Tag Archives: defend against ddos

Breaking Down a DDoS Attack

Distributed Denial of Service attacks have one goal, to make their target unavailable to its users. And there are certainly a number of different ways these attacks can be carried out. Some of the more common DDoS techniques used by attackers include the use of malware to infect computers used to attack their target from a variety of different sources. One of the most well known examples of a Distributed Denial of Service attack is the infamous MyDoom worm that was sent by email spammers and infected the recipient’s computers. The malware targeted domains with a flood of traffic at a predetermined date and time to bring the site down as it could not handle the flood of incoming connections. More commonly, DDoS attack make use of botnets where computers are turned into zombies, after being infected with malware, and are controlled by a central computer. These botnets can then be used to launch the attack against a target of the attacker’s choosing. The numbers inside and attack But just what does it take to launch a successful DDoS attack? How many computers does an attacker use? How much bandwidth to they need to consume? What is the number of connections it takes to successfully bring a web application down? A recent attack gives us a look into these numbers. While it was not the largest DDoS attack ever launched against a website or web application, a recent week long attack against an Asian e-commerce company in early November was the largest attack in 2011. So just what does it take to bring down an e-commerce platform? Let’s take a look: 250,000 zombie computers coming from a variety of botnets. This is an estimated number based on similar attacks in the past and on the amount of traffic and connections that were used to disable the e-commerce platform that was targeted. The number of computers used in previous attacks were easier to estimate as often times, one large botnet was used in the attack. However since large botnets like Rustock and Cutwail were taken down cybercriminals have gotten wise to larger botnets attracting too much attention so the trend it to use smaller botnets, under 50,000 infected computers, and combining them to launch large scale attacks. 45 Gigabytes per second. At its peak, this DDoS attack flooded the company’s site with up to 45 Gbps. To accomplish this, the botnets’ zombie computers sent an average of 69 million packets per second. While this number is rather disturbing for a network engineer, it isn’t the worst consumption of bandwidth ever used in a DDoS attack. In 2010 the 100 Gbps threshold was broken. If this doesn’t seem overly threatening, consider the fact that 100 Gbps used in a DDoS attack shows an 102% increase of bandwidth consumed by these threats over the course of one year and a 1000% increase in bandwidth use since 2005. Yet while the bandwidth consumed in the largest attack of 2011 is significantly lower than that of the previous year’s attack it doesn’t mean that the scope of the problem is decreasing. In fact, the 2011 attack was much more complex as six different attack signatures were used to attack Layer 3, the network layer, and the application Layer, 7. The sophistication of this dual layered attack required less bandwidth to do just as much damage. 15,000 connections per second. 15,000 connections equals that many people trying to connect to a web site, or web application. Not even the most naive, or aggressive, company would think that they had that many people trying to connect to their e-commerce platform every second. This equals 1,296,000,000 connections in a 24 hour period. That much activity can bring some pretty impressive devices to their knees. So far, the name of the company has not been released due to confidentiality agreements. The reason for the attack also remains unclear. Insiders do believe, however, that the attack was launched by a disgruntled user or a competitor looking to gain an edge in the marketplace using industrial sabotage. Regardless of the reason it is clear that the scale and sophistication of DDoS threats continues to grow. In cases like these above it’s always best to have the best DDoS protection .

Read the original:
Breaking Down a DDoS Attack

Accused British hacker launch DDoS attack and charged in U.S. over LulzSec attacks

