Tag Archives: stop-ddos

Coinkite Is Closing Down Its Web Wallet Citing Legal and DDoS Issues

Coinkite, the popular wallet and hardware payment network service provider, has announced it is closing down its web wallet to focus on other projects after legal issues and DDoS attacks have impeded the use of the wallet. Hardware products focus After a noticeable lack in posting on their blog after incredibly frequent posting over the last three years, Coinkite CT r: 24 has announced it is shutting down its web wallet service. Users of the service need not worry about the hardware aspect of Coinkite, as that will remain unaffected, and the team in fact hopes to expand it. “We are winding down the web wallet part of Coinkite so that our team can focus on a number of new products that are more decentralized and embodied as hardware products. We’re still big Bitcoin fans, supporters and Hodlrs, and although Coinkite has been great adventure in the SaaS business, we want to spend more time where our heart is, hardware products, software-”not-as-a-service”, and other exciting new possibilities.” Under DDoS since the first month Coinkite cited the legal issues associated with being a centralized Bitcoin CT r: 8 service, and hence the financial strain brought about by lawyers, and non-stop DDoS-ing since launch for the closing down of the service. “Being a centralized bitcoin service does attract attention from state actors and other well funded pains in the butt, and as a matter of fact, we’ve been under DDoS since the first month we launched—over three years–yay. Plus we have put real fiat dollars into our lawyers’ pockets, to defend our customers from their own governments. This is not what we love to do, which is coding and delivering awesome services.” Programmers-turned-businessmen an issue Part of the issue in the cryptocurrency industry is that many of those who are choosing to create businesses in this newly-fledged sector, are fundamentally programmers, and as such are ill-equipped to deal with the likes of lawyers and regulators. The simple solution to this problem is greater co-operation between the financial industry and the cryptocurrency industry. The financial sector has been around for far, far longer than the cryptocurrency industry. It has the infrastructure, processes, and people already in place to deal with a lot of the issues facing these programmers-turned-businessmen, and if more startups are to succeed, they are going to need to implement them. Source: http://cointelegraph.com/news/coinkite-is-closing-down-its-web-wallet-citing-legal-and-ddos-issues

See the article here:
Coinkite Is Closing Down Its Web Wallet Citing Legal and DDoS Issues

Bitcoin Startup Quits Operation Due to Never-Ending DDoS Attacks

Bitcoin’s Secure Wallet Service Coinkite Inc. Closing Down due to never-ending DDoS Attacks and Governmental Nagging Bitcoin exchanges around the world face cyber attacks every now and then, some owners give up while some fight back . In the case of Bitcoin startup Coinkite Inc., it is now officially announced that its secure wallet service, which started in 2012, will be closed within the next 30 days. It has also been made clear that customers must withdraw funds from their wallets by the end of this period. If any of the users fail to do so then their Bitcoin will be automatically credited to them. Prior to closing down all of the services, its TOR accessibility and application program interface of Coinkite will be closed for 14 days while their annual pre-paid plans’ prorated balances will continue to be refunded. The startup was under DDoS attacks for last three years The company now aims to focus upon hardware-oriented products such as the upcoming physical Bitcoin project Opendime. It will be a full-fledged standalone Bitcoin terminal or hardware wallet that will be equipped with a printer as well as QR scanner. Moreover, the company will be focusing upon hardware products for security optimization and authentication, all-purpose standalone Bitcoin solutions and services for hosting Bitcoin hot wallets. Since its inception, Coinkite was marketed as the most convenient and secure way to accept and exchange Bitcoin, the digital currency. The company claimed that it provided users the world’s “most advanced web wallet system.” It was considered a system that empowered customers and merchants to “BUY, SELL, ACCEPT and STORE Bitcoins and other cryptocurrencies, in both the online and physical worlds.” Why is Coinkite Closing the Secure Wallet Service NOW? The decision apparently is the outcome of the constant harassment that the online Bitcoin wallet service has been dealing with. In a blog post , it was revealed by the company that they had been receiving Distributed Denial of Service or DDoS attacks constantly over the past three years. They also have become tired of the attempts by governmental agencies for interrupting into their clients’ privacy. The CEO of the company Rodolfo Novak told CoinDesk that they wanted to shift their focus from software to hardware because their meager resources were being drained further by the “bullshit” that they have been experiencing. “We want to write software, not deal with lawyers and DDoSing…One of the main issues with SaaS is all the free users and need support and we want to provide good support. All these things have costs,” clarified Novak. Source: https://www.hackread.com/bitcoin-exchange-ddos-attacks/

