Tag Archives: stop-ddos

DDoS Attacks Up by 75 Percent in Q2 2016

The largest attack detected in the second quarter peaked at 256 Gbps, according to Verisign. According to the Verisign DDoS Trends Report for the second quarter of 2016, the number of distributed denial of service (DDoS) attacks increased by 75 percent year over year. The average peak attack size in the second quarter was 17.37 Gbps, an increase of 214 percent over Q2 2015. Fully 75 percent of attacks peaked over 1 Gbps, and 32 percent exceeded 10 Gbps. The largest and fastest DDoS attack detected by Verisign in Q2 2016 peaked at 256 Gbps for about 15 minutes before settling in at more than 200 Gbps for almost two hours. Sixty-four percent of DDoS attacks detected in Q2 2016 employed multiple attack types, indicating that DDoS attacks continue to increase in complexity. Forty-five percent of DDoS attacks targeted the IT services industry, followed by financial services (23 percent) and the public sector (14 percent). The Kaspersky DDoS Intelligence Report for Q2 2016 found that 77.4 percent of resources targeted by DDoS attacks were located in China. The three most targeted countries for Q2 2016 were China, South Korea and the U.S. While most attacks lasted no more than four hours, 8.6 percent lasted 20-49 hours, and 4 percent last 50-99 hours. The longest DDoS attack in Q2 2016 lasted for 291 hours (12.1 days), a significant increase over the previous quarter’s maximum of 8.2 days. Over 70 percent of all attacks detected by Kaspersky in Q2 2016 were launched from Linux botnets, almost twice the number for the previous quarter. Just under 70 percent of all command and control (C&C) servers were located in South Korea, followed by China (8.1 percent), the U.S. (7.1 percent), Russia (4.5 percent) and Brazil (2.3 percent). And the Nexusguard Q2 2016 Threat Report states that the number of DDoS attacks increased by 83 percent to more than 182,900 attacks in the second quarter. The most targeted countries seen by Nexusguard were Russia, the U.S. and China. “We were surprised to see an increase in DDoS attacks this quarter, especially as hackers experiment with ransomware, phishing schemes and other data-grabbing methods for monetary gain,” Nexusguard chief scientist Terrence Gareau said in a statement. “Organizations can expect cyber attacks to continue growing in frequency this year, especially with more attention on the Summer Olympics and the November election season in the U.S.” “The results from this quarter also show how important it is to not only protect your website, but also to plan for new payloads and attacks on your infrastructure,” Gareau added. Source: http://www.esecurityplanet.com/network-security/ddos-attacks-up-by-75-percent-in-q2-2016.html

See the original article here:
DDoS Attacks Up by 75 Percent in Q2 2016

Hack reveals the inner workings of shady DDoS service vDOS

A web service that helped customers carry out distributed denial-of-service (DDoS) attacks on unsuspecting victims has been hacked revealing data on the customers that availed of this clandestine service. According to security journalist Brian Krebs, vDos was hacked recently and he obtained a copy of the leaked data in July. Upon scrutinizing the database, he claims that vDOS is being run by two Israeli cybercriminals under the pseudonyms of P1st or P1st0 and AppleJ4ck, with associates in the United States. vDOS allegedly offered monthly subscriptions to DDoS attack services, paid in bitcoin or even through PayPal, with the prices based on how long the attack would last. These DDoS attacks would launch fake traffic at victim websites, overwhelming their servers and knocking the sites offline. A particularly strong DDoS attack could cripple a site for days. “And in just four months between April and July 2016, vDOS was responsible for launching more than 277 million seconds of attack time, or approximately 8.81 years’ worth of attack traffic,” Krebs said in his analysis. He added that he believes vDOS was handling hundreds or even thousands of concurrent attacks a day. Kreb’s analysis is based on data from April to July. Apparently all other attack data going back to the service’s founding in 2012 has been wiped away. Krebs’ source for info on the hack was allegedly able to exploit a hole in vDOS that allowed him to access its database and configuration files. It also allowed him to source the route of the service’s DDoS attacks to four servers in Bulgaria. Among the data dump were service complaint tickets where customers could file issues they had with the DDoS attacks they purchased. Interestingly the tickets show that the owners of vDOS declined to carry out attacks on Israeli sites to avoid drawing attention to themselves in their native land. The duo supposedly made $618,000 according to payments records dating back to 2014 in the data dump. “vDOS does not currently accept PayPal payments. But for several years until recently it did, and records show the proprietors of the attack service worked assiduously to launder payments for the service through a round-robin chain of PayPal accounts,” Krebs said. The operators of the DDoS service are believed to have enlisted the help of members from the message board Hackforums in laundering the money. Krebs warned that services like vDOS are worrisome because they make cybercrime tools available to pretty much anyone willing pay. In some cases, vDOS offered subscriptions as low as $19.99. These sorts of tools, also known as booter services, can be used ethically for testing how your site holds up against large swathes of traffic but in the wrong hands they can be abused and sold very easily. “The scale of vDOS is certainly stunning, but not its novelty or sophistication,” Ofer Gayer of security firm Imperva said but added that this new widespread attention on DDoS service might stall them for a while. Source: https://sports.yahoo.com/news/hack-reveals-inner-workings-shady-180952571.html

