Tag Archives: denial of service attack

DDoS attack brings down TRAI’s website

Indian telecom regulator TRAI’s official website was on Monday brought down by a hacker group called Anonymous India following the public release of email IDs from which the government body received responses regarding net neutrality. The group also warned TRAI of being hacked soon. “TRAI down! Fuck you http://trai.gov.in for releasing email IDs publicly and helping spammers. You will be hacked soon,” AnonOpsIndia tweeted. The group claimed to launch a DDoS (distributed denial-of-service) attack on the website to make it inaccessible. Slamming the government portal, the group posted: “#TRAI is so incompetent lol They have any clue how to tackle a DDoS?” “But just an alarm for whole #India. You trust incompetent #TRAI who don’t know how to deal with DDoS? Seriously sorry guys. Goodluck!,” it added. Taking a dig at the personnel at TRAI, it tweeted: “Somebody call ‘brilliant minds’ at TRAI and tell them to stop eating samosas and get back to work coz DDoS attack has stopped from here.” In a response to a Twitter user about the attack, Anonymous India said it was “just preventing spammers from accessing those Email IDs posted by Trai publicly.” It said that TRAI is incompetent in dealing with internet. “So those who still think that #TRAi can “handle” the Internet, we just proved you wrong.They just got trolled by bunch of kids.#Incompetence,” the hacker group tweeted. Following tweets suggesting the hacker group to stop their actions, Anonymous India did same. However, the group compalined that no action was taken on those email ids which were revealed. “Guys http://trai.gov.in is back online and they still haven’t done anything about those Email IDs. You guys told us to stop. We did,” it tweeted. “So if you guys still think you can have a chat with incompetent #TRAi, go ahead. But WE ARE WATCHING!,” the group posted. Source: http://indiablooms.com/ibns_new/news-details/N/10099/hacker-group-brings-down-trai-s-website.html

View article:
DDoS attack brings down TRAI’s website

‘China censorship’ service GreatFire.org reports DDoS attacks, asks the Internet for help

GreatFire.org, the not-for-profit website designed to highlight online censorship relating to China’s so-called “Great Firewall,” has announced that its mirror websites — set up to circumvent blocks in China — are currently suffering a distributed denial-of-service (DDoS) attacks. A DDoS overwhelms the target — in this case, GreatFire.org’s mirror websites — with a deluge of data, with the intention of causing the network to crash. GreatFire.org is presently reporting 2.6 billion requests per hour — 2,500 times more than its usual traffic — and it says it’s just managing to cope, having switched to faster servers and used other techniques to manage the load. However, it adds that it fears “the attack may be intensified at any time.” China has a long history of blocking online services, and reportedly blocked the whole of Google in the buildup to last year’s 25th anniversary of the Tiananmen Square protests. Back in December, Gmail went dark again too. GreatFire.org basically monitors blocked websites and keywords in China, and has been doing so since 2011. It also offers solutions such as “mirror” websites for circumventing blocks for those located in China. Given GreatFire.org’s core raison d’être , one that would presumably raise the ire of the powers that be in China, it’s surprising to learn that this is in fact the first such attack its sites have undergone in its four-year history. GreatFire.org says the attack began on March 17 and affects all of its mirror websites. Though it asserts that it doesn’t know who or what is behind the attacks, the organization points to a recent story in the Wall Street Journal that reported on how U.S. cloud service providers were facing a backlash from censors in China. The article also talked about how GreatFire.org manages to unblock websites and apps. Notably, GreatFire.org also points to pressure from the Cyberspace Administration of China (CAC) over the past few months. [It] publicly called us “an anti-China website set up by an overseas anti-China organization.” We also know that CAC has put pressure on our IT partners to stop working with us. GreatFire.org is also asking for help — it says that its server costs on Amazon have risen to $30,000 a day (though it doesn’t say what it normally pays). Hinting that it would like Amazon to absorb this cost to support the free-speech cause, the site said: We need companies like Amazon to be on our side and, more importantly, on the side of freedom of speech. We need you to tell Amazon that you think that freedom of speech is an important issue and that Amazon, as a leading global enabler of the internet, plays an important role in access to information. The organization has also asked for anyone with expertise in this realm to get in touch to lend their support. Source: http://venturebeat.com/2015/03/19/china-censorship-website-greatfire-org-suffers-ddos-attack-asks-the-internet-for-help/

Taken from:
‘China censorship’ service GreatFire.org reports DDoS attacks, asks the Internet for help