View article:
Bitcoin Startup Quits Operation Due to Never-Ending DDoS Attacks

University of Georgia hit by DDoS Attack

The University of Georgia was the victim of a cyberattack Sunday night which blocked all Internet access for everyone on campus using the school’s network. The DDoS — distributed denial of service — attack came from outside UGA’s network, and began about 6:10 p.m., according to an email sent Monday by Timothy Chester, UGA’s vice president for information technology. A DDoS attack floods a target’s computer network with traffic, leaving the victim’s use of its websites and computer systems unavailable. During the incident, the university’s entire 20 gigabytes per second of Internet capacity was saturated with outside network traffic, which blocked access campus users. UGA purchases its Internet connectivity through a nonprofit consortium, called Southern Crossroads, which is operated by Georgia Tech. School officials worked with Southern Crossroads to isolate the attack and began blocking it about 10 p.m., Chester’s message said. The attack ended shortly after that. As of Monday morning, officials had found no evidence that systems or data maintained by UGA had been compromised. Colleges and universities have increasingly been the target of these types of cyberattacks. Last year, Rutgers University students requested tuition refunds after the school experienced its fifth DDoS attack in a year. Arizona State University was also hit by a DDoS attack in April, blocking access to its Internet network a week before final exams. Some campuses are not currently equipped to identify DDoS attacks, and may not have a method for effectively mitigating them, industry experts say. “I personally regret that many of you experienced a disruption as you were preparing homework, getting ready for class or doing other University work and I offer my apologies,” Chester said to the campus community in the message. UGA plans to review the incident with federal, state and local law enforcement, and work with the University System of Georgia on reducing the risks of these types of attacks in the future. Source: http://www.ajc.com/news/news/local-education/university-of-georgia-hit-by-cyberattack/nqtN9/

Read the original post:
University of Georgia hit by DDoS Attack

D.O.J. Charges Iran-Sponsored Hackers with Dozens of DDoS Attacks on Major Financial Institutions

No less than 46 U.S. financial institutions, as well as a dam in New York, were allegedly targeted. On Thursday morning, the Department of Justice unsealed an indictment against seven Iranian citizens allegedly funded by the Islamic Revolutionary Guard Corps, accusing them of launching a coordinated cyber-attack against a minimum of 46 American financial institutions, as well as a major New York dam. In a press conference with some of American law enforcement’s heaviest hitters, including F.B.I. director James Comey and U.S. district attorney Preet Bharara , Attorney General Loretta Lynch announced that members of two Iran-based computer companies, ITSecTeam and the Mersad Company, had launched coordinated distributed denial of service (DDoS) attacks against the Web sites of dozens of financial institutions, including the New York Stock Exchange, Bank of America, Capital One, ING, and AT&T, disabling them and preventing their customers from accessing their accounts. In addition, one of the alleged hackers, Hamid Firoozi , was said to have illegally accessed a computer in charge of the Bowman Dam in Rye, New York, giving him the ability to remotely control its operations and potentially cause “a threat to public health or safety.” According to the Department of Justice, the two groups received funding from the Islamic Revolutionary Guard, the elite government militia tasked with defending Islamic law in Iran. Lynch said in a statement that the attacks not only cost these companies “tens of millions of dollars” to restore their Web sites, but highlighted how foreign cyber-attacks have become a major threat to U.S. national security. “In unsealing this indictment, the Department of Justice is sending a powerful message: that we will not allow any individual, group, or nation to sabotage American financial institutions or undermine the integrity of fair competition in the operation of the free market,” she said in the prepared statement. According to the indictment, the DDoS attacks took place over 176 days between 2011 and 2013. The attacks on U.S. targets took place after Iran’s nuclear capabilities were sabotaged by the Stuxnet virus, believed to have been a joint effort between the U.S. and Israeli governments, in mid-2010. The indictment also comes after a series of high-profile cyber-attacks on the United States government. In 2014 alone, the government experienced more than 61,000 attacks on their computer systems, affecting several administrative agencies such as the State Department, the Energy Department, and the White House. Last year, the Office of Personnel Management (O.P.M.) was the target of the largest attack to date, in which Chinese hackers stole sensitive personal information from 21.5 million past and present government employees. During the press conference Thursday morning, Comey said that the indictment was meant to show the world that the U.S. government was ready to respond to foreign-based cyber-attacks, no matter where they came from or the scale of the attack. “By calling out the individuals and nations who use cyber-attacks to threaten American enterprise, as we have done in this indictment, we will change behavior,” he said. Source: http://www.vanityfair.com/news/2016/03/doj-iran-hacker-indictment