View article:
Hack reveals the inner workings of shady DDoS service vDOS

DOSarrest Expands Into Second City in Asia

DOSarrest Expands Into Second City in Asia VANCOUVER, BRITISH COLUMBIA–(Marketwired – Aug. 30, 2016) – DOSarrest Internet Security announced today that they have expanded their DDoS protection cloud in Asia, with a new DDoS mitigation node in Hong Kong. The new node will work in conjunction with their existing nodes in New York, Los Angeles, London, Singapore and Vancouver and will have the same connectivity as the others, including multiple 10 Gb/Sec uplinks to multiple carriers. Mark Teolis, CEO at DOSarrest says, “This new Hong Kong scrubbing center will have excellent connectivity in the region including multiple Chinese upstream providers. To compliment the 6 upstream providers there will be an additional 10Gb/Sec link into the Hong Kong Internet Exchange (HKiX) for even better route diversity. Our customers have asked for it and we are delivering” Teolis adds, “Having great connectivity into China allows us to offer our customers great performance using our caching engine and also more importantly it allows us to stop attacks closer to the source if need be.” Jag Bains, CTO at DOSarrest states, “This new Hong Kong node is part of our global capacity expansion that includes, new hardware in all existing locations, plus the addition of 100+ Gb/Sec of Internet capacity. We need this in order to offer some new services that we will be rolling out in 2017.” About DOSarrest Internet Security: DOSarrest founded in 2007 in Vancouver, B.C., Canada is one of only a couple of companies worldwide to specialize in only cloud based DDoS protection services. Additional Web security services offered are Cloud based W eb A pplication F irewall (WAF) , V ulnerability T esting and O ptimization (VTO) as well as cloud based global load balancing . More information at www.DOSarrest.com CONTACT INFORMATION Media Contact: Jenny Wong Toll free CAD/US 1-888-818-1344 ext. 205 UK Freephone 0800-016-3099 ext. 205 CR@DOSarrest.com Source: http://www.marketwired.com/press-release/-2154179.htm