A federal grand jury in Los Angeles has indicted a 20-year-old British citizen on charges related to attacks by the LulzSec hacking group on the Fox and PBS television networks and Sony’s film and TV studio, authorities said on Wednesday. Ryan Cleary, who is already jailed in the United Kingdom where he faces prosecution over similar charges, is accused of joining other members of LulzSec in harnessing compromised computers, known as a “botnet,” to steal confidential information, deface websites or attack servers. He was indicted on Tuesday. “Cleary is a skilled hacker. He controlled his own botnet, employed sophisticated methods and his broad geographic scope affected a large number of businesses and individuals,” FBI spokeswoman Laura Eimiller said. LulzSec, an offshoot of the international hacking group Anonymous, has taken credit for hacking attacks on government and private sector websites. Anonymous and its offshoots, including LulzSec and AntiSec, initially focused on fighting attempts at Internet regulation and the blocking of free illegal downloads, but have since taken on such targets as Scientology and the global banking system. The charges come just over two months after accused LulzSec hacker Cody Kretsinger pleaded guilty in U.S. District Court in Los Angeles to taking part in an extensive computer breach of Sony Corp’s Sony Pictures Entertainment. In March, court documents revealed that Anonymous leader “Sabu,” whose real name is Hector Xavier Monsegur, had pleaded guilty to hacking-related charges and provided the FBI with information on fellow hackers. According to the indictment released by the FBI, Cleary and his unnamed co-conspirators hacked into the computer systems of News Corp’s Fox Entertainment Group and Sony Pictures Entertainment and stole confidential user information. The indictment also charges Cleary and his co-conspirators of defacing the PBS website and launching “denial of service” attacks against an online gaming website and Britain’s Serious Organized Crime Agency. Cleary is charged with one count of conspiracy and two counts of unauthorized impairment of a protected computer. He faces a maximum sentence of 25 years in prison if convicted. Eimiller said federal authorities would “allow the prosecution to take its course” against Cleary overseas before deciding whether to seek his extradition to the United States. He is next scheduled to be in court in the U.K. on June 25. Anonymous, and LulzSec in particular, became notorious in late 2010 when they launched what they called the “first cyber war” in retaliation for attempts to shut down the WikiLeaks website. They attacked websites including those of MasterCard Inc, which had tried to block payments to WikiLeaks after apparent pressure from the U.S. government following the release of thousands of diplomatic cables. Source: http://www.reuters.com/article/2012/06/14/net-us-usa-lulzsec-hacking-idUSBRE85D00620120614

View article:
Accused British hacker launch DDoS attack and charged in U.S. over LulzSec attacks

Mascow protest against President Vladimir Putin led to indeptendent Russian websites hit with distributed denial-of-service ‘DDoS’ attack

More than 100,000 protesters on Tuesday joined a march against President Vladimir Putin in central Moscow, organizer and radical left-wing activist Sergei Udaltsov told AFP news agency. “There are more than 100,000 people,” Udaltsov said at the rally, called the March of Millions, which police said had drawn 18,000 people. City authorities allowed up to 50,000 to take part in Tuesday’s event, which coincides with the patriotic Russia Day holiday marking the country’s 1990 declaration of independence from Soviet rule. Moscow police said they were sending 12,000 riot officers and interior ministry troops onto the streets of the capital to keep order. The march will take protesters down Moscow’s Boulevard Ring toward Sakharov Avenue, scene of a dramatic demonstration last December against the outcome of disputed parliamentary elections that month. Meanwhile, independent Russian news websites went offline on Tuesday in a suspected attack by pro-government groups, as protesters gathered in Moscow for a march against President Vladimir Putin’s third Kremlin term. The site of the Moscow Echo radio station went down about a half hour before protesters started to gather on central Pushkin Square. The Dozhd (Rain) TV website and that of the prominent opposition Novaya Gazeta twice-weekly newspaper also could not be accessed as the event officially got under way at 0800 GMT. But the websites of Russia’s main media sources ? including Kremlin-allied papers and state-controlled television stations ? were all accessible and operating without delay. A Dozhd newscaster said their station’s website was the victim of a distributed denial-of-service (DDoS) attack of unknown origin. Opposition leaders have been previously blamed attacks on Russian independent media sources on pro-Putin youth groups. A similar attack, which included the inaccessibility of the same websites during the disputed December parliamentary election, was reported but no one claimed responsibility for that attack, AFP reported. The United States on Monday voiced concern after Russian police raided the homes of top protest leaders ahead of the planned mass rally in Moscow. “The United States is deeply concerned by the apparent harassment of Russian political opposition figures on the eve of the planned demonstrations on June 12,” State Department spokeswoman Victoria Nuland told reporters. Police armed with assault rifles carried out a coordinated sweep of the homes of young Russian politicians, who analysts believe represent the biggest threat to ex-KGB spy Putin’s 12-year rule. Nuland also criticized a new law in Russia that imposes “disproportionate penalties” for violating rules on public demonstrations. Russian police were calling in opposition leaders for questioning one hour prior to the planned rally time on Tuesday in a move “clearly designed to take them off the streets during the demonstration,” she said. “Taken together, these measures raise serious questions about the arbitrary use of law enforcement to stifle free speech and free assembly,” she said. Source: http://english.alarabiya.net/articles/2012/06/12/220172.html