See more here:
D.O.J. Charges Iran-Sponsored Hackers with Dozens of DDoS Attacks on Major Financial Institutions

Hackers Target NASA with DDoS Attack, Claim to Shutdown Email Servers

Anonymous-linked Hackers Attack NASA’s System for Allegedly Keeping a Huge Secret Anonymous is a loosely connected group of hacktivists that doesn’t appreciate governments keeping secrets or conducting operations that somehow violate user privacy. So, to register their resentment what they do is attack the agency’s systems and hack critically important data. The same modus operandi was employed by an Anonymous-linked team of hackers called New World Hacking and AnonCorruption when they learned that NASA was “holding back information on many things, not just one.” NASA’s computer systems, allegedly, were attacked by New World Hacking team’s hacktivists and their supporters on Sunday night as part of a bigger campaign against government cover-ups called Operation Censorship or #OPCensorship. The hackers claimed that they have managed to shut down the space agency’s primary website and email servers. The attack was materialized through the most commonly used weapon called DDoS attack . However, NASA’s website was still found to be operational instead of being down as per the claims from the hacker group. But, the New World Hacking team provided proof, which suggested that some of the space agency’s systems were suffering from the aftershocks of what is termed as a digital blitzkrieg. Remember, the NWH is the same group who claimed responsibility for shutting down Xbox online service , BBC news servers , HSBC UK’s online banking, the official website for Donald Trump’s election campaign, Salt Lake city Police and airport websites . “NWH hackers vow to target Trump in their next cyber attack” While talking to HackRead, the group stated that NASA was attacked because they were convinced that the agency has important information about the extremist organization ISIS but it is withholding the information. The group also refused to reveal the secret information about ISIS. The attack hasn’t been confirmed or denied by NASA and we cannot possibly verify if the hacktivists’ claims are true or not since the site is working. Hackers also shared an inside screenshot and claimed that they could access the NASA’s Internet email server: Hackers claim they were able to get into the NASA server, however, the security implemented on the server didn’t let them go any further “We believe NASA is holding back information on many things, not just one. The main thing we suspect they are holding back some more information on ISIS that the public needs to know.We won’t tell the public what we think they are hiding – we will let NASA explain.” They also added that this attack is more like a practice run for the most important campaign against Donald Trump, which they plan to execute on April Fool’s day. “We want Trump to know that he is next,” the hackers added. Source: https://www.hackread.com/hackers-ddos-shutdown-nasa-website-email-server/

View article:
Hackers Target NASA with DDoS Attack, Claim to Shutdown Email Servers

