Tag Archives: defend against ddos

Anonymous vows to take down jihadist websites to avenge ‘Charlie Hebdo’ victims #OpCharlieHebdo

Hacker group Anonymous has vowed to avenge those killed in the deadly attack on the offices of French satirical magazine Charlie Hebdo by taking down jihadist internet sites and social media accounts. In a video uploaded to the Anonymous Belgique YouTube channel, a figure wearing the group’s signature Guy Fawkes mask condemned the attack that killed 12 individuals, which includes eight journalists. The video description addresses the message to “al-Qaeda, the Islamic State and other terrorists.” “We are fighting in memory of these innocent people today who fought for freedom of expression,” stated the disguised person in the video. The group integrated a link to anonymous data sharing internet site Pastebin with a list of Twitter accounts it claims are linked to jihadists. The group is using the hashtag #OpCharlieHebdo to urge other customers to assistance them take down the accounts by reporting them to Twitter, or participating in a Distributed Denial of Service (DDoS) attack – a practice normally used by the hacker group. “Anonymous should remind each citizens (sic) that the press’s freedom is a fundement of the democracy. Opinions, speech, newspaper articles with no threats nor pressure, all these issues are rights you can’t modify,” read a statement posted to Pastebin by the group Thursday. “Expect a massive reaction from us, simply because this freedom is what we’ve been often fighting for.” Read A lot more: Each ‘Charlie Hebdo’ suspects killed as police storm constructing Wednesday’s attack in Paris has not been linked to ISIS – numerous reports have suggested it is much more most likely to be connected to the Yemen-based al-Qaeda in the Arabian Peninsula. On Friday, Charlie Hebdo suspects Cherif Kouachi, 32, and Stated Kouachi, 34, had been killed just after police stormed the constructing exactly where they were holed up for extra than five hours. The third suspect Hamyd Mourad, 18, surrendered to police early Thursday. Source: http://www.finditwestvalley.com/world/anonymous-vows-to-take-down-jihadist-websites-to-avenge-8216charlie-hebdo8217-victims-h46362.html

German government sites faced DDoS attacks

A German official says Chancellor Angela Merkel’s website and several other German government sites have been blocked, and a pro-Russian organization has claimed responsibility. A pro-Russian organization calling itself CyberBerkut claimed on its website Wednesday to have blocked the official sites of Merkel and the German Parliament ahead of a visit to Berlin by Ukrainian Prime Minister Arseniy Yatsenyuk. Merkel has been a leading figure in attempts to calm the Ukraine crisis. Merkel spokesman Steffen Seibert said several government websites were unreachable Wednesday morning because of a “serious attack clearly caused by a multitude of external systems” — what is known as a distributed denial of service, or DDoS, attack. Seibert says the attack is still being analyzed, and he did not say who was believed to be responsible. Source: http://www.nytimes.com/aponline/2015/01/07/world/europe/ap-eu-germany-merkel-cyberattack.html?_r=0

Scandinavian banks hit with DDoS attacks

The new year started poorly for Finnish bank OP Pohjola Group and its customers: the latter have been prevented from executing their online banking transactions by a DDoS attack that targeted the bank’s online services starting on the last day of 2014. “OP’s services experienced some problems on New Year’s Eve due to data communications disruptions. The disruptions were caused by a denial-of-services attack. The attack flooded OP’s data communications systems and prevented customers’ banking. During the disruption, online services were not available and cash withdrawals could not be made from ATMs. There were also some difficulties in card payments,” the bank shared on the second day of the attack. “The disruption was detected at about 16.30 on New Year’s Eve. The services started to function again at times and were completely restored and available to customers after midnight. Nevertheless, further disruptions are possible as the corrective measures are still ongoing and the security level of data traffic has been raised for the time being. Customers abroad may still have difficulties in logging in to OP’s online services.” The attack is still ongoing, and OP’s services were not the only target. The Finnish division of the Nordea bank and the Danish Danske Bank have also experienced online service slow-down or disruption. While the latter is yet to comment on the matter, Nordea has confirmed they have been targeted by unknown DDoS attackers and have called in the police to investigate. The cause of the attack is still unknown, they said. Nordea’s customers were still able to use the online banking service, but the service was slowed down. OP Pohjola Group’s customers, on the other hand, were unable to use the service altogether for many hours during the last six days, as the bank managed to restore it occasionally. They, along with its service company Tieto, are cooperating with the authorities and investigating the attack. In the meantime, the bank has set up a telephone service number that can be used by customers who cannot access their online services and have urgent banking business. They have also pledged to compensate customers for any fees they many have incurred and losses they may have suffered as a result of their inability to access the bank’s online services during the attack. Source: http://www.net-security.org/secworld.php?id=17785