DDoS attacks losing companies business opportunities

Research said organisations fear losing contracts and ongoing business as a consequence Research by Kaspersky has revealed businesses fear losing clients as a result of DDoS attacks, although the construction industry is more concerned about the cost of eradicating threats. A survey conducted by the security firm in partnership with B2B International revealed 26 per cent of companies thought the problems caused by such attacks were long-term, meaning they could lose current or prospective clients as a result. 23 per cent said they were concerned a DDoS attack would cause reputational issues, while 19 per cent thought the risk of losing current customers who were not able to access services as a result of an outage was the biggest threat to business . The research revealed that only 37 per cent of the companies surveyed had measures already in place to protect against DDoS attacks. Evgeny Vigovsky, head of Kaspersky DDoS Protection at Kaspersky said: “ People who have not yet faced a particular threat often tend to underestimate it while those who have already experienced it understand which consequences might be the most damaging for them. “However, it makes little sense to wait until the worst happens before acting – this can cost companies a lot, and not only in financial terms. That is why it is important to evaluate all possible risks in advance and take appropriate measures to protect against DDoS attacks.” Of those surveyed, the majority of telecoms, e-commerce, utilities, utilities and industrial companies viewed the loss of business as the main DDoS risk, while construction and engineering verticals explained they were concerned about the cost of implementing backup systems most. Source: http://www.itpro.co.uk/security/24245/ddos-attacks-losing-companies-business-opportunities

More here:
DDoS attacks losing companies business opportunities

Anonymous to BBC: Bring back Clarkson, threatens DDoS attack

The recent story involving our favorite power-mad petrol head Jeremy Clarkson’s suspension from the BBC has us all on the edge of our seats, as this latest controversy not only puts his future on Top Gear on shaky ground, but jeopardizes the show’s future in general. Many people have shown him support, from an online petition to British Prime Minister David Cameron saying he’s a fan. Clarkson’s got friends in high places, it seems, but according to a report, he’s got friends in low places, too. To recap how this all started, Clarkson allegedly threw a punch at a Top Gear producer during a “fracas” over not being served the dinner he wanted after a long day’s shoot. This has resulted in his suspension from the BBC along with the final three episodes of the show postponed indefinitely. Among the buzz of supporters, The Mirror is reporting that the activist group Anonymous has threatened the BBC with a DDoS attack if Clarkson isn’t reinstated. This kind of internet attack overwhelms a website with traffic requests, effectively shutting it down. The report claims that an open letter to the BBC made these claims, branding the hacker mission as #OpBringBackClarkson saying “You don’t wanna piss off 300 million people…” and “BBC you are warned… DDOS cannons will fire if you don’t comply.” Sounds like Ol’ Clarkson has the might of internet justice behind him, doesn’t it? A closer look tells a slightly different story. First off, there’s hardly an official source for a group called Anonymous for the obvious reasons, so its hard to peg for sure when someone is speaking on the organization’s behalf. Usually, associated twitter accounts like @YourAnonNews, which has over a million followers, indicate what’s trending amongst the cabal, and #OpBringBackClarkson really isn’t up there. Like, at all. As of this writing, eleven people have used the hashtag on twitter. Eleven. Looking at many of the Anonymous-branded twitter accounts and websites reveal that their uproar is more focused on things like the recent Ferguson protests and other serious issues of violence across the globe. Nobody is really talking about their favorite car show host. The Mirror’s article posts what seems to be the one Anonymous-related twitter post regarding the incident, but its handful of followers and tweets, in comparison to sources like @AnonyOps make it seem like an Anonymous fan rather than the voice of a movement. Surely then, this “open letter” would have more information? It might if you can find it. For all this talk of an open letter, any searches and stories posted simply refer back to the original Mirror article, with no links going to the BBC-directed open letter. In fact, after searching for hours, the only way we found it was to tweet the author of the post himself, who shared with us this link: http://pastebin.com/Kau1eP6N The letter doesn’t say much else beyond what we quoted above, save for linking to the Change.org petition and the recanting of Anonymous “we are legion” maxim. Pastebin is a great way to anonymously post text, but it doesn’t really work as an open letter forum unless you get the word out, and none of the Anonymous people are doing that, just The Mirror. We’re wondering if the BBC has even seen this. Again, the tricky thing about dealing with a group called Anonymous is, well, they’re anonymous. We’re not suggesting that this threat is false, but the evidence indicating that it might be is sketchy at best. Source: http://www.digitaltrends.com/cars/anonymous-to-ddos-attack-the-bbc-site-over-clarkson/

