Tag Archives: ddos

DDoS attacks increase 83%, Russia top victim

DDoS attacks increased 83 percent to more than 182,900 attacks in the second quarter of the year, according to Nexusguard. The newest report shows that Russia has become the No. 1 victim country. Starlink – a Russian ISP supporting small, medium and large enterprises – received more than 40 percent of the DDoS attacks measured over a two-day period. This targeted DNS attack also pushed the mean average DDoS duration to hours instead of minutes, … More ?

Read the original:
DDoS attacks increase 83%, Russia top victim

MIT Faced 35 DDoS Attacks in the First Six Months of 2016

Attackers targeted the servers of the Massachusetts Institute of Technology (MIT) 35 times in the first six months of the year, according to a threat advisory released by Akamai, a content delivery network and cloud services provider headquartered in Cambridge, Massachusetts. The biggest of these incidents was a DDoS attack that lasted a day, starting on June 7, that peaked at 295 Gbps and 58.6 million packets per second, combining different vectors such as DNS reflection, SYN flood, UDP fragment, PUSH flood, TCP flood, and UDP flood. Compared to other attacks recorded globally in the first six months, according to Arbor Networks, this MIT DDoS attack is one of the 46 such attacks that went over the 200 Gbps limit, with the absolute record being 597 Gbps . Kaiten botnet behind massive 295 Gbps attack Akamai believes that this attack took place at the hands of a botnet powered by the Kaiten malware. Prior to the 295 Gbps DDoS attack, MIT suffered an 89.35 Gbps attack as well. Attackers targeted multiple IPs in MIT’s network and used a combination of 14 different DDoS flood types. Akamai says that 43 percent of these attacks used protocols susceptible to DDoS reflection flaws that amplified the attacker’s traffic. The company detected 18,825 different sources of reflected traffic, with the most located in China. China’s presence on any DDoS source list should not be a surprise by now to anyone since the country is the source of much of today’s vulnerable equipment that gets connected online, a source ready for the taking for any determined hacker. DDoS attacks are on the rise The same Arbor Networks reports cites an overall increase in terms of DDoS attacks globally, a trend which has continued in July as well. Just this week, we reported on DDoS attacks against WikiLeaks , after announcing it would release emails from Turkey’s main political party; against the Rio de Janeiro court that banned WhatsApp in Brazil; Steemit social network ; the Philippines government websites ; Pokemon GO servers ; the HSBC bank ; and against the US Congress , US Library of Congress, and the US Copyright Office. Source: http://news.softpedia.com/news/mit-faced-35-ddos-attacks-in-the-first-six-months-of-2016-506542.shtml

See the original post:
MIT Faced 35 DDoS Attacks in the First Six Months of 2016

Massive DDoS Attack Shut Down Several Pro-ISIS Websites

A team of attackers shut down several ISIS aka Daesh websites against terrorist attacks in Nice and Middle Eastern countries! Terrorism has no religion that’s why whenever a terrorist attack is carried out the victims are innocent people irrespective of race or religion. Hackers and DDoSers, on the other hand, are well aware of the enemy and that’s why recently an attacker going by the handle of ”Mons” conducted a series of DDoS attacks using NetStresser tool just a couple of days ago. The reason for targeting these sites was to protest against the sudden increase of terrorist attacks in France and Middle Eastern countries. In a conversation with HackRead, Mons said that he also got assistance from the owner of BangStresser , the famous DDoSing tool which was allegedly used to shut down BBC’s servers and Donald Trump’s website in one of the largest DDoS attacks ever. However, the attack on pro- ISIS websites varied from 50 Gbps to 460 Gbps. Mons further stated that ”We worked together to take down several ISIS websites. This is for obvious reasons. We want to help in any way we can to weaken their influence that threatens and, to some length, literally destroys our very democracy and human rights. Especially after the recent attacks in France and Arabic countries, our wrath has grown. This war needs to be fought on many fronts, and we try to cover one of them.” Here is a screenshot showing the list of targeted websites along with tweets that show earlier attacks on pro-ISIS sites. Upon checking the history on some targeted sites we can confirm the sites were spreading violent content along with terrorist ideology however at the time of publishing this article some sites were restored while some were listed for sale. This is not the first time when attackers have targeted pro-ISIS platforms. In the past, Anonymous did not only conduct cyber attacks but also exposed companies hosting those sites — Anonymous had also blamed CloudFlare for protecting terrorists’ websites from DDoS attacks but the company had denied the allegations. Source: https://www.hackread.com/ddos-attack-on-pro-isis-websites/