Read this article:
Scandinavian banks hit with DDoS attacks

Nordea bank’s online services hit by DDoS Attack

Nordea Bank Finland was quoted as saying on Friday that its online banking services were hit by a denial of services attack on the heels of Wednesday’s hacking on OP-Pohjola, another Finnish financial services group. Nordea said that its online banking system has suffered a denial of services attack, which started on Friday morning. As a result, the services have worked much slowly than usual. In addition, Fixing the problem and additional security measures might cause service interruption. According to the bank, the attack has not affected the use of its credit or debit cards or other services. Marko Mettenranta, spokesperson of Nordea, told Finnish national broadcaster YLE that the bank has contacted the police about the attack and measures are underway to fix the problem. Denial of service attacks essentially makes an online resource or service unavailable for its intended users. The National Bureau of Investigation of Finland is investigating OP-Pohjola’s case, saying that the attacks came from both Finland and abroad. Source: http://www.dailytimes.com.pk/business/04-Jan-2015/nordea-bank-s-online-services-hit-by-hackers

DDoS attack on 4Chan by Lizard Squad’s DDoS Rent-A-Tool Lizard Stresser

Lizard Squad’s rent-a-tool Lizard Stresser in action against 4Chan. The infamous band of hackers, Lizard Squad, which brought down the PlayStation Network and Xbox Live servers through Christmas with DDoS attack, are in the news again. This time the target is 4Chan.org, the popular image boarding website and tool used is the DDoS on rent, Lizard Stresser. 4Chan has been brought down by Lizard Stresser through a DDoS attack and still offline. Tweets from Lizard Squad indicate that the someone has rented the Lizard Squad’s rent-a-tool for DDoS to attack 4Chan website. Lizard Squad allegedly used a 1200 GB/s DDoS attack against PSN and XBL networks and is offering double the size of attacks on rent. At present details are sketchy and it is not known who has rented the Lizard Stresser to bring down the 4Chan website. Apparently Lizard Stresser was taken offline two days ago after somebody doxed the userids on the server. The website hosting Lizard Stresser now serves a different login page The Lizard Stresser offers individuals a way to take down IP addresses without having to know anything about hacking or DDoS attacks and is available in multiple subscription packages which range from $5.99 / €4.93 for a 100-second attack to $129.99 / €107 for an eight and a half hour long denial of service incident. The Lizard Squad also offers lifetime packs, prices for which can go upto $500 / €411. The lifetime packs are valid for five years as per Lizard Stresser website. 4Chan renters seem to have opted for the 8 hours pack from the looks of it but there is no official confirmation from either the Lizard Squad or 4Chan regarding the attack except for the tweet above(now deleted*). For the time being, the 4Chan website is inaccessible and will stay this way probably until the attack ends or 4Chan admin devise some method to manage to protect themselves against it. Considering that Lizard Squad brought down the networks of bigger and better Sony and Microsoft, 4Chan admin have a hard task cut out for them. There is also a outside chance that the 4Chan may be really down for maintenance , but that is difficult to imagine as Lizard Squad are known to be vocal about their exploits. There were reports of 4Chan admins announcing a while ago that there will be some downtime due to server maintenance, so it might come back online very soon. We will be updating the story as soon as we get any feedback/confirmation from either Lizard Squad or 4Chan. Lizard Squad has also deleted the above tweet about renting the Lizard Stresser just moments ago and the 4Chan website home is still showing some broken images. Source: http://www.techworm.net/2015/01/4chan-ddosed-lizard-squads-ddos-rent-tool-lizard-stresser.html