Continued here:
Anonymous to BBC: Bring back Clarkson, threatens DDoS attack

Sony, Microsoft, and Nintendo Are Working Together to Stop DDoS Attacks

We may all have different gaming preferences, but we can probably all agree that DDoS attacks suck. Whether it’s the PlayStation Network or Xbox Live that goes down, seeing services get targeted by code junkies for their own selfish entertainment is never nice; at the end of the day, we all just want to enjoy our games – regardless of which platform we’re playing on. We’re pleased to learn that Sony, Microsoft, and Nintendo are all in constant communication about how to mitigate the impact of these irritating attacks, then. “I don’t think that it’s great when the PSN goes down,” Xbox chief Phil Spencer told Game Informer magazine. “It doesn’t help me. All it does is put the fear and distrust from any gamer that’s out there, so I look at all of us together as this is our collective opportunity to share what we can about what we’re learning and how things are growing. Those conversations happen, which I think is great.” Slightly muddled sentences aside, we really like what Spencer’s saying here: DDoS attacks are incredibly difficult to defend against, so maybe it’s going to take all three companies working together to prevent them from causing so much damage. There hasn’t been a problem on the PSN for a few months now, so hopefully a few corners have been turned behind closed doors. Source: http://www.pushsquare.com/news/2015/03/sony_microsoft_and_nintendo_are_working_together_to_stop_ddos_attacks

Read the article:
Sony, Microsoft, and Nintendo Are Working Together to Stop DDoS Attacks

New York City hit with DDoS attacks, government email service knocked out

Unknown hackers knock out New York City governments email system For whole of last week and uptil Monday, unknown hackers had knocked of New York City government’s emailing system. The attack was pretty ferocious according to a City Hall source who said that the “universal” denial of service attack had now been contained but there was still “ongoing malicious activity” as recently as Monday. Almost all government agencies in New York City were unable to send or receive messages for the past week due to this attack. Some agencies such as the Department of Transportation set up temporary Gmail accounts to send and receive emails. Sources said that inbound and outbound emails were affected while intra-agency emails were not affected by the attack Speaking about the DDoS attack, Jackie Albano, a spokeswoman for the city’s Department of Information Technology and Telecommunications, said that the attack which started last Tuesday, had been resolved last week. He also added that the efforts taken to mitigate the attack may have slowed the email servers resulting in slowed emails. It is not known whether New York City government websites were under DDoS attack or were hacked because Albano added that no sensitive information or data was compromised during the attack. He however said that this was a “big attack” but downplayed its impact on New York City government services. “It is a big deal but….it’s like a lot of mosquitoes buzzing around you,” said Albano. “The nature of the attack is only designed to interfere with service, not to steal or access any private information. It’s designed to slow down email. On the scale of cyber incidences it’s kind of low.” Albano said that MSISAC, New York Police Department and FBI were all investigating the incident and it is still not clear who initiated the attack of why. Source: http://www.techworm.net/2015/02/new-york-city-hit-with-ddos-attacks-government-email-service-knocked-out.html

More here:
New York City hit with DDoS attacks, government email service knocked out

DDoS Attacks ‘major concern for Saudi firms’

Leading IT decision-makers in the Kingdom have indicated that distributed denial-of-service (DDoS) attacks are fast becoming a main security risk in for Saudi businesses. This was stated in a new survey released at a seminar in Riyadh on the cyber risks and business security in the Kingdom. The survey, commissioned by global Application Delivery Networking leader F5 Networks, and conducted by Redshift Research, said: “84 percent agreed that DDoS attacks can have a strong adverse impact on business.” The survey included 109 of these Saudi decision-makers, employed in companies with at least 500 employees said that 56 percent of respondents singled out data and revenue loss resulting of these attacks as the main concerns whereas 55 percent cited a related decline in productivity. Commenting on the survey, Saudi expert Mamdoh Allam, Saudi Arabia country manager of F5 Networks, said: “DDoS attacks are a major problem in Saudi Arabia and they are only going to intensify as cyber criminals compete with each other to devise new ways of causing disruption,” “DDoS attacks can affect businesses in many ways and attacks can cause damage running into many millions of dollars, permanently ruining a company’s reputation with everything from downtime to putting customer data at risk.” Allam explained that while attackers have traditionally used personal computer networks to launch DDoS attacks, it has become increasingly common to hijack oblivious global networks of malware infected machines to coordinate large-scale attacks. The survey also stated that 40 percent of the Saudi IT decision makers had endured a DDoS attack. 34 percent claimed normalcy after a few days, 36 percent after a week and 20 percent after a few weeks. Ten percent of those surveyed said it took up to a month to get back to business as usual. Around 45 percent did put the estimated cost of recovery at between $3 to 5 million, 30 percent between $5 to 10 million, and 16 percent between $10 to $20 million, and 2 percent said the damage was as high as $20 to $30 million. The survey also highlighted the need for greater industry-wide awareness. Allam stressed that the responsibility is now on businesses to place cyber security at the heart of their business strategies and do everything they can to gain a more comprehensive understanding of both cyber-attacker identity and their motivations. In particular, Allam pointed to the potential of full-proxy firewalls that can handle hundreds of thousand connections per second, policy management solutions that curb unauthorized access without impacting on the end-user, and uptime-boosting application security and traffic manager solutions that combine to block malicious intrusions and re-route legitimate requests. Source: http://www.arabnews.com/news/677396

