Tag Archives: var-username

Could Tor fall victim to a DDoS attack in 2015?

Tor users could be targeted by police next year as governments seek to combat crime and reduce political dissent, according to a researcher at the security firm Cloudmark. Andrew Conway claimed the anonymity network is “reasonably fragile”, with police able to unmask service providers by comparing traffic spikes, generated by distributed-denial-of-service (DDoS) attacks, from just a small number of endpoints. He added that the network was at risk of a complete shutdown if a government decided to launch a massive DDoS attack against it, which would overload the system with traffic. Conway said: “There are only a few thousand endpoints where Tor connects to the rest of the internet. Attacking those with a DDoS is well within the capability of many organisations and states.” “I think some oppressive regimes may decide that they have had enough of their dissidents using it and just want to shut the thing down, or some group in law enforcement may decide the same.” The security of Tor was called into question when the FBI arrested Blake ‘Defcon’ Benthall in November for his alleged work on the second iteration of Silk Road, an ecommerce site specialising in contraband that could only be accessed through Tor. Conway added that the police mole planted in the second Silk Road admin team was “probably” involved in the arrests that caused the first version’s collapse, and that he suspected they had used the DDoS and endpoint approach to monitor network traffic. Despite this, he said police are still unable to track down Tor user’s IP addresses, which would be necessary to identify those purchasing contraband online. “[Tor] still does give a level of anonymity for people looking for child pornography, but not if they are providing it,” he said. Source: http://www.cbronline.com/news/security/could-tor-fall-victim-to-a-ddos-attack-in-2015-4468576

Read the article:
Could Tor fall victim to a DDoS attack in 2015?

Channel mis-selling firewalls leads to DDoS attacks

The channel mis-selling firewalls to their customers as protection against DDoS (Distributed Denial of Service) attacks is partly to blame for the escalating number of attacks on enterprises. Dave Larson, CTO of Corero claims that tTraditional security solutions such as firewalls and IPS technology can’t handle the complexity of the modern DDoS attack – and even the more recent next generation firewalls can only provide a marginal benefit in fighting the attacks. Nevertheless, a survey conducted by Corero in 2013 had 40 percent of organisations stating they were relying on firewalls to protect them against DDoS attacks. “We see confusion in the market every day. DDoS protection vendors are fighting for mindshare with the end user community because there is still a vast misunderstanding about what DDoS is all about, and what it takes to eliminate the problem,” says Larson. “The problem is that firewall solutions are not well positioned to show the extent of the problem. Most organisations are shocked at the level and frequency of DDoS activity in their environment once they deploy a targeted in-line DDoS solution that is capable of exposing the threat.” He continues: “Proper DDoS protection is more than a ‘checkbox’ on a traditional security tool . Clicking the’DDoS on’ button on a firewall is not going to protect the business from the sophisticated and adaptive DDoS attacks that are taking down organisations, and distracting security teams from breach activity,” he explains. Larson concedes the channel is not deliberately advising customers to purchase the wrong protection, but “it is a matter of better education around why purpose built in-line appliance-based protection will allow their customers to properly defend against the modern DDoS attack landscape.” “There is no question that firewall technology is a tried and true security solution—a requirement for the majority of businesses. They key here is that that the channel can and should introduce dedicated DDoS protection as an additional layer to their overall security architecture. Implementing first line of defence technology to defeat DDoS at the very edge of the network allows all downstream technology infrastructure , like firewalls and intrusion prevention systems (IPS), to perform as intended. “There is a real opportunity for the channel to gain mind share , and ultimately revenue growth by understanding, and tapping into the DDoS market, this opportunity would complement the selling of traditional security solutions rather than replace them.” Source: http://www.channelpro.co.uk/news/8865/channel-mis-selling-firewalls-leads-to-ddos-attacks

View article:
Channel mis-selling firewalls leads to DDoS attacks

Sony Pictures not using Amazon Web Services to DDoS illegal file-sharing websites