Read this article:
DDoS attack on 4Chan by Lizard Squad’s DDoS Rent-A-Tool Lizard Stresser

National Bureau of Investigation (NBI) investigate OP Pohjola DDoS attack

The National Bureau of Investigation (NBI) is investigating a Denial of Service (DoS) attack on the OP Pohjola financial services group. The attack shut down online banking and direct debit services, but the bank has no leads on who might have launched it. Police are investigating an attack on Finnish bank OP Pohjola’s online banking services that caused disruption for customers using online banking and card payments on New Year’s Eve. The company said in a press release that traffic in the denial of service attack originated both inside and outside Finland. The firm is investigating the incident in collaboration with the authorities, network operators and IT services provider, Tieto. A formal police complaint has been filed and OP says that the National Bureau of Investigation is looking into the case. The disruption started on Wednesday at around 16:30, according to the bank, and was only fixed after midnight. Disruption could continue, and those located outside Finland could face difficulties in using OP’s services. Source: http://yle.fi/uutiset/police_investigate_op_pohjola_attack/7716184

Lizard Squad Member Arrested in the UK

Police primarily interested in suspect PayPal activity but also searching for links to DDoS attacks. While the FBI has confirmed that it is investigating Lizard Squad following the group’s PlayStation Network and Xbox Live DDoS attacks over Christmas, the first arrest has been made by British police. The South East Regional Organized Crime Unit (SEROCU) in the UK announced the arrest of a member of cyberattack group Lizard Squad in a press release. The English law-enforcement agency has placed 22-year-old Vinnie Omari in custody, and according to documents obtained by journalist Brian Kerbs, Omari identified as a member of Lizard Squad. The warrent issued to Omari made clear that the police were primarily concerned about suspicious activity related to stolen PayPal accounts which occured well before the PSN and XBL attacks. “The South East Regional Organised Crime Unit has arrested a 22-year-old man from Twickenham on suspicion of fraud by false representation and Computer Misuse Act offences,” the press release reads. “The arrest yesterday is in connection with an ongoing investigation in to cyber fraud offences which took place between 2013 and August 2014 during which victims reported funds being stolen from their PayPal accounts.” In an email to The Daily Dot, Omari said police were looking for anything to connect him to the DDoS strikes, and confiscated his laptops, Xbox One, phone, and USB memory drives. Source: http://www.gameranx.com/updates/id/25873/article/lizard-squad-member-arrested-in-the-uk/

More:
Lizard Squad Member Arrested in the UK

How Mega founder Kim Dotcom helped Xbox Live, PSN recover from Lizard Squad’s DDoS attack

