for January 7, 2021. Source: https://www.bleepingcomputer.com/news/security/teen-who-shook-the-internet-in-2016-pleads-guilty-to-ddos-attacks/

View article:
Teen who shook the Internet in 2016 pleads guilty to DDoS attacks

DOSarrest Unleashes new version of its Simulated DDoS Attack platform

VANCOUVER, British Columbia, Dec. 01, 2020 (GLOBE NEWSWIRE) — DOSarrest Internet Security announced today that they have released a new version of its C ybe r A ttack P reparation P latform ( CAPP ) . CAPP is a serve yourself portal allowing customers to test their DDoS protection services they have in place or to stress test their website’s software capability under load. The service has over 50 different types of DDoS attacks in stock, the latest version is a completely new software build of the backend to accommodate a larger and more powerful botnet along with resource management. This version of CAPP, has a new easy to use Wizard to help customers navigate and launch multiple different attacks on multiple targets simultaneously. The customer interface is also integrated into DOSarrest’s customer portal along with all of their other Internet security services. Some of the new attacks now available include: SSL Connection Overload, GRE Protocol Floods, Database Stress Testing, Variable ICMP Type Floods & Advanced TCP Table Exhaustion, Enhanced HTTP Attacks – Able to randomize User agents, URI’s, referrers and much more, all with a high number of concurrent connections. DOSarrest CTO Jag Bains comments, “It’s interesting to see how different systems react to attacks; CAPP not only shows you the traffic to the victim but also shows you the traffic response from the victim. A small attack to a target can actually produce a response back that’s 500 times larger.” Bains adds, “Every time a customer uses the service, they learn something new, sometimes it’s bad news; the good news is, it’s only a test.” CEO of DOSarrest, Mark Teolis states “Pretty much all of the new attacks and enhancements are a result of customer feedback over the last few years of operating the service first launched in 2018. Customers know they have weak or overcommitted resources, and they want test them to make sure they don’t fail.” About DOSarrest Internet Security: DOSarrest founded in 2007 in Vancouver, B.C., Canada serves a global client base and specializes in fully managed cloud based Internet security services including DDoS prot e ction for websites , Net w ork Infrastructure protection , W eb A pplication F ir e w a ll (WAF) , Traff i c Analyzer as well as C A PP . Source: https://www.globenewswire.com/news-release/2020/12/01/2137310/0/en/DOSarrest-Unleashes-new-version-of-its-Simulated-DDoS-Attack-platform.html

Read the original post:
DOSarrest Unleashes new version of its Simulated DDoS Attack platform

Huge Cyberattacks Attempt To Silence Black Rights Movement With DDoS Attacks

After the death of George Floyd and the subsequent protests across the U.S., cyberattacks on advocacy groups spiked by an astonishing 1,120 times. It’s unclear who is behind the attacks, but they included attempts to neuter anti-racist organizations’ freedom of speech. The data comes from Cloudflare, a Silicon Valley company that protects a vast number of websites from distributed denial of service (DDoS) attacks, where servers are flooded with traffic to make them inaccessible. As its tech is used by a number of advocacy groups—including Black Lives Matter—Cloudflare saw what was happening around the time of Floyd’s death, caused by a police officer—former Minneapolis police officer Derek Chauvin—kneeling on Mr. Floyd’s neck till the life drained out of him. Fighting prejudice online And organizations whose purpose is to fight prejudice went from seeing almost no attacks on their sites to significant attempts to knock them offline. They included nearly 140 million likely malicious requests to load their websites. DDoS attacks see sites swamped with such requests, which mimic a massive number of people trying to get on a site at the same time, clogging up traffic to the page and making it inaccessible. “Those groups went from having almost no attacks at all in April to attacks peaking at 20,000 requests per second on a single site,” the company’s CEO, Matthew Prince, and its chief technology officer, John Graham-Cumming, wrote in a blog post. “One particular attacker, likely using a hacked server in France, was especially persistent and kept up an attack hitting an advocacy group continuously for over a day. We blocked those malicious HTTP requests and kept the site online.” In May, attacks on government, police and emergency services websites were up 1.8 times and 3.8 times on military websites, compared to the figures in April. Last week, the Minneapolis Police Department website was down after a reported DDoS attack. “We have been listening carefully to those who have taken to the streets in protest to demand justice and an end to structural racism, and believe that their powerful stories can serve as catalysts for real change. But that requires them to be heard,” the Cloudflare chiefs wrote in the post. “Unfortunately, if recent history is any guide, those who speak out against oppression will continue to face cyberattacks that attempt to silence them.” Source: https://www.forbes.com/sites/thomasbrewster/2020/06/03/huge-cyber-attacks-attempt-to-silence-black-rights-movement-with-ddos-attacks/#3460b946742b

Original post:
Huge Cyberattacks Attempt To Silence Black Rights Movement With DDoS Attacks

Dutch Police Shut Down 15 DDoS-for-Hire Services

Dutch law enforcement has shut down 15 DDoS-for-hire services that were used to run cyberattacks aimed at knocking websites and networks offline. Although they did not reveal the names of the DDoS-for-hire booters that they stopped, Police in The Netherlands were able to arrest a 19-year-old man from The Netherlands, who is suspected of orchestrating a DDoS attack against two websites that provide information on the coronavirus. The affected websites, MijnOverheid.nl and Overheid.nl, were unavailable for several hours on March 19 after being bombarded with traffic, according to the Dutch police. “We want to protect people and companies and make it increasingly difficult for cyber criminals to carry out a DDoS attack,” the head of the cyber crime team of the Central Netherlands police, Jeroen Niessen, said in a statement on the takedown. Dutch citizens may have found the interruptions to Overhead.nl particularly exasperating because the site is used as a “digital letterbox” to receive communications, including information about the pandemic, from the government. “The availability of this site to citizens is crucial for the country, especially during these times,” the Dutch police said. “By flattening a website like this, you are denying citizens access to their personal data and important government information. We take this very [seriously], especially now that the corona[virus] crisis is causing additional uncertainty and a great need for information for many people,” Niessen added. Dutch police have been pushing in recent years to stop Distributed Denial of Service attacks, which can overload computers with so much traffic that they become inaccessible. Last year, for example, Dutch police took down a hosting company that helped cybercriminals propagate hundreds of thousands of DDoS attacks. The year prior, the U.S. Department of Justice, in concert with the Dutch police and the U.K.’s National Crime Agency, knocked down 15 internet domains used to launch DDoS attacks. The Dutch police will continue to tackle new services, companies, and individuals involved in making DDoS attacks easier to operate moving forward, according to Niessen. “If they pop up elsewhere, we will immediately work on it again,” Niessen said. “Our goal is to seize more and more booters.” In the meantime, the Dutch police advised victims against paying cybercriminals behind DDoS attacks in the hopes that they call the police to investigate and hold them accountable instead. “Don’t give the cyber criminals money, as this may seem like a quick fix to get your site back up and running, you run the risk of getting rid of them,” the police advised. Source: https://www.cyberscoop.com/dutch-police-ddos-shutdown/

See more here:
Dutch Police Shut Down 15 DDoS-for-Hire Services