?The top 5 least-wanted malware in any corporate IT infrastructure

Ask a group of people to define malware, and you’re likely to get a range of different answers. The term has become a catch-all description for a broad collection of different cyber threats that keep IT managers awake at night. Categories falling under the malware banner include viruses and worms, adware, bots, Trojans and root kits. Each category is different but all can cause disruption and loss if not detected and quickly removed. Of the malware types in the wild, the top five are: 1. Remote Access Trojans (RATs) RATS comprise malicious code that usually arrives hidden in an email attachment or as part of a downloaded file such as a game. Once the file is open, the RAT installs itself on the victim’s computer where it can sit unnoticed until being remotely trigged. RATs provide attackers with a back door that gives them administrative control over the target computer. This can then be used to steal data files, access other computers on the network or cause disruption to business processes. One of the first examples, dubbed Beast, first appeared in the early 2000s. It was able to kill running anti-virus software and install a key logger that could monitor for password and credit card details. Sometimes it would even take a photo using the target computer’s web cam and send it back to the attacker. 2. Botnets Some liken botnets to a computerised ‘zombie army’ as they comprise a group of computers that have been infected by a backdoor Trojan. Botnets have similar features to a RAT, however their key difference is that they are a group of computers being controlled at the same time. Botnets have been described as a Swiss Army knife for attackers. Linked to a command-and-control channel, they can be instructed to forward transmissions including spam or viruses to other computers in the internet. They can also be used to initiate distributed denial of service (DDoS) attacks similar to the one suspected to have disrupted the Australian census. Some attackers even rent their botnets out to other criminals who want to distribute their own malware or cause problems for legitimate websites or services. 3. Browser-based malware This type of malware targets a user’s web browser and involves the installation of a Trojan capable of modifying web transactions as they occur in real time. The benefit for malware of being in a browser is that it enables it to avoid certain types of security protection such as packet sniffing. Some examples of the malware generate fake pop-up windows when they know a user is visiting a banking web site. The windows request credit card details and passwords which are then sent back to the attacker. Security experts estimate that there have been around 50 million hosts infected by browser-based malware and estimated financial losses have topped $1 billion. 4. Point-of-sale (POS) Malware This is a specialised type of malware that seeks out computers specifically used for taking payments in retail outlets. The malware is designed to infect the computer to which POS terminals are attached and monitor it for credit card details. One example, called Backoff, appeared in late 2013 and managed to infect more than 1000 businesses including the large US-based retailer Dairy Queen. 5. Ransomware This category of malware is designed to take over a computer and make it or the data stored on it unusable. The code usually encrypts data and then the attacker demands payment from the user before providing the encryption key. One of the more prevalent ransomware versions is called Locky and appeared in early 2016. It has already infected a large number of individuals, companies and public facilities such as hospitals. While early examples used poor encryption techniques, ransomware has quickly evolved to the point where many varieties now use industry-standard 256-bit encryption which is effectively impossible to crack without the private key. The best anti-malware steps to take While the impact of a malware infection can be significant for individuals or an organisations, there are steps that can be taken to reduce the likelihood of infection. They include: General awareness It’s important for users to be aware of the threats that malware brings. Staff should be educated about phishing attacks and to be cautious when downloading files or opening attachments from unfamiliar parties. Regular backups Regular back-ups of critical data are a vital part of any security strategy. In larger organisations, a global share drive can be created in which all important files should be stored. This drive can then be backed up as often as is needed. Copies of backups should also be kept offline as an additional layer of protection. Defence in depth In a complex IT infrastructure, there should be multiple layers of security designed to stop attacks. While no single defence can protect completely, creating a defence in depth strategy will ensure systems and data are as secure as they can be. Layered protection should range from firewalls and anti-virus software through to network intrusion and advanced persistent threat tools. By taking a comprehensive and multi-layered approach to security, organisations can reduce the likelihood they will fall victim to malware attacks and avoid the disruptive and potentially costly problems they can cause. Source: http://www.cso.com.au/article/605901/top-5-least-wanted-malware-any-corporate-it-infrastructure/

View original post here:
?The top 5 least-wanted malware in any corporate IT infrastructure

Census 2016 site falls to DDoS attack: ABS

As widely expected, the Census web site fell over last night — but the ABS has said it was with a little help from external players. The Australian Bureau of Statistics has continued its run of outs, scoring an own goal in the Census main event last night, after the agency claimed the site crashed thanks to four denial of service attacks. “The 2016 online Census form was subject to four Denial of Service attacks of varying nature & severity,” the ABS said on Twitterthis morning. “The first three caused minor disruption but more than 2 million Census forms were successfully submitted and safely stored. After the fourth attack, just after 7:30pm, the ABS took the precaution of closing down the system to ensure the integrity of the data.” “Steps have been taken during the night to remedy these issues, and we can reassure Australians that their data are secure at the ABS.” The agency said it would provide an update at 9am Wednesday. The ABS has launched a joint investigation with the nation’s defence intelligence agency into the assault, which ramped up on Tuesday evening as most of the population was going online to complete the survey. “It was an attack,” chief statistician David Kalisch told ABC radio on Wednesday. “It was quite clear it was malicious.” The source of the attacks is unknown but Kalisch said they came from overseas. On Tuesday, Opposition Leader Bill Shorten said that once the Census is completed, the Australian government needs to discuss with parliamentthe increasing retention of names and address data, and the reasons it is being kept. “I think we need to have a good, long look at the whole process to make sure we’re not asking for information we don’t need,” he said. “And to reassure ourselves that what information that is stored, is stored securely.” The Opposition Leader said politicians committed to boycotting the Census were grandstanding. The intrusions will put a spot light on the federal government’s AU$240 million cyber security strategy and the security of government resources online. The ABS confirmed last week that its IBM-developed online Census forms would not be able to handle names with accents or ligatures. The agency later removed a claim made by it that it was rated by the Australian National Audit Office as being in its “Cyber Secure Zone”. Source: http://www.zdnet.com/article/census-2016-site-falls-to-ddos-attack/