See the original article here:
Mascow protest against President Vladimir Putin led to indeptendent Russian websites hit with distributed denial-of-service ‘DDoS’ attack

Wawa’s website under suddle DDoS attack

Hackers caused problems for Wawa’s website, www.wawa.com, late Friday, although it appeared to be back to normal by Saturday. Some visitors to the convenience retailer’s site did not see the usual images of hoagies and smoothies and gasoline promotions. Instead, those images were replaced with a cartoon of Adolf Hitler and the name of the group claiming responsibility, UGNazi. According to a report by The Daily Times, Wawa.com visitors were met with a black screen reading “Welcome Nazis, Targets & Reasons” and the drawing of Hitler. Beneath the group’s name was a list of individuals who allegedly hacked the site: Arya Ebrahimi, Justin Martin, Alex Irvin and Thomas Ryan. The group included a link to follow it on Twitter. UGNazi tweeted about high gasoline prices and plans to also hack the convenience store’s gasoline pumps, reported CBS Philly. According to a Courier Post report, the group tweeted, “How much ?#havoc would be caused by shutting down all of the Wawa gas pumps? Love having access to the gas control relay centers .” In a statement provided to CSP Daily News on Saturday, Wawa public relations director Lori Bruce said, “Please be assured that we have no evidence to indicate our website has been breached. Images on our website were not replaced;  however, a domain name server is being intermittently redirected to a nonlegitimate webpage. We have rectified the situation with our domain registrar, but it may take another 24 hours to propagate to all domain name servers. Until then, people trying to visit Wawa.com may see a page other than Wawa.com.” (The website seemed to be displaying normally by Saturday, with no trace of the bogus page evident.) “Unfortunately, today, many well-known brands have become targets for online mischief or worse. We will continue to actively monitor and report this to the proper authorities,” Bruce added. “This obviously had nothing to do with Wawa and it is certainly not something we condone,” she told the Courier-Post. “We will be working with authorities to get to the bottom of this.” Pennsylvania State Police told the paper that the hacking would fall under the purview of the Internet Crimes Task Force. “We did this not only for the fame but for the ‘lulz’ [“laugh out louds”] and the fact that Wawa has scorching high gas prices and receives many complaints daily,” Cosmo, one of the UGNazi hackers, told technology website Softpedia.com. He claimed that the group has gained access to the websites entire database, but that it has not found anything valuable to leak. According to Wikipedia, UGNazi, also known as the Underground Nazi Hacktivist Group, is a computer hacker group that has claimed responsibility for several attacks conducted over the Internet. It is best known for its “Tango Down” distributed denial of service (DDoS) attacks on U.S. government websites and for leaking the personal information of government officials. The Wawa, Pa.-based c-store chain operates 594 stores in Pennsylvania, New Jersey, Delaware, Maryland and Virginia, of which 311 sell fuel. Source: http://www.cspnet.com/news/technology/articles/wawas-website-hacked

View article:
Wawa’s website under suddle DDoS attack

North Korea ships malware-infected games to South Korean users, uses them to launch DDoS attacks