See the article here:
Massive DDoS Attack Shut Down Several Pro-ISIS Websites

Slew of WP-based business sites compromised to lead to ransomware

If an approach works well, there is no reason to change tack, and the masters of the SoakSoak botnet are obviously of the same belief. A year and a half after they have been spotted compromising WP-based websites through vulnerabilities in the Slider Revolution (“RevSlider”) plugin and redirecting visitors to the malware-laden SoakSoak.ru website, they are at it again. “Websites are often compromised by botnets that scan websites for vulnerable software or application plugins,” Invincea’s … More ?

View article:
Slew of WP-based business sites compromised to lead to ransomware

Docker Cloud under fire after DDoS attacks slam DNS, knacker websites

Container biz blames downtime on traffic flood Websites running on the Docker Cloud hosted container management and deployment service were taken down by an apparent DNS outage on Monday. Reg readers and Docker Cloud support forum members complained today that their services were down or suffering intermittent outages with little explanation from Docker. One angry user got in touch with us to lambast the San Francisco startup’s customer support. “The DNS service has now been intermittently online and offline for over a day. All this from a company supposedly worth millions,” he said. “We’ve got a thread ongoing in the forums but we’ve had limited response from Docker staff. For nearly three hours the status page said everything was fine.” On the message board, ziontech, with 20 sites running on Docker Cloud, wrote: “All my dockerapp.io endpoints have gone down, DNS resolution is failing, is there an issue with these right now?” Docker was criticized for relying on users to keep each other updated on its systems’ operations. Docker Cloud is the Docker hosting service from Tutum, which Docker bought in October 2015. The purchase price was not disclosed. The Reg has asked Docker for comment and will update this piece with any response. We note that the Docker system status page was updated to read: “We have identified an unusual high load on our DNS servers that is causing some lookups to fail. We are scaling up and investigating the source of the traffic.” ® Updated to add A spokesman for Docker has been in touch to say its DNS infrastructure was flooded offline with junk traffic, resulting in outages for customers: Docker Cloud did experience an outage yesterday due to two Distributed Denial of Service attacks on the DNS. Service was restored yesterday and things are completely back to normal. Docker provided updates via the forums within an hour after the outage was discovered, which was as soon as possible based on the information they had, and continued doing so throughout the day. They also continuously updated the status at status.docker.com. Docker has taken corrective measures to ensure this situation does not occur in the future, and, most importantly, has taken steps to ensure that user applications will not be affected in the event that Docker Cloud experiences another outage. Source: http://www.theregister.co.uk/2016/07/19/docker_cloud_dns_outage/

More here:
Docker Cloud under fire after DDoS attacks slam DNS, knacker websites

Pokémon Go Servers Suffer Downtime, Possibly Due to DDoS Attacks

With server issues, Pokémon Go players may have had trouble catching much this weekend and it wasn’t merely due to the tremendously popular game crashing a lot on account of a massive new roll-out. A hacker group has claimed responsibility for the server outage, with DDoS attacks. A hacking group known as PoodleCorp has claimed responsibility for Pokémon Go servers crashing on Saturday, an attack which coincided with a roll-out of the tremendously popular game in 26 new countries. While its claim is yet to be verified, the hacking group has notable targeted several YouTube profiles, including the most followed YouTuber of them all, Pewdiepie. The claim was made via a social media post [1] on PoodleCorp’s Twitter account: PokemonGo #Offline #PoodleCorp The group also re-tweeted another post from the supposed leader of the group, who implied that another bigger attack was also coming. The poster wrote [2] : Just was a lil test, we do something on a larger scale soon . Several users took to social media to complain about the outage during a time when the gaming phenomenon is catching on like wildfire around the world, sending Nintendo share prices skyrocket by 86% in a week’s time. I’m really pissed off that Pokémon Go is down because a group of killjoys decided it would be fun to hack the servers and take them offline. — Meg Bethany Read (@triforcemeg) July 16, 2016 Pokemon GO got DDoS ‘d and DDOS became a trending topic lmao Earlier this week, a security researcher discovered a potentially major security flaw [4] win the application. The augmented reality game has captured the imagination of people around the world, wherein players capture virtual Pokemons before collecting and using them to battle other Pokemons captured by other players. Released on July 7, ten days ago, the application has already been downloaded over 10 million times on Apple and Android devices. A new roll-out saw the game now available in 34 countries, including Australia, the United States and almost all of Europe. Source: http://need-bitcoin.com/pokemon-go-servers-suffer-downtime-possibly-due-to-ddos-attacks/