More:
Census 2016 site falls to DDoS attack: ABS

If two countries waged cyber war on each another, here’s what to expect

Imagine you woke up to discover a massive cyber attack on your country. All government data has been destroyed, taking out healthcare records, birth certificates, social care records and so much more. The transport system isn’t working, traffic lights are blank, immigration is in chaos and all tax records have disappeared. The internet has been reduced to an error message and daily life as you know it has halted. This might sound fanciful but don’t be so sure. When countries declare war on one another in future, this sort of disaster might be the opportunity the enemy is looking for. The internet has brought us many great things but it has made us more vulnerable. Protecting against such futuristic violence is one of the key challenges of the 21st century. Strategists know that the most fragile part of internet infrastructure is the energy supply. The starting point in serious cyber warfare may well be to trip the power stations which power the data centres involved with the core routing elements of the network. Back-up generators and uninterruptible power supplies might offer protection, but they don’t always work and can potentially be hacked. In any case, backup power is usually designed to shut off after a few hours. That is enough time to correct a normal fault, but cyber attacks might require backup for days or even weeks. William Cohen, the former US secretary of defence, recently predicted such a major outage would cause large-scale economic damage and civil unrest throughout a country. In a war situation, this could be enough to bring about defeat. Janet Napolitano, a former secretary at the US Department of Homeland Security, believes the American system is not well enough protected to avoid this. Denial of service An attack on the national grid could involve what is called a distributed denial of service (DDoS) attack. These use multiple computers to flood a system with information from many sources at the same time. This could make it easier for hackers to neutralise the backup power and tripping the system. DDoS attacks are also a major threat in their own right. They could overload the main network gateways of a country and cause major outages. Such attacks are commonplace against the private sector, particularly finance companies. Akamai Technologies, which controls 30% of internet traffic, recently said these are the most worrying kind of attack and becoming ever more sophisticated. Akamai recently monitored a sustained attack against a media outlet of 363 gigabits per second (Gbps) – a scale which few companies, let alone a nation, could cope with for long. Networks specialist Verisign reports a shocking 111% increase in DDoS attacks per year, almost half of them over 10 Gbps in scale – much more powerful than previously. The top sourcesare Vietnam, Brazil and Columbia. Number of attacks Verisign Scale of attacks Verisign Most DDoS attacks swamp an internal network with traffic via the DNS and NTP servers that provide most core services within the network. Without DNS the internet wouldn’t work, but it is weak from a security point of view. Specialists have been trying to come up with a solution, but building security into these servers to recognise DDoS attacks appears to mean re-engineering the entire internet. How to react If a country’s grid were taken down by an attack for any length of time, the ensuing chaos would potentially be enough to win a war outright. If instead its online infrastructure were substantially compromised by a DDoS attack, the response would probably go like this: Phase one: Takeover of network : the country’s security operations centre would need to take control of internet traffic to stop its citizens from crashing the internal infrastructure. We possibly saw this in the failed Turkish coup a few weeks ago, where YouTube and social media went completely offline inside the country. Phase two: Analysis of attack : security analysts would be trying to figure out how to cope with the attack without affecting the internal operation of the network. Phase three: Observation and large-scale control : the authorities would be faced with countless alerts about system crashes and problems. The challenge would be to ensure only key alerts reached the analysts trying to overcome the problems before the infrastructure collapsed. A key focus would be ensuring military, transport, energy, health and law enforcement systems were given the highest priority, along with financial systems. Phase four. Observation and fine control : by this stage there would be some stability and the attention could turn to lesser but important alerts regarding things like financial and commercial interests. Phase five. Coping and restoring : this would be about restoring normality and trying to recover damaged systems. The challenge would be to reach this phase as quickly as possible with the least sustained damage. State of play If even the security-heavy US is concerned about its grid, the same is likely to be true of most countries. I suspect many countries are not well drilled to cope with sustained DDoS, especially given the fundamental weaknesses in DNS servers. Small countries are particularly at risk because they often depend on infrastructure that reaches a central point in a larger country nearby. The UK, it should be said, is probably better placed than some countries to survive cyber warfare. It enjoys an independent grid and GCHQ and the National Crime Agency have helped to encourage some of the best private sector security operations centres in the world. Many countries could probably learn a great deal from it. Estonia, whose infrastructure was disabled for several days in 2007 following a cyber attack, is now looking at moving copies of government data to the UK for protection. Given the current level of international tension and the potential damage from a major cyber attack, this is an area that all countries need to take very seriously. Better to do it now rather than waiting until one country pays the price. For better and worse, the world has never been so connected. Source: http://theconversation.com/if-two-countries-waged-cyber-war-on-each-another-heres-what-to-expect-63544