How Kim Dotcom helped stop holiday Xbox Live and PSN DDoS attacks Over the Christmas holiday, a loosely organized group of hackers known as Lizard Squad took down Microsoft’s online gaming service, Xbox Live (XBL), as well as Sony’s online gaming platform, PlayStation Network (PSN), through coordinated denial-of-service attacks (DDoS). But the legally embattled owner of Mega, Kim Dotcom, may have offered the olive branch that helped both online gaming services slowly come back online. DDoS attacks are implemented by either forcing the targeted network’s service or website to reset, or by consuming its resources at such a high level that it can no longer function. While relatively simple and not considered “hacking” by security experts, large-scale DDoS attacks, like those against Xbox Live and the PlayStation Network, require the use of massive “botnets,” compromised computers all working in unison to overwhelm a service. This meant that for the majority of the holiday, including Christmas Day and Boxing Day, two of the highest traffic online gaming days of the year, most people were unable to access either Xbox Live or PSN. While Lizard Squad’s motivations for the attacks are still unclear, the group claims they want Microsoft and Sony to improve security on their online services. Just like many online attacks of this kind, it’s more likely they were perpetrated simply because they were possible, especially since preventing a DDoS attack is difficult regardless of how secure a network is. The controversy surrounding the attacks also involved a rival hacking group, The Finest Squad, allegedly attempting multiple times to take down Lizard Squad over the course of the holidays through their own DDoS attacks and by “doxing,” releasing the personal information of Lizard Squad members. These efforts ultimately failed and both PSN and XBL remained offline until Dotcom intervened. Lizard Squad and The Finest Squad also frequently traded insults through social media and on popular YouTube hacking-focused talk show, DramaAlert. This is where Kim Dotcom comes in: contacting Lizard Squad directly and promising the group 3,000 $99 Lifetime accounts, worth approximately $300,000 in total, for his encrypted upload service, Mega, if they stopped their DDoS assault on XBL and PSN. Lizard Squad also credited Dotcom with being the main peacemaker in terms of getting the attacks to stop. Despite one faction of Lizard Squad claiming all attacks have ceased, another faction of the group reportedly continued disrupting XBL and PSN, creating free digital game listings for Call of Duty: Advanced Warfare and Destiny. When both services went back online they were also overwhelmed with thousands of users trying to log into their profiles simultaneously, creating additional difficulties for Microsoft and Sony’s online infrastructure. However, As of Dec. 30th, both Xbox Live and the PlayStation Network are running relatively smoothly. Despite playing an important role in getting both gaming services back online, some have criticized Dotcom for setting a dangerous precedent by giving away free Mega accounts to malicious hackers. Other recent high-profile hacking incidents include a group of hackers known as the Guardians of Peace gaining access to Sony’s internal network and leaking a number unreleased films, and also threatening a terrorist attack if the controversial movie The Interview was released. Source: http://business.financialpost.com/2014/12/30/how-mega-founder-kim-dotcom-helped-stop-holiday-xbox-live-and-psn-ddos-attacks-by-appeasing-lizard-squad/?__lsa=7896-d0fe

View article:
How Mega founder Kim Dotcom helped Xbox Live, PSN recover from Lizard Squad’s DDoS attack

Crunchyroll Streaming Service Down Amid DDoS Attack

The Crunchyroll streaming service announced on Tuesday that it is currently down due to a Distributed Denial of Service (DDoS) attack “of the same magnitude” as those recently targeted towards Sony and Microsoft consoles . Crunchyroll service went down at approximately 4:00 a.m. EST on Tuesday. DDoS attacks against Sony and Microsoft started on Christmas Day and made services on Xbox One and PlayStation 4 consoles unavailable for approximately three days. A hacking group known as Lizard Squad claimed responsibility for the attacks. Crunchyroll has over 400,000 reported paid subscribers. Source: http://www.animenewsnetwork.com/news/2014-12-30/crunchyroll-streaming-service-down-amid-ddos-attack/.82769

Read the original post:
Crunchyroll Streaming Service Down Amid DDoS Attack

DDoS attack on Swedish Parliament’s website

The official website of the Swedish Parliament was taken down on Tuesday, in what officials labelled “an outside attack”. The website, riksdagen.se, was taken down at 11am on Tuesday, with visitors met by a blank screen. By 2pm, the website was up and running again, but officials confirmed that the problem had not been caused by any internal IT troubles. “It went down because of an attack from the outside,” Riksdag spokesperson Anna Olderius told the TT news agency. “But we refuse to comment on security issues in any more detail than that.” The cyber attack marks the second against the website in the past two years. In October 2012, the website went down together with that of the country’s central bank other government websites, news networks, and university home pages. Hacktivist network Anonymous claimed responsibility for the October attacks. “You don’t fuck with the internet,” the group wrote online, in what was apparently a response to police raids on the previous hosts to The Pirate Bay and WikiLeaks. The attacks were carried out via a Distributed Denial of Service (DDoS), where a website is bombarded with communication requests so that the servers become overloaded and the site crashes. As yet, no one has claimed responsibility for Tuesday’s attack. Source: http://www.thelocal.se/20141230/cyber-attack-hits-government-website

See more here:
DDoS attack on Swedish Parliament’s website