Reports this week claimed Sony Pictures were carrying out denial of service attacks against certain websites which were sharing files stolen in the devastating cyber-attack against the studio. The sources speaking to Recode said that Sony Pictures was using Amazon Web Services’ (AWS) cloud computing infrastructure in Tokyo and Singapore to flood websites which are sharing the files illegally, but this claim has now been denied by the company involved. A spokesperson for AWS has however categorically denied that this is the situation, telling IBTimes UK : AWS employs a number of automated detection and mitigation techniques to prevent the misuse of our services. In cases where the misuse is not detected and stopped by the automated measures, we take manual action as soon as we become aware of any misuse. Our terms are clear about this. The activity being reported is not currently happening on AWS. It is unclear if Sony Pictures is carrying out the attacks suggested by the sources speaking to Recode, and simply using another computing infrastructure, or if the studio is not actually carrying out these attacks at all. Martin McKeay, who works with cloud services provider Akamai, told ITSecurity Guru that there could be some truth in the speculation: “It has the potential for being true and not utterly impossible to be some truth to this, and I don’t think it is utterly impossible that they are doing it through some third party who is doing this via AWS,” he said. “There are some systems out there for doing load testing and some of them can be done through AWS and can generate traffic like that, but what is more likely is that they are feeding the torrent sites with false information and causing a DDoS in that way.” Tim Erlin from Tripwire told IBTimes UK  that if there is truth to the rumour, it could spell even more trouble for Sony Pictures: “Taking the step to ‘hack back’ against perceived legitimate targets, based on their own assessment of guilt, presents a myriad of potential legal problems. If Sony manages to disrupt, intentionally or accidentally, a legitimate service in the process, they may be adding to their problems, rather than improving the situation.” Sony Pictures has not commented on these reports, but the company is still trying to get its systems back fully under its control since the studio was attacked by a group of mysterious hackers called Guardians of Peace almost three weeks ago. “ The movie of terrorism” The group, which claims to have stolen “tens of terabytes” of information from Sony Pictures, released the latest tranche of stolen documents on Wednesday. Along with releasing copies of Sony Pictures’ films, the leak includes personal and financial information of thousands of the company’s employees, internal emails from executive discussing high profile stars like Angelina Jolie and films like Jobs, the Steve Jobs biopic. The leaked data has also included highly sensitive information on actors’ salaries and the amount of money that it is being paid by Netflix for its films. Source: http://www.ibtimes.co.uk/sony-pictures-not-using-amazon-web-services-ddos-illegal-file-sharing-websites-1479230

Read More:
Sony Pictures not using Amazon Web Services to DDoS illegal file-sharing websites