Visit site:
If two countries waged cyber war on each another, here’s what to expect

Hong Kong Student Gets Probation Time for DDoS Attack During Occupy Campaign

A judge at the Fanling Court in Hong Kong has sentenced Chu Tsun-wai, 20, of Hong Kong, to 15 months of probation for launching a DDoS attack on a Chinese bank’s website during the 2014 Hong Kong Occupy protests. The judge also ruled that the suspect’s Mac computer be confiscated as punishment for carrying out the attack, SCMP reports. Chu, who is one of the top students at his university, had decided to get involved in the Occupy protests that were taking place in Hong Kong during the autumn of 2014. Teen was inspired by one of Anonymous Asia’s videos The teen saw a video posted online by the Anonymous hacker collective, which was warning Hong Kong police to stop the violence against Hong Kong Occupy protesters. The group threatened to hack government websites and release personal information belonging to Hong Kong police officers. The group also called out for others to participate in its protests. The prosecution says that Chu went online and searched on Google for ways to carry out DDoS attacks. He launched one such DDoS attack against the Shanghai Commercial Bank’s website. Police say that the student sent 6,652 HTTP requests in 16 seconds on the bank’s website, on October 12, 2014. Bank website barely noticed the attack This sounds odd since a Web server should, in theory, be capable of handling much more than 6,000 requests per second, but Chinese authorities have come down hard on people who participated in the protests, to begin with. The judge was lenient on Chu because this was his first offense and because the bank’s website didn’t go offline. Chinese news outlet Ejinsight reports that one of Chu’s professors wrote the judge a letter asking the judge to give the suspect a second chance. Public broadcaster RTHK reported that Chu also stands to face disciplinary hearings at his university. Below is the original video that started it all, with the Anonymous group calling out for attacks against Hong Kong police officials during the Occupy protests. Source: http://news.softpedia.com/news/hong-kong-student-gets-probation-time-for-ddos-attacks-during-occupy-campaign-506720.shtml

View article:
Hong Kong Student Gets Probation Time for DDoS Attack During Occupy Campaign

Internet Service Providers Under DDOS Attack in Mumbai, Probe Ordered

“Thus, an attack on ISPs is an attack on the nation”. Internet Service Providers (ISPs) in Mumbai are facing an unprecedented attack by hackers which has reduced surfing speeds in the city. Inspector General of Police (Cyber Crime) Brijesh Singh said, “Some unknown people are involved in crashing the ports of Internet Service Providers by making lakhs of requests at a particular terminal at a particular time, which we call “Distributed Denial Of Service”. According to the post on The Hindu, IGP (Cyber Crime) Brijesh Singh said, ‘An FIR has been filed with the Cyber police station in BKC under sections 43 (F) and 66 of the Information Technology Act. They also said the attack was still being carried out. “We have registered an FIR and started tracking down the operators who are trying to crash the servers or ports of ISPs”, he said, adding that the attack has slowed down the internet services and affected subscribers of ISPs. “We are investigating the matter”. Other than this, it’s not clear which ISPs are affected although this reddit thread claims that Airtel is the primary ISP being DDoSed, which distributes broadband to other smaller companies, leading to network blockages across a wide range of ISPs. The attack, however, still continues. The resources behind the attack have to be considerable. “Kindly bare with us as we are trying to solve this problem in very short period with the help of high skilled technicians. please be with us and let’s fight against these hackers (sic)”. As of Monday morning, small and medium ISPs are still struggling to provide uninterrupted service to users. IT expert Vijay Mukhi says, “The idea of a DDoS is to make a computer or a server very slow so that anyone who uses an ISP’s services can not connect. All a hacker has to do is buy enough infected IP addresses and use them for a DDOS attack”. Typically, DDoS attacks are targeted at big websites or platforms with the intention of taking them down or blocking access to them. Source: http://nanonews.org/internet-service-providers-under-ddos-attack-in-mumbai/