According to an independent report published in Korea’s JoongAng Daily, Seoul’s Metropolitan Police Agency has intercepted a cyber attack plot orchestrated by North Korea’s Reconnaissance General Bureau, which successfully shipped malware-infected games to South Korean users which were later on used to launch a DDoS attack against the web site of Incheon Airport. More details: According to the police, the South Korean man, identified by the surname Jo, traveled to Shenyang, northeastern China, starting in September 2009 and met agents of an alleged North Korean trading company. He allegedly asked them to develop game software to be used in the South. Jo purchased dozens of computer game software for tens of millions of won, which was a third the cost of the same kind of software in the South. The games were infected with malignant viruses, of which Jo knew, an official at the police agency said. Jo sold the games to South Korean operators of online games. When people played the games, the viruses used their computers as zombies, through which the cyberattack was launched. This is the second attempt by North Korea in recent months to engage in electronic warfare with South Korea, following the use of GPS jammers causing difficulties in air and marine traffic controls. What’s particularly interesting about North Korea’s infection vector in this campaign, is that it’s not a novel approach to spread malware. Instead, it relies on a chain of trust, from the unknown origin of the produced games, to the sellers claims that they are malware-free, and ultimately targets bargain hunters. In the past, software piracy has proven to be a key driving force behind the growth of malware campaigns internationally. Distribution of malware-infected games greatly reminds me of a case which happened in Eastern Europe in the 90s where a malware coder participating in a popular IT magazine’s coding contest, on purposely backdoored his game, which ended being shipped to thousands of subscribers on a magazine-branded CD. Although a good example of a flawed QA (Quality Assurance) on behalf of the magazine, South Korean authorities claim that the person who purchased the games actually knew that they were infected with malware, hence the lower price for purchasing them. Just how big of a cyber threat is North Korea? It’s an emerging market player, having actively invested in the concept over the years, that’s for sure. In my recent conversation with cyber warfare expert Jeffrey Carr, he pointed out that he doubts Russia or China will knowingly supply the irrational North Korea with cyber warfare ‘know how’. However, Russia or China’s chain of command doesn’t need to know that this outsourcing will ever take place, as North Korea could easily outsource to sophisticated cybercriminals doing it for the money, not for the fame. Summary: Seoul’s Metropolitan Police Agency has intercepted a cyber attack plot orchestrated by North Korea’s Reconnaissance General Bureau, which successfully shipped malware-infected games to South Korean users. Source: http://www.zdnet.com/blog/security/north-korea-ships-malware-infected-games-to-south-korean-users-uses-them-to-launch-ddos-attacks/12383

See more here:
North Korea ships malware-infected games to South Korean users, uses them to launch DDoS attacks

Indian ISPs targeted in Anonymous censorship protest

The websites of Indian government-run communications company Mahanagar Telephone Nigam and the Internet Service Providers Association of India faced DDoS (distributed denial of service) attacks from Anonymous on Wednesday as some Internet service providers continue to block file-sharing websites following a court order. ISPs are only following the orders of the court which are supreme, said Rajesh Chharia, president of ISPAI, who was doubtful that the association’s website had been affected by the hackers. The Indian arm of Anonymous previously attacked some government websites, and those of some political parties. Last month, users reported that the hackers tinkered with the service of a large ISP, Reliance Communications, redirecting its users from sites like Facebook and Twitter to a protest page. The hackers also claimed to have attacked the website and servers of Reliance, and got access to a large list of URLs blocked by the company. Reliance denied its servers were hacked. The attacks follow a March court order directing ISPs to prevent a newly released local movie from being available online in pirated versions. Some ISPs blocked some file-sharing sites altogether, rather than any offending URLs. The measures taken by the ISPs have differed depending on their interpretation of the order, Chharia said. Some websites such as The Pirate Bay continue to be blocked by some ISPs and carried the message, “This website/URL has been blocked until further notice either pursuant to Court orders or on the Directions issued by the Department of Telecommunications.” Pastebin is also not accessible through some ISPs. Internet service providers are against censorship, and also against piracy, Chharia said. “It is up to the government and various groups to come to a resolution,” he added. The responsibility of intermediaries has been a controversial issue in India, with some Internet companies including Google and Facebook sued in court late last year for objectionable content found on their sites. Their websites have been attacked as blocks on some file-sharing sites continue Anonymous meanwhile plans on June 9 what it describes as non-violent protests across many cities in India against censorship of the Internet in the country. It claims to have already received police permission for some of the protests. The scope of the protests has widened to include demands for changes in the India’s Information Technology Act, which among other things allows the government to block websites under certain conditions, and also allows the removal of online content by notice to ISPs. The government is also in the process of framing rules that will put curbs on freedom on social media, according to the hacker group. Source: http://www.computerworld.com/s/article/9227804/Indian_ISPs_targeted_in_Anonymous_censorship_protest