PTS calls for concerted action after TeliaSonera DDoS attack

Swedish postal and telecoms regulator PTS said it will call telecommunications operators to a meeting in January following two distributed denial of service (DDoS) attacks recently. TeliaSonera’s mobile and fixed internet traffic was affected on 09-10 December, but PT did not say when the other had taken place. The regulator said the latest offensives had even affected the operators’ infrastructure and critical systems, which is unusual. As such problems can hit any operator, PTS sees the need for a dialogue in the sector to identify what action can be taken to prevent any such problems in the future, and how operators and authorities can cooperate to mitigate the fall-out of an attack.   UPDATED: The high-profile hacking attack on Swedish internet giant Telia has been linked to a police raid on Pirate Bay, which experts say “provoked feelings” among hackers. UPDATED: The high-profile hacking attack on Swedish internet giant Telia has been linked to a police raid on Pirate Bay, which experts say “provoked feelings” among hackers. The attack has severely affected users of Telia’s online services with many struggling to get a steady connection on Friday. “It started just after 1 o’clock and seems to be the same kind of attack as before,” Henrik Johansson of Telia told the TT news agency. David Jacoby, chief researcher at data security firm Kaspersky Lab said the attack likely stems from a police raid earlier this week against the file-sharing Pirate Bay in Stockholm. Swedish cops briefly ground the site with its Swedish domain name before it come online again a few hours later with a different domain name. According to Jacoby the group that claims to be behind the Telia attack, Lizard Squad, is one of many underground groups involved in the anonymous Pirate Bay movement. “These attacks don’t come from nowhere. The Pirate Bay raid has provoked feelings in these groups,” Jacoby told the TT news agency. He added; “There will most likely be more similar attacks against film companies, games companies and public authorities,” he said. Twitter has already closed two accounts linked to the Lizard Squad in the wake of the attack. A previous attack over Tuesday and Wednesday also caused headaches for the company. A Telia spokesman told The Local at the time that the company had put “technical arrangements in place to ensure [an attack] won’t happen again”. Lateon Thursday, a well known hacking collective called Lizard Squad claimed responsibility for the attacks. It is understood that Lizard Squad was targeting gaming company Electronic Arts, which uses Telia for net connection. The group has a long history of carrying out DDOS attacks, which entails a website being bombarded with communication requests so that the servers become overloaded and the site crashes. The group has targeted XBox Live and the Playstation Network in the past, and even tweeted out a bomb threat to a plane carrying a Sony executive. Over five million Swedes use Telia to provide their home phones, TV and mobile services. The company is part-owned by the Swedish state. Sources: http://www.telecompaper.com/news/pts-calls-for-concerted-action-after-teliasonera-ddos-attack–1054899 http://www.thelocal.se/20141212/telia-hit-again-in-new-hacking-attack

See original article:
PTS calls for concerted action after TeliaSonera DDoS attack

Sony Reportedly Fights Back Against Hackers With DDoS Attacks Of Their Own

As many have heard by now, hackers have been chipping away at Sony Pictures, leaking information in the process, such as the salaries of Sony execs, celebrity information, email exchanges, and more. It also does not appear that the hacks are slowing down or that they could be stopping anytime soon. However if you thought that maybe Sony would be taking this lying down, you would be mistaken. According to reports, it seems that Sony Pictures has decided to fight back. How are they doing this? Well by attacking the hackers themselves in the form of a DDoS attack through the use of Amazon Web Services which has data centers located in Tokyo and Singapore. This is actually a tactic used to combat against movie and music piracy to help knock the servers hosting the files offline, but in this case, Sony is hoping that they are able to knock the hackers themselves offline too. It is unclear as to how effective their efforts have been so far, but it’s refreshing to see Sony go on the offensive. So far the hackers claim to have stolen as much as 100TB of Sony Pictures’ files which includes payroll information, financial information, budgets, and even feature films, some of which have already been leaked online. Source: http://www.ubergizmo.com/2014/12/sony-reportedly-fights-back-against-hackers-with-ddos-attacks-of-their-own/?utm_source=mainrss

Read the original:
Sony Reportedly Fights Back Against Hackers With DDoS Attacks Of Their Own

AbleGamers’ weird weekend of porn stars, charity and a worries over a DDoS attack [correction]