More:
Internet Service Providers Under DDOS Attack in Mumbai, Probe Ordered

HSBC Website Suffers DDoS Attack

OurMine Hacking group conducted a massive DDoS attack on HSBC websites forcing the sites to go offline in UK and the USA! The official domain of HSBC (Hongkong and Shanghai Banking Corporation) came under massive distributed denial-of-service (DDoS) attack on 12July affecting domain in UK and the USA. The DDoS attack was conducted by OurMine hacking group which previously made headlines for hacking social media accounts of high-profile tech celebrities including Facebook’s Mark Zuckerberg and Google’s Sundar Pichai but this is the second DDoS attack after WikiLeaks last week. Currently, the reason for targeting HSBC bank is unknown though according to SoftPedia the cyber attack was stopped within few hours after one of HSBC’s staffs contacted the attackers. “Hello, We stopped the attack of HSBC Bank! a staff of HSBC Talked with us,” stated the hackers on their official blog. Screenshot shared by attackers shows HSBC’s UK and US domains are down! It is unclear if the bank was targeted for ransom or just for fun, however, this is not the first time when HSBC faced such attacks. In January 2016 hacktivists from New World Hacktivists (NWH) claimed responsibility for a DDoS attack on HSBC’s mobile servers on payday. As far as OurMine is concerned, it is the same group who hacked Google’s CEO Sundar Pichai Quora account which was also linked to his Twitter account, the group also hacked Facebook’s CEO Mark Zuckerberg Twitter and Pinterest accounts and last but not the least the official Twitter account of Twitter’s CEO Jack Dorsey was also taken over by the same group. DDoS attacks have been increasing with every passing day . In the past, DDoS attacks were conducted just for fun or to shut down servers but now hackers attack sites for ransom and keep them down until a ransom is paid. The ProtonMail DDoS attack is a fine example of how these attacks are becoming another online mafia to steal money. At the time of publishing this article, both targeted sites were reachable. Source: https://www.hackread.com/hsbc-website-suffers-ddos-attack/

Read the original post:
HSBC Website Suffers DDoS Attack

IoT Devices Are Being Hacked By Lizard Squad To Execute DDoS Attacks

People who have been following the tech news may recall the name Lizard Squad. This hacker collective has been a major pain in the neck for computer users all over the world. But it looks like they are changing tactics. Instead of relying on computer botnets, they are now enslaving other internet-connected devices to wreak more havoc. Lizard Squad Is Still On The Scene While most people agree the Internet of Things is a magnificent concept, it also poses a significant security risk. The majority of Internet-connected devices is not equipped with proper security precautions. In theory, any device connected to the internet can be hacked and taken over by malicious individuals. That seems to what Lizard Squad is showcasing already. The collective has been making a name for itself by using compromised computers to execute DDoS attacks around the world. But it looks like the Internet of Things is their new favorite target as of late. With millions of connected devices to choose from, creating a botnet has never been easier. Over the past few months, Lizard Squad hacked CCTV cameras and webcams all over the world to execute its DDoS attacks. Targets ranged from banks to governments, and gaming sites to ISPs. Albeit internet-connected devices are not always as powerful as a computer, they are much easier to control remotely. Plus, a lot of less-powerful devices combined can still pack quite the punch. Top put this into perspective, some of the recent Lizard Squad attacks managed to drive 400 Gbps of data to specific websites and servers. That is quite a lot of computer requests to bring down any network, or at least cripple it severely. Interestingly enough, it remains unknown whether or not Lizard Squad is trying to force targets to pay up to get rid of the attacks altogether. These attacks paint a worrisome picture for the future of Internet of Things security, though. The vast majority of devices will need to be made a lot more secure before they are actively used on the Internet. Computers are not safe from harm, either, though, as hacker collectives will try to exploit any weakness in any device. Source: http://themerkle.com/iot-devices-are-being-hacked-by-lizard-squad-to-execute-ddos-attacks/

More:
IoT Devices Are Being Hacked By Lizard Squad To Execute DDoS Attacks