See more here:
Indian ISPs targeted in Anonymous censorship protest

Counting the cost of a DDoS attack

In the past month, the Information Commissioner’s Office (ICO), the Leveson inquiry website, Visa and Virgin Media have all been hit by distributed denial of service (DDoS) attacks. Much had been made of the motives for such attacks, and the methods that attackers use, but what impact do they have on the victim’s finances? John Pescatore, analyst at research firm Gartner, told Computing that there were three main costs associated with attacks. “There is the cost of the outage, as it means that a business’s customers cannot reach them through the internet. Then there is the cost of making the attack stop – and, often, a third cost in the form of a potential extortion fee,” he said. Obviously losses vary, depending on how much revenue is generated directly from a company’s web presence. John Roberts, head of managed services at MSP Redstone, said: “If a betting organisation trades £600m a year – or £2m a day in revenue terms – and 50 per cent of that comes from the web, then they are losing £1m a day.” Any web-dependent organisation within the global 1,000 might incur similar losses, he added. But there are some less obvious victims of these blunt-instrument attacks. “A Scottish football club who were playing in a European match had its website taken down by the opposing teams’ fans with a DDoS attack. The club was not able to generate significant revenue, because a number of its customers were signed up to stream live games on a monthly fee basis. So an organisation as innocuous as a football club can lose hundreds of thousands of pounds as well,” Roberts said. Public-sector bodies can also suffer substantial financial damage through loss of productivity. “There is a cost implication for local government as people will be looking to procure services over the internet. If those services are unavailable, public-sector staff will receive a lot more incoming phone calls,” he said. Other repercussions are harder to assess and quantify. For example, businesses can suffer reputational damage from DDoS attacks, said Andrew Kellett, analyst at research firm Ovum. “With [the attack on] the Serious Organised Crime Authority [SOCA], the issue was that this was not the first time it had been exposed to a DDoS attack. You would have thought that enough resilience would have been built after the first attack to deal with something similar a year later,” he said. But Gartner’s Pescatore said that reputational damage is often less severe than many organisations fear; customers are used to websites not working for any number of other reasons that are not related to DDoS attacks. “There is reputational damage if the website is defaced or if the website is attacked and customers’ financial information is disclosed, but DDoS generally does not have much of a reputational impact,” he argued. Kellett disagreed and emphasised that reputational damage can itself cause financial loss to enterprises, as their customers opt for an alternative service from a similar provider. He warned that DDoS attacks could also be used as cover for a simultaneous assault on the targeted business. “The noise around  DDoS attacks can be used to hide another backdoor-style assault, such as data being stolen from within the organisation. “There is an example of clerical records, including credit card information, being stolen from an organisation when a DDoS attack was taking place. It was a hacktivist attack where the credit card details were used to make donations to a charity. For any organisation protecting those details it would be both embarrassing and expensive, as they could lose customers and have to repay anyone who has had money taken from their accounts,” he said. Pescatore said that, of the three costs typically associated with DDoS attacks, extortion attempts have reduced significantly. “In the last two years, businesses have not paid off extortion attempts and are focusing on putting in place services to mitigate DDoS attacks. Several years ago there were incidents where it was deemed less expensive to pay off the attackers as they would only be asking for €5,000,” he said. Source: http://www.computing.co.uk/ctg/analysis/2181680/analysis-counting-cost-ddos-attack

More:
Counting the cost of a DDoS attack

White House unveils initiatives to combat botnets

The Obama administration on Wednesday revealed new initiatives to combat botnets, believed to present one of the greatest threats to the integrity of the internet. Botnets are employed by cyber thieves to gain control of computers to perform illegal activities, including siphoning off assets, initiating denial of service (DoS) attacks, which could shut down a targeted website, or distributing spam. The initiatives stem from a voluntary public-private partnership between the White House Cybersecurity Office and the U.S. Departments of Commerce and Homeland Security (DHS), which coordinate with private industry to lead the Industry Botnet Group (IBG), a group of nine trade associations and nonprofit organizations representing thousands of companies. “The issue of botnets is larger than any one industry or country,” said White House Cybersecurity Coordinator Howard Schmidt at an event to announce the program (Schmidt recently announced his resignation). Also present at the event were Federal Communications Commission Chairman Julius Genachowski, Department of Homeland Security Secretary Janet Napolitano, Under Secretary of Commerce for Standards and Technology Patrick Gallagher, and a number of industry CEOs. According to an administration official who spoke with SCMagazineUS.com on Friday, “industry deserves credit for the real work in getting this done.” He said that the strategy goes back to a Commerce greenpaper on cyber security looking at areas where the government saw a solution in the private sector that could alleviate the botnet problem, but was not gaining traction and collective action. “Companies didn’t want to invest if other companies weren’t,” the administration official said. A call went out from the Departments of Commerce and Homeland Security to the private sector to find ways to build incentives for companies to implement best practices around botnets. “We were pleasantly surprised to find so much agreement,” the official said. A series of meetings at the White House followed, led by Schmidt, which led to the writing of IBG’s “Principles for Voluntary Efforts to Reduce the Impact of Botnets in Cyberspace,” he said. “Cybersecurity is a shared responsibility – the responsibility of government, our private sector partners and every computer user,” Napolitano said at Wednesday’s event, according to a release. “DHS has set out on a path to build a cyber system that supports secure and resilient infrastructure, encourages innovation, and protects openness, privacy and civil liberties.” The Online Trust Alliance (OTA) was also at the event to support the IBG’s principles. “We have a shared responsibility to commit resources to address the growing threats from botnets, which threaten to undermine the digital economy,” Craig Spiezle, executive director and president, Online Trust Alliance, said in a statement. “Preserving online trust and confidence needs to be a priority and the broad adoption of the Industry Botnet Group principles is an important step toward protecting the internet.” Source: http://www.scmagazine.com/white-house-unveils-initiatives-to-combat-botnets/article/243712/