AbleGamers believe they became the target of a DDoS attack over the weekend after the charity founders declined to accept funds from porn star Mercedes Carrera because of her connection to the GamerGate movement, according to the gaming and disability charity. But Carrera tells Polygon she had nothing to do with the issues the site ran into over the weekend and that while she is a GamerGate supporter the live stream adult cam show is not connected to GamerGate. “In fact, I was unaware any of this was happening until checking my social media on Sunday,” she said. The disagreement started out as an offer by Carrera to help raise funds for AbleGamers, a website dedicated to gaming and disability. “I chose AbleGamers as I have become friendly with some disabled gamers and wanted to support the mission of providing alternatives in gaming for those who are not fully abled,” Carrera told Polygon. “I see the value in disabled gamers having an opportunity to experience a variety of actions they may not have access to in day to day life.” AbleGamers officials said they were initially open to the idea. “As a sex positive organization, our immediate response was ‘Absolutely,’” according to a post on AbleGamers. “We would be honored to be chosen.” But a thread about the fundraiser on Reddit raised concerns for AbleGamers. “In doing our due diligence we discovered the event organizer was putting together a GamerGate stream that would ‘for now’ be ‘a charity stream’ because they ‘cannot mention that it is a GG stream as it might shy away BZ (Brazzers) and others,’” reads a statement from the organization. According to a message on its official website, AbleGamers “became concerned by the lack of transparency in the original emails having made no mention of GamerGate. We became further alarmed as the post continued adding ‘GamerGate [h]as just weaponized porn.’” Carrera said that AbleGamers emailed the coordinators of the event and said they didn’t want to receive money from the fundraising because of what they read on the Reddit thread, including someone writing that “GamerGate had weaponized porn”. After announcing it would no longer be involved in the charity event, the AbleGamers website began having technical issues, according to site officials. AbleGamers representative Steven Spohn told Polygon that a DDoS attack was confirmed by the website’s host. “When we released our statement, we figured it was traffic,” says Spohn. “Our server is ‘charity level’ which means cheap and no DDoS protection. “When we started getting ‘cannot connect to service’ on the webpage, we called Liquid Web. Three different phone representatives said that it was in fact a DDoS. We relayed the information to our audience as it was happening. Our website is on a cloud server, sandboxed away from others. “So, were we?” Spohn continues. “Our host says so. Could they be wrong? Sure. If LW tells us three techs and their top admin were wrong, then we’ll agree we weren’t [victims of a DDoS attack]. Until then I’m sticking to we were DDoS attacked around 1pm Eastern on Sunday for about 30 minutes.” Carrera is adamant she had nothing to do with the issues, something she goes into in more detail in an open letter on Destructoid. She also said that the fundraiser has never been connected with GamerGate. “The live stream cam show adult content event happening January 2 is not connected to GamerGate,” she said. “However, as I have come out in support of GamerGate’s mission of ethics in journalism and resistance to censorship, it is not surprising that the two became conflated on Reddit. However the show itself is not intended to be a GamerGate sanctioned event. ” She added that the fundraiser is still happening and that a partnership is in the works for who will be the recipient of the money raised. Source: http://www.polygon.com/2014/12/9/7358899/ablegamers-gamergate-mercedes-carrera-ddos

Follow this link:
AbleGamers’ weird weekend of porn stars, charity and a worries over a DDoS attack [correction]

1&1 goes titsup, blames lengthy outage on DDoS attack

UK hosting company 1&1 went titsup late on Tuesday night and struggled to recover this morning, after claiming it had been the victim of a Distributed-Denial-of-Service (DDoS) attack. The website collapsed shortly before 10pm yesterday, and it has taken 1&1 a full 12 hours to get its service back up and running. Readers who told the Reg about the outage said that the service had been flaky for several hours before it keeled over. 1&1 blamed the downtime on a DDoS attack in a tweet.                 However, although the website appeared to be returning to normal, 1&1 had yet to update its customers about the status of its system at time of writing. Customers were still griping about the mysterious outage this morning. Indeed, 1&1 was tight-lipped about the cause of the service disruption on its status page, which made no mention of a system security breach. Last month, Fasthosts blamed a five-hour outage it had suffered on a DDoS attack. Source: http://www.theregister.co.uk/2014/12/10/1_and_1_hosting_firm_claims_ddos_attack_downs_website/  

Read More:
1&1 goes titsup, blames lengthy outage on DDoS attack

66 year old British Rock Guitarist jailed for taking part in 2010 Anonymous DDoS campaign called Operation Payback