Swedish newspaper websites shut down in DDoS attack

The online editions of Sweden’s main newspapers were knocked out for several hours by unidentified hackers at the weekend, police said Sunday as they launched an investigation. The attack was “extremely dangerous and serious,” the head of the Swedish Media Publishers’ Association, Jeanette Gustafsdotter, told Swedish news agency TT. “To threaten access to news coverage is a threat to democracy,” she said. No one has claimed responsibility for the attacks, which either partially or totally shut down the sites of Dagens Nyheter, Svenska Dagbladet, Expressen, Aftonbladet, Dagens Industri, Sydsvenskan and Helsingborgs Dagblad on Saturday evening from about 8:00 pm (1900 GMT) until about 11:00 pm (2200 GMT). Several experts quoted in the media suggested the sites were subjected to distributed denial-of-services (DDoS) attacks, in which hackers hijack multiple computers to send a flood of data to the target, crippling its computer system. Police said in a statement they had launched an investigation, and Swedish intelligence was also being kept abreast of developments. An anonymous threat was issued on a Twitter account shortly before the attack. The account was attributed to J@_notJ. “The following days attacks against the Swedish government and media spreading false propaganda will be targeted,” the first tweet read. An hour later, a second tweet read: “This is what happens when you spread false propaganda. Aftonbladet.se #offline”. Source: https://www.enca.com/technology/swedish-newspaper-websites-shut-down-hacker-attack

More:
Swedish newspaper websites shut down in DDoS attack

Altcoin exchange Poloniex affected by DDoS attack

Until last night, it had been a while until DDoS attacks affected any of the popular bitcoin and altcoin exchanges. The latest reports now indicate that a couple of hours ago, popular bitcoin exchange Poloniex was the target of a strong DDoS attack, which not only took the site offline, but it also affected the API, and therefore forced the exchange to stop carrying out transactions. The announcement was made via a Twitter post, which read: ‘It appears we’re under a DDoS attack. We’re investigating and working on getting the site back online as quickly as we can’. Luckily, the security team behind the company managed to quickly mitigate the attack, and restore service. However, it is believed that the attack was in fact a stress test, meant to differently target the attack next time, or even force the exchange to make a security mistake. This strategy has been put to use before, so Poloniex will have to be particularly careful in the near future. For those who do not know, Poloniex can be considered one of the best altcoin exchanges, as it works hard to introduce as many coins as possible, while also keeping the services up and running at all times. In our review of the exchange, The Merkle also noted its friendly customer support, trading fee structure and more. Based on everything that has been outlined so far, what do you think about the DDoS attack carried out on Poloniex? Was it the full attack, or just a simple stress test? Let us know your thoughts in the comment section below. Source: http://themerkle.com/altcoin-exchange-poloniex-affected-by-ddos-attack/

Original post:
Altcoin exchange Poloniex affected by DDoS attack

Health orgs hit with cyberattacks every month

Healthcare organizations “are in the crosshairs” of cyber attackers, suffering one hack per month over the last year, with about half experiencing an incident involving the loss or exposure of patient information and another third unsure whether or not data was exposed, according to a new report. Conducted by the Ponemon Institute for security software company ESET, the report questioned 535 IT security practitioners from a variety of healthcare organizations, including private and public providers as well as government agencies, and found an industry beset by security breaches of all kinds. “With cyber attacks against healthcare organizations growing increasingly frequent and complex, there is more pressure to refine cybersecurity strategies,” the report’s authors wrote. “The State of Cybersecurity in Healthcare Organizations” also found that organizations struggle to deal with a variety of threats, including system failures (79 percent), unsecure medical devices (77 percent), cyberattackers (77 percent), employee-owned mobile devices or BYOD (76 percent), identity thieves (73 percent) and unsecure mobile devices (72 percent). Despite citing unsecure medical devices as a top security threat, only 27 percent of respondents said their organization has guidelines for medical devices as part of its cybersecurity strategy. The most common security incident sited was the exploitation of existing software vulnerabilities greater than three months old, according to 78 percent of respondents. Web-borne malware attacks were named by 75 percent of respondents. Following next were exploits of existing software vulnerability less than three months old (70 percent), spear phishing (69 percent) and lost or stolen devices (61 percent), according to the study. What’s more, participating organizations were only partly effective at preventing attacks. Almost half (49 percent) said their organizations experienced situations when cyberattacks have evaded their intrusion prevention systems (IPS), but many respondents (27 percent) were unsure. Another 37 percent said their organizations have experienced cyber attacks that evaded their anti-virus (AV) solutions or traditional security controls but 25 percent were unsure. On average, organizations have an APT incident every three months. Only 26 percent of respondents say their organizations have systems and controls in place to detect and stop advanced persistent threats (APTs) and 21 percent are unsure. On average, over a 12-month period, organizations had an APT attack about every 3 months (3.46 APT-related incidents in one year), the survey said. As for the consequences of theses breaches, 63 percent of respondents said the primary consequences of APTs and zero day attacks were IT downtime, followed by the inability to provide services (46 percent), while 44 percent said these incidents resulted in the theft of personal information. In addition, DDoS attacks have cost organizations on average $1.32 million in the past 12 months, the survey said. Healthcare organizations in the report spend an average of $23 million on IT and approximately 12 percent is allocated to information security. “Since an average of $1.3 million is spent annually just to deal with DDoS attacks, the business case can be made to increase technology investments to reduce the frequency of successful attacks,” the report said. Source: http://www.govhealthit.com/news/ponemon-health-orgs-hit-cyberattacks-every-month