Continue Reading:
White House unveils initiatives to combat botnets

Man arrested for hacking into billing provider

The FBI has arrested hacker “Cosmo”, according to a report by Eduard Kovacs of Softpedia. Cosmo is alleged to be the leader of four-man hacktivist group UGNazi, which took control of the web site of major payment services provider WHMCS just over a week ago. Previously, UGNazi had been known primarily for distributed denial-of-service (DDoS) attacks carried out using its own botnet. Earlier this month, for example, it briefly took down the US Department of Education web site. UGNazi received even more attention when, on 21 May, it hacked into servers belonging to UK billing company WHMCS and copied private internal information, which it posted online two days later. The stolen data included a MySQL dump of the company’s customer database containing nearly 130,000 records, and data from the main server. The hackers gained access to WHMCS’ Twitter account and infiltrated the user forum. The group also carried out DDoS attacks to take down the WHMCS domain for several hours. The UGNazi hackers reportedly used basic social engineering techniques to gain access to the WHMCS domain. One of the hackers, probably Cosmo, phoned WHMCS’s hosting company claiming to be the company’s CEO and correctly answered the security question. They were then given full access to the company’s main server. WHMCS provides payment systems for small to medium-sized web sites. At the time of the intrusion, the customer database contained just under 13,000 credit card numbers, which were encrypted using a symmetrical AES algorithm. Passwords were salted, which should have made them harder to decrypt – but since the salt was recorded directly after the password, not impossible. Following the attack, the hackers spent several days taunting WHMCS. They posted tweets in the name of the company and rewrote some company blog and forum postings. In a statement on PasteBin, UGNazi stated that its motivation for the hack was simply to open the eyes of WHMCS users. The group’s US-based web site is now offline – having been, according to a tweet by Cosmo, seized by the FBI. Members of the group have told Kovacs that they are confident that the FBI will not be able to prove anything in relation to Cosmo. A fifth member left the group shortly before the attack on WHMCS. According to Softpedia, another member of the group hasn’t been online “for the past couple of days”. WHMCS has now reset all passwords for its customer area and warned its customers to be vigilant for ongoing consequences of the hack. Yesterday the company was forced to inform its customers of a further security concern, when a programmer informed WHMCS of a vulnerability in its payment processing system, for which the company released an immediate patch. Source: http://www.h-online.com/security/news/item/Man-arrested-for-hacking-into-billing-provider-1587517.html

Read the article:
Man arrested for hacking into billing provider

DoS crashes updated iPads, iPhones

A denial of service attack has been disclosed in the latest version of Apple iOS. The attack targets Safari in iOS 5.1.1 and a proof of concept was published online. Alienvault security researcher Alberto Ortega said the attack may also affect previous versions of the Apple operating system. The attack was successfully demonstrated on iPhone, iPad and iPod Touch. Ortega said the error was a “step to achieve a real exploitation”. “iOS has a lot of mitigations to avoid successful exploitation,” Ortega said. “This software has errors and holes but you will need to bypass those hard mitigations and find more weaknesses  to have something “usable’.” Ortega reported the error to Apple at the time of disclosure but had no response from the notoriously security silent company. “When JavaScript function match() gets a big buffer as parameter the browser unexpectedly crashes. By extension, the function search() is affected too,” Ortega said in the advisory. Source: http://www.crn.com.au/News/302620,dos-crashes-updated-ipads-iphones.aspx

Taken from:
DoS crashes updated iPads, iPhones