Geoffrey ‘Jake’ Commander, a 66-years-old British rock guitarist and part of the Electric Light Band Orchestra (ELO), has been given a a jail sentence for joining the popular online hacktivists collective ‘Anonymous’ and taking part in the famous Operation Payback campaign in 2010 which brought down many financial websites. Washington Times quotes that, “Geoffrey “Jake” Commander, a rock guitarist who has played with the Electric Light Orchestra, George Harrison and Elton John, among others, walked unnoticed through the halls of the U.S. District Court in Alexandria early Friday afternoon” The sentence was given by the Alexandria District Court on Friday following the  admission of guilty plea by ‘Jake.’  The ELO guitarist admitted to his involvement in the Anonymous operation at the hearing before the sentence was pronounced.  He also promised the Judge never to return to the United States after his release.  The authorities said that he could serve only ten days in prison, ‘Jake’ was earlier facing a likely prison sentence of ten years jail time in a federal prison. Operation Payback The Anonymous campaign called Operation Payback was a coordinated attack against the opponents of Internet piracy. Anonymous started the Operation Payback started as retaliation to DDoS attacks on torrent sites by anti piracy lobby.   The Anonymous then allegedly took down many anti-piracy websites all over the world through coordinated DDoS attacks.  After Wikileaks published the leaks of Diplomatic cables in December 2010,  some banks withdrew banking facilities given to Wikileaks.  Anonymous then turned the Operation Payback against such banks which had withdrawn the banking facilities. Geoffrey’s Role in Operation Payback. Reports indicate that Geoffery took part in the IRC chat administered by members of Anonymous collective and joined the 1000 members of Anonymous to launch a DDoS attack against MasterCard.  He was alleged part of the Operation Payback for over 3 hours in which he he contributed to the amplification of the attack by using the LOIC (low-orbit Ion cannon) tool on his PC. MasterCard had reported later that it recorded a $1 million loss due to this DDoS attack.  Geoffery was arrested in 2013 after he returned to the United States with his family, 3 years after the attack. Source: http://www.techworm.net/2014/12/66-year-old-british-rock-guitarist-jailed-taking-part-2010-anonymous-ddos-attack.html

View original post here:
66 year old British Rock Guitarist jailed for taking part in 2010 Anonymous DDoS campaign called Operation Payback

Carbon Poker Crash and Possible DDoS Attacks Highlight Need for Legalization

Recent happenings at what was considered one of the more reliable and trustworthy offshore online poker rooms, Carbon Poker, is simply furthering the case for regulated online poker in the United States. Anyone calling for a ban of online gambling in the U.S. should pay particular attention to what has taken place at Carbon Poker over the past couple weeks, as these are the types of online poker operators that will survive a federal online gambling ban. If Sheldon Adelson gets his way, regulated sites like WSOP.com would be forced to shut down and sites like Carbon would continue to fill the void. In the past couple weeks the site experienced several significant problems that have left many players concerned about the safety of their accounts and their personal information, as well as with the overall integrity of the games at the site. Server crash leads to data breach The first issue occurred during one of the biggest tournament days in Carbon Poker’s history. On November 23, the Main Event of the Carbon Poker Online Poker Series, along with dozens of other tournaments at the site, were running when the Carbon Poker servers’ crashed, bringing everything to a screeching halt. Site-wide server crashes are rare, but they do happen. Unfortunately for Carbon, this was not a typical server crash, which is bad enough in its own right. According to multiple reports by poker players on social media sites and on the poker forums, the server crash not only caused widespread disconnections, but also caused hole cards to change mid-hand for players still able to log in and play, and even more worrisome, customers were inexplicably able to gain access to other players’ accounts when they tried to log back on to the site. Players reported that this first of its kind (to my knowledge) technical glitch, not only allowed them access to other Carbon Poker’s players accounts, but they were capable of gambling with those funds (including players that were active on the site when the servers crashed), as well as being able to see the accountholders sensitive personal information. A DDoS superuser? As concerning as the server crash and data breach were, things got even worse this weekend when, after several days of unexplained and consistent disconnect issues, widespread rumors began to take hold that targeted DDoS attacks were behind the ongoing technical issues, and were being used to win pots. Following pages of frustration over the ongoing disconnects, the DDoS rumors took hold with an out of left field (something that is not uncommon on 2+2) accusation: I found the hacker that is disconnecting the server. He builds big pots and once he min-raises he crashes the server and scoops the pot. His username is L4ss3m4jj4n. He did it to me a few times and took quite a bit from me at PLO. I then followed him and watched him do it to others. I emailed support so lets see what happens.” And from there it escalated: “Guys, I would normally say this is just somebody coming up with a wild conspiracy theory, but this is serious, everybody should open up this table, it’s table 24 in the $215/125k, something is super super fishy about the way L4ss3m4jj4n is playing, every disconnect has benefited him so far, it seems too obvious if you watch it for a few of the disconnects.” “second time i’m witnessing him betting in big pot and a disconnect taking place.” “Kh8s9d7h board he checks, phat1cat bets 1888 into 3750, l4ss3m4jj4n minraises to 3776 and disconnect.” In addition to the forum gossip, the potential DDoS superuser was also discussed/mentioned on social media by well-known poker players and poker commentators. Click here and also here. As the story began to unfold, over 100 players started monitoring this person’s play as it was being live-streamed on Twitch.com, and at the same time were furiously contacting Carbon Poker customer support en masse to have something done about the situation. You can read a good summary (for those that can’t handle 200 pages of 2+2 posts) of what took place at Carbon Poker/Merge Gaming here. It should be stated, that whether this was a concerted DDOS attack by some nefarious player(s), or if the sites are simply experiencing ongoing technical issues is unclear. What is clear is that unregulated sites make it much harder for players to be treated fairly and properly compensated when these things occur. It also shows the inability of players on unregulated sites to take their grievances to a regulatory body that oversees the site. The important takeaway is, if these types of issues are occurring at Carbon Poker, considered one of the top unregulated online poker sites still serving the U.S. market, what is happening at the other, more suspect, operators? Source: http://www.pokerupdate.com/news/networks-and-rooms/12083-carbon-poker-crash-and-possible-ddos-attacks-highlight-need-for-legalization/