More:
Health orgs hit with cyberattacks every month

Customers of large NZ website company Zeald have been hit by DDoS attack

Customers of a large New Zealand website design company have had their websites shut down due to a cyber attack believed to target one or more of the company’s customers. Customers of Zeald were informed on Thursday that some clients had experienced outages with their websites in recent weeks. The company, formed in 2001, with thousands of customers in New Zealand and Australia, has told clients the outages were caused by Distributed Denial of Service (DDoS) attacks. These attacks attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. They present a major challenge to making sure people can publish and access important information. “Simply put, a DDoS attack simulates millions of computers trying to access a website at the same time. This puts tremendous stress on the online infrastructure, and can make access to a website difficult, or impossible,” the company said in its email. “We believe these attacks are targeted at one of our customers,” it said. It said the attacks were difficult to resolve and were a rapidly expanding class of security attack. They did not involve ‘hacking’ and did not lead to the loss of confidential information, but they made it impossible to access a site. “They can be created by attackers with limited technical skill but options for dealing with them are extremely limited”. “Working with our upstream providers, we have been able to stop these attacks temporarily by blocking international traffic. Unfortunately, these attacks keep resuming and are no longer isolated to international traffic alone. These attacks are also causing major issues for our upstream providers as well as the other websites and services that they provide,” it said. “If you have experienced any kind of extortion attempt or communication threatening an attack like this please let us know. Any feedback regarding recent threats will be treated in the strictest confidence. If we know the target of the attack there are measures we can put in place to eliminate the problem”. Source: http://www.stuff.co.nz/technology/77539929/customers-of-large-nz-website-company-zeald-have-been-hit-by-cyber-attack

Excerpt from:
Customers of large NZ website company Zeald have been hit by DDoS attack

You don’t need a website to get hit by DDoS

Just because your business doesn’t have a website, that doesn’t mean it can’t be a victim of a DDoS (distributed denial of service) attack. This sentence might not make much sense at this point, but keep reading. Security firm Kaspersky Lab and researchers B2B International looked at what cyber-crooks go for when attacking businesses and enterprises, and here’s what they came up with: Last year, 16 per cent of companies (globally), were victims of a DDoS attack. Among enterprises, the percentage jumps up to 24. For most, external activities, such as websites, were targeted. Among half, websites had been hit, logins and portals were attacked in 38 per cent of cases, while communications services were attacked 37 per cent of times. Transactional systems had been affected in 25 per cent of cases. But also, in 25 per cent of cases, file servers had been hit, and 15 per cent said their operational systems were targeted. Another 15 per cent said a DDoS attack hit their ISP network connectivity. “It’s important to take a DDoS attack seriously. It’s a relatively easy crime to perpetrate, but the effect on business continuity can be far-reaching. Our study found that alongside the well-publicised impact of an attack, such as website downtime, reputational damage and unhappy customers, DDoS hits can reach deep into a company’s internal systems. It doesn’t matter how small the company is, or whether or not it has a website; if you’re online, you’re a potential target. Unprotected operational systems are just as vulnerable to a DDoS attack as the external website, and any disruption can stop a business in its tracks,” said Evgeny Vigovsky, Head of Kaspersky DDoS Protection, Kaspersky Lab. Source: http://www.itproportal.com/2016/02/29/you-dont-need-a-website-to-get-hit-by-ddos/

See the original article here:
You don’t need a website to get hit by DDoS