Tag Archives: democratic

A Turkish hacker is giving out prizes for DDoS attacks

But the DDoS software comes with a hidden backdoor A hacker in Turkey has been trying to encourage distributed denial-of-attacks by making it into a game, featuring points and prizes for attempting to shut down political websites. The DDoS platform, translated as Surface Defense in English, has been prompting other hackers in Turkey to sign up and score points, according to security firm Forcepoint which uncovered it. Users that participate will be given a tool known as Balyoz, the Turkish word for Sledgehammer, that can be used to launch DDoS attacks against a select number of websites. For every ten minutes they attack a website, the users will be awarded a point, which can then be used to obtain rewards. These prizes include a more powerful DDoS attacking tool, access to bots designed to generate revenue from click fraud,  and a prank program that can infect a computerand scare the victim with sounds and images.  The DDoS platform has been promoted on Turkish hacking forums, and the attack tool involved is designed to only harass 24 political sites related to the Kurds, the German Christian Democratic Party — which is led by Angela Merkel — and the Armenian Genocide, and others. “Users can also suggest new websites to add to the list of targets,” Forcepoint said. “There is a live scoreboard for participants to see how they compare to other participants.” The maker of the DDoS platform also tightly regulates the way users play. For example, the DDoS attack tool given to the participants is designed to run on only one machine, preventing it from being used on multiple computers. This is done to ensure fairness during the competition, according to Forcepoint. However, it’s not exactly an efficient way to launch a DDoS attack, which are typically done with armies of infected computers that can number in thousands or more. It’s unclear how many participants the DDoS platform managed to recruit or if it managed to take down any websites. But Forcepoint noticed that the DDoS attack tool given to the participants also contains a backdoor that will secretly install a Trojan on the computer. The backdoor will only execute on a participant’s machine if they’ve been banned from the competition. Its goal is probably to enslave the computerand form a botnet to launch additional DDoS attacks, Forcepoint said. The hacker behind the DDoS platform is believed to go by the handle “Mehmet” and is possibly based in the Turkish city of Eskisehir, according to evidence found in Forcepoint’s investigation.   Although the DDoS attacks are geared at political websites, the participants involved the competition might not be ideologically motivated, and instead could just want access to the hacking tools, Forcepoint said.  Source: http://www.pcworld.com/article/3148270/security/a-turkish-hacker-is-giving-out-prizes-for-ddos-attacks.html

Continue reading here:
A Turkish hacker is giving out prizes for DDoS attacks

How hackers could wreak havoc on the US election

AS VOTES are counted and polls close across America, security experts have warned that hackers could disrupt the presidential election process. “Anything that unsettles the election process would be a complete disaster,” explained Stephen Gates, chief research intelligence analyst at security specialist NSFOCUS. “Misinformation on exit polls, widespread internet and media outages, and delays in reporting could seriously impact people’s desire to vote and even worse — trust the results.” Mr Gates pointed to the mysterious cyber attacks that recently snarled East Coast Web traffic as evidence of hackers’ ability to cause disruption. A number of major sites including Twitter, Netflix, Spotify and Reddit were impacted by the October 21 distributed denial of service attacks (DDoS), on internet services company Dyn. DDoS attacks, which often occur when a hacker “floods” a network with information, are a popular method for disrupting websites and services. Mr Gates warned that, in addition to large DDoS attacks on internet infrastructure, online news and media outlets, attackers could target voter registration systems by launching smaller attacks on individual polling centres. “Many of these verification systems are likely online and need to access state databases where voter registration and verification is required to cast a vote,” he said. “Attacks against registered voter databases themselves would also be highly likely.” DDoS attacks and bogus election posts could also flood social media sites and spread misinformation, he warned, noting that so-called ‘man-in-the-middle’ attacks against polling centres as they report their final numbers to collection centres are also possible. In a man-in-the-middle attack a hacker secretly intercepts, and potentially alters, information as it is sent between two parties.  Roger Kay, president of Endpoint Technologies Associates, also sees a potential DDoS threat. “I have considered it a real possibility, not only are the cyber tools available, but the motivation is there as well, from anyone — they could be state actors, they could be malicious hackers.” Hackers, for example, could use the internet of Things, where even household devices are web-enabled, as a launch pad for their attacks, according to Mr Kay. The analyst, however, notes that major DDoS attacks are difficult for hackers to sustain, and also cites the low-tech nature of some US election infrastructure. “If you look at the safety of the democratic structure, there’s all these decentralised activities, many of which are paper[-based].” Nonetheless, a Department of Homeland Security report obtained by FoxNews.com warns that parts of America’s election infrastructure are vulnerable to cyber attack. While the risk to computer-enabled election systems varies from county to county, targeted attacks against individual voter registration databases are possible, it said. One technology being touted as a potential solution to cyber threats and voter fraud is blockchain. Blockchain, which uses a decentralised security protocol, could be used to safely record and transmit votes. Because blockchain messages are distributed and not kept in one central location, they are very difficult to tamper with, say experts. “The technology could be used to prevent voter fraud (e.g., multiple votes by a single person) through use of private keys for each voter and storage of votes on an immutable blockchain ledger,” Joe Guagliardo, chair of the Blockchain Technology Group at law firm Pepper Hamilton, in an email to FoxNews.com. “Once the vote has been cast and verified, it cannot be changed without verification by all of the nodes in the network (potentially millions or more) — fraudulent activity would require computational power to overcome the resources of the collective nodes in the net.” Source: http://www.ntnews.com.au/technology/how-hackers-could-wreak-havoc-on-the-us-election/news-story/4f732c684f8f14eeee46e82641bcd5f8

More:
How hackers could wreak havoc on the US election