See the original post:
Carbon Poker Crash and Possible DDoS Attacks Highlight Need for Legalization

Hacker Group ‘Lizard Squad’ Hits Xbox Live and PlayStation Network with DDoS Attacks

A hacker group used distributed denial of service (DDoS) attacks against two giants in the gaming industry, causing widespread service outages among users. First, Lizard Squad, the self-professed “king of DDoS,” took down Xbox Live early last week. The ensuing outage lasted all of Monday night, with Microsoft support announcing that service had been restored on Tuesday. Shortly after the service interruption occurred, Lizard Squad tweeted “Xbox Live #offline” and announced that they would gift Microsoft a “wonderful” Christmas present this year. It would appear the group is living up to its promise. Later on Friday, Lizard Squad brought down Xbox Live again with another DDoS attack. Xbox 360 users were disproportionately affected by the group’s second attack against Microsoft that week, though Xbox One also experienced some problems. Then late last night on Sunday, Lizard Squad shifted its focus to Sony, which is still in the process of investigating a massive hack, and used a DDoS attack to bring down Sony Entertainment’s PlayStation Network (PSN). The group has also claimed responsibility for bringing down Sony’s online PlayStation store, replacing the homepage with the text, “Page Not Found! It’s not you. It’s the Internet’s Fault.” While service has been restored to PSN, the PlayStation store outage is still ongoing as of this writing. Sony is no stranger to Lizard Squad. The hacker group attacked the tech giant in August earlier this year, causing a massive service interruption among North American users. The group shortly thereafter tweeted that explosives were aboard an American Airlines flight on which Sony Entertainment President John Smedley was flying, causing the plane to be diverted. These recent attacks against Xbox Live and Sony are just the beginning, according to Lizard Squad. On Christmas Day, the hacker group has announced that it will bring down Xbox Live, only this time, it promises that the attack will irreversibly cripple the service, causing the outage to last “forever.” Whether the hacker group makes good on this promise remains to be seen. At any event, we can certainly expect additional attacks from Lizard Squad before this holiday season is over.   Source: http://www.tripwire.com/state-of-security/top-security-stories/hacker-group-lizard-squad-hits-xbox-live-and-playstation-network-with-ddos-attacks/

See more here:
Hacker Group ‘Lizard Squad’ Hits Xbox Live and PlayStation Network with DDoS Attacks