More:
DDoS Attacks ‘major concern for Saudi firms’

Carbon Poker Crash and Possible DDoS Attacks Highlight Need for Legalization

Recent happenings at what was considered one of the more reliable and trustworthy offshore online poker rooms, Carbon Poker, is simply furthering the case for regulated online poker in the United States. Anyone calling for a ban of online gambling in the U.S. should pay particular attention to what has taken place at Carbon Poker over the past couple weeks, as these are the types of online poker operators that will survive a federal online gambling ban. If Sheldon Adelson gets his way, regulated sites like WSOP.com would be forced to shut down and sites like Carbon would continue to fill the void. In the past couple weeks the site experienced several significant problems that have left many players concerned about the safety of their accounts and their personal information, as well as with the overall integrity of the games at the site. Server crash leads to data breach The first issue occurred during one of the biggest tournament days in Carbon Poker’s history. On November 23, the Main Event of the Carbon Poker Online Poker Series, along with dozens of other tournaments at the site, were running when the Carbon Poker servers’ crashed, bringing everything to a screeching halt. Site-wide server crashes are rare, but they do happen. Unfortunately for Carbon, this was not a typical server crash, which is bad enough in its own right. According to multiple reports by poker players on social media sites and on the poker forums, the server crash not only caused widespread disconnections, but also caused hole cards to change mid-hand for players still able to log in and play, and even more worrisome, customers were inexplicably able to gain access to other players’ accounts when they tried to log back on to the site. Players reported that this first of its kind (to my knowledge) technical glitch, not only allowed them access to other Carbon Poker’s players accounts, but they were capable of gambling with those funds (including players that were active on the site when the servers crashed), as well as being able to see the accountholders sensitive personal information. A DDoS superuser? As concerning as the server crash and data breach were, things got even worse this weekend when, after several days of unexplained and consistent disconnect issues, widespread rumors began to take hold that targeted DDoS attacks were behind the ongoing technical issues, and were being used to win pots. Following pages of frustration over the ongoing disconnects, the DDoS rumors took hold with an out of left field (something that is not uncommon on 2+2) accusation: I found the hacker that is disconnecting the server. He builds big pots and once he min-raises he crashes the server and scoops the pot. His username is L4ss3m4jj4n. He did it to me a few times and took quite a bit from me at PLO. I then followed him and watched him do it to others. I emailed support so lets see what happens.” And from there it escalated: “Guys, I would normally say this is just somebody coming up with a wild conspiracy theory, but this is serious, everybody should open up this table, it’s table 24 in the $215/125k, something is super super fishy about the way L4ss3m4jj4n is playing, every disconnect has benefited him so far, it seems too obvious if you watch it for a few of the disconnects.” “second time i’m witnessing him betting in big pot and a disconnect taking place.” “Kh8s9d7h board he checks, phat1cat bets 1888 into 3750, l4ss3m4jj4n minraises to 3776 and disconnect.” In addition to the forum gossip, the potential DDoS superuser was also discussed/mentioned on social media by well-known poker players and poker commentators. Click here and also here. As the story began to unfold, over 100 players started monitoring this person’s play as it was being live-streamed on Twitch.com, and at the same time were furiously contacting Carbon Poker customer support en masse to have something done about the situation. You can read a good summary (for those that can’t handle 200 pages of 2+2 posts) of what took place at Carbon Poker/Merge Gaming here. It should be stated, that whether this was a concerted DDOS attack by some nefarious player(s), or if the sites are simply experiencing ongoing technical issues is unclear. What is clear is that unregulated sites make it much harder for players to be treated fairly and properly compensated when these things occur. It also shows the inability of players on unregulated sites to take their grievances to a regulatory body that oversees the site. The important takeaway is, if these types of issues are occurring at Carbon Poker, considered one of the top unregulated online poker sites still serving the U.S. market, what is happening at the other, more suspect, operators? Source: http://www.pokerupdate.com/news/networks-and-rooms/12083-carbon-poker-crash-and-possible-ddos-attacks-highlight-need-for-legalization/