Visit site:
Pokémon Go Servers Suffer Downtime, Possibly Due to DDoS Attacks

68 gov’t websites attacked

Several Philippine government websites have been subjected to various forms of cyberattacks following the release of the ruling on the arbitration case filed by the Philippines against China. The STAR learned yesterday that at least 68 websites have been subjected to attacks, which included attempts of hacking and defacement, slowdowns and distributed denial of service attacks. Among those at the receiving end were agencies such as the Department of National Defense, the Philippine Coast Guard, Department of Foreign Affairs, Department of Health, the Presidential Management Staff and the gov.ph domain registry website. The website of the Bangko Sentral ng Pilipinas was also subjected to a supposed hacking, although authorities were able to immediately foil it. The websites of these agencies were all accessible yesterday. The source of the attacks has yet to be determined, although initial investigation supposedly pointed to an entity supposedly operating from the Netherlands. The Permanent Court of Arbitration (PCA) that issued the ruling on the Philippine case is based in The Hague in the Netherlands. The Information and Communications Technology Office, the precursor of the newly created Department of Information and Communications Technology, has yet to respond to request for comment regarding the cyberattacks. The Department of Science and Technology earlier provided additional protection to Philippine government websites amid repeated incidents of defacements and denial of service attacks. PCA website hacking Earlier, a cyber-security company reported that the PCA website was infected with a malware by “someone from China” in July 2015. Citing information from ThreatConnect Inc., Bloomberg Business reported the attack happened in the midst of the week-long hearing on the jurisdiction of the arbitration case filed by Manila against Beijing over the territorial dispute in the South China Sea. Gaelle Chevalier, a case manager at the PCA, told Bloomberg that they “have no information about the cause of the problems.” Source: http://www.philstar.com/headlines/2016/07/16/1603250/68-govt-websites-attacked

Read the article:
68 gov’t websites attacked

Mike McNeill’s Diary for Monday, July 11, 2016: Fighting off the DDoS

magnoliareporter.com experienced some technical issues on Friday. Our website is hosted by a service known as TownNews.com , which hosts and provides technical assistance to thousands of media-oriented websites across the country. TownNews.com was hit by a directed denial of service (DDoS) attack on Friday afternoon. This mainly manifested itself by making it difficult for us — and hundreds of other websites — to access our servers and make changes. People may have had difficulty accessing our website during that time. We do not think that our thousands of daily visitors have anything to worry about as TownNews.com technology responded immediately. That said, it is probably a good thing that we are not president of the United States. To us, hackers present a clear and present danger to the security of the United States, which has our permission to deal with them with extreme prejudice. North Korea is bent out of shape over the pending deployment by South Korea of the U.S.-made Terminal High Altitude Defense System, or THAAD. THAAD launchers and fire control systems are made in East Camden. North Korea’s military said in a statement that, “There will be physical response measures from us as soon as the location and time that the invasionary tool for U.S. world supremacy, THAAD, will be brought into South Korea are confirmed. It is the unwavering will of our army to deal a ruthless retaliatory strike and turn (the South) into a sea of fire and a pile of ashes the moment we have an order to carry it out.” Ohhhhhhh. We’re scared. Seriously, how many submarines, cruisers, aircraft carriers, bombers and drones are circling offshore North Korea, ready to unleash hell at any given moment? And that’s just the U.S. military. That sea of fire and pile of ashes looks a lot like future downtown Pyougyang to us. The Magnolia School District website is having a makeover. We’ll let you know when the site is up and running. Looking for more widely spread drought conditions when the new report comes out later this week. We’re expecting more abnormally dry conditions in South Arkansas. Patrick Posey died Saturday at his home near Benton, LA. Posey and his wife, Susan, performed much of the mural restoration work around the square a few years ago. Some fool vandalized highway signs in the Walkerville area on during the weekend, but the hate speech written on them was cleaned up. Our new online poll asks for your opinion about the state of race relations in Columbia County – whether they are better, worse or about the same as a decade ago. Another question might be what each of us, as individuals, is doing to make things better. Five years ago, we reported that Walkerville Cumberland Presbyterian Church was dedicating a new manse. A year ago, we reported that Betsy Production was drilling an oil well on the SAU campus. Vice President Aaron Burr shot and mortally wounded former Treasury Secretary Alexander Hamilton in a duel on this date in 1804. Author E.B. White was born on this date in 1899. George Gershwin died on this date in 1937. Source: http://www.magnoliareporter.com/news_and_business/mike_mcneills_diary/article_733b45f8-4720-11e6-9e2d-97f7f136ad46.html