See the original post:
Carbon Poker Crash and Possible DDoS Attacks Highlight Need for Legalization

DDoS attack on Ukraine election commission website

Ukraine’s election commission website has been attacked by hackers on the eve of the country’s parliamentary polls. According to Ukrainian officials, the website came under cyber attack on Saturday, just one day before Ukraine is set to hold general elections. “There is a DDoS attack on the commission’s site,” said the Ukrainian government information security service. A distributed denial-of-service (DDoS) attack slows down or disables a website by flooding it with communications requests. The security service labeled the attack as “predictable” and went on to say that the website’s design insures that it could not be completely taken down and that it is currently completely functional. “If a site runs slowly, that doesn’t mean it has been destroyed by hackers,” the statement added. As for reports that the site was in control of hackers, Markiyan Lubkivskyy, an adviser to the Ukrainian Security Service said, “Any statements regarding the alleged successful unauthorized intrusions into the cyber space of the Central Election Commission or the elements of the elections systems do not correspond to the facts. Hackers are controlling nothing.” Ukraine’s snap elections were called in August as President Petro Poroshenko came under pressure to purge the parliament of lawmakers allegedly tied to the overthrown government of Viktor Yanukovych. As many as 36 million Ukrainians are eligible to take part in the parliamentary elections. The leaders of the breakaway eastern regions of Donetsk and Lugansk have refused to allow the polls to be held in territories under their control, with a population of almost three million. Ukraine’s mainly Russian-speaking regions in the east have been the scene of deadly clashes between pro-Russia protesters and the Ukrainian army since the government in Kiev launched military operations in mid-April in a bid to crush the protests. Source: http://www.presstv.ir/detail/2014/10/25/383623/ukraines-election-website-hacked/

India accounts for 26% of top DDoS traffic

Majority of DDoS traffic in 2014 originated from India, says a new research from Symantec. Of the top 50 countries that witnessed the highest volume of originating DDoS traffic, India accounted for 26 percent of all DDoS traffic, followed by the USA with 17 percent, the research said. The results prove India has a high number of bot infected machines and a low adoption rate of filtering of spoofed packets, but may not imply that people behind the attacks are located in India because DDoS attacks are often orchestrated remotely. However, the study indicates that India is emerging as a hotbed to launch these attacks, potentially because of the low cyber security awareness, lack of adequate security practices and infrastructure, said Tarun Kaura, director, Technology Sales at Symantec India. The year 2014 saw an increase in the compromise of Linux servers, including those from cloud providers. These high bandwidth servers are then used as part of a botnet to perform DDoS attacks. The so-called “Booter” services can be hired for as little as INR 300 ($5 USD) to perform DDoS attacks for a few minutes against any target. Longer attacks can be bought for larger prices. They also offer monthly subscription services, often used by gamers to take down competitors. As the most attacked sector globally, the gaming industry experiences nearly 46 percent of attacks, followed by the software and media sectors While it’s not happening on a broad scale now, it’s likely we’ll see an increase in DDoS attacks originating from mobile and IoT devices in the future, Symantec said. DDoS attacks make an online service unavailable by overwhelming it with traffic from multiple sources. A Domain Name Server (DNS) amplification attack is a popular form of DDoS, which floods a publically available target system with DNS response traffic. Symantec’s research indicates that DNS amplification attacks have increased by 183 percent from January to August 2014. Motivations behind DDoS Attacks include hacking and financial blackmail with the threat of taking the business offline personal grudge. It also acts as a diversion technique to distract IT security response teams while a targeted attack is conducted. Source: http://www.infotechlead.com/2014/10/24/india-accounts-26-top-ddos-traffic-symantec-26196

Originally posted here:
India accounts for 26% of top DDoS traffic