Taken from:
Mike McNeill’s Diary for Monday, July 11, 2016: Fighting off the DDoS

Ransomware: Can we finally start learning from past mistakes?

There is a phrase I am finding quite relevant lately. It is attributed to the philosopher George Santayana and it goes like this: “Those who cannot remember the past are condemned to repeat it.” The reason it comes to my mind a lot these days is the headlines we are seeing relating to the latest ransomware attacks against companies’, hospitals’ and government departments’ systems. Previous headlines highlighted how criminals used DDoS attacks to extort money … More ?

See the article here:
Ransomware: Can we finally start learning from past mistakes?

WikiLeaks’ website was taken offline with a DDoS attack amid an ongoing hacker feud.

As a long-time feud between rival hacking groups boiled over, the WikiLeaks website was caught in the crossfire and brought offline by a distributed-denial-of-service (DDoS) attack on 5 June. However, rather than react with anger, leaked chat logs show how WikiLeaks’ Twitter account engaged the group responsible, called OurMine, and even offered hacking tips for the future. Direct messages leaked to Buzzfeed show how WikiLeaks’ account, rumoured to be helmed by the website’s founder Julian Assange, told the group – which has become known for hacking the online profiles of high-profile figures – their talents could be put to better use. OurMine has recently hacked a slew of celebrities and technology executives including Facebook’s Mark Zuckerberg, Google’s Sundar Pichai and Spotify founder Daniel Ek. Every time, they leave a message telling the victim how weak their security is and leave a link to their website. Indeed the group claims to be a security firm rather than a hacking outfit. In any case, as far as ‘hacks’ go, OurMine’s activity is fairly tame. Until WikiLeaks’ website was taken down – thanks to an ongoing head-to-head with the Anonymous collective – there was little real damage caused to victims other than embarrassment. The DDoS attack took down the famous whistleblowing website by sending waves of traffic towards its servers, a common tactic used in hacktivist circles as a means of protest. After the incident, WikiLeaks got in touch and said the group was wasting its time by not making the most of the chances received by infiltrating profiles of the rich and famous. “If you support us and want to show you’re skills, then don’t waste your time with DDoS etc,” the account wrote. “Find us interesting mail spools or docs and send them to [WikiLeaks]. That’ll have a much greater impact.” After OurMine replied with “We never change their passwords we are just testing their accounts’ security” WikiLeaks said it was a “huge waste.” The message continued: “There’s a lot more than (sic) could have been done with those accounts. Sending DM’s as Zuckerberg to further access elsewhere. Same with Google CEO. You could have used these accounts to gain access to much more significant information, revealing corrupt behaviour elsewhere.” Based on the chats, OurMine appeared to agree with the new direction. “Great idea,” it said. One the hackers, speaking with Wired, previously said: “We don’t need money, but we are selling security services because there is a lot [of] people [who] want to check their security. We are not blackhat hackers, we are just a security group…we are just trying to tell people that nobody is safe.” Source: http://www.ibtimes.co.uk/wikileaks-tells-ourmine-hackers-impersonate-high-profile-victims-reveal-corrupt-behaviour-1569499