Tag Archives: var-username

Hackers upload malicious files on the Obamacare website to launch a DDoS Attack

In what could be another jolt for US President Barack Obama’s dream project ‘Obamacare health insurance program’, a government cybersecurity team last week discovered that an unknown hacker or a group of hackers tried to peep into a computer server supporting the HealthCare.gov website by apparently uploading malicious files. The Centers for Medicare and Medicaid Services, the lead Obamacare agency, on Thursday briefed about the intrusions to top congressional staff. “The first incidence of breach occurred on July 8”, Aaron Albright, CMS spokesman, said. According to Albright, the main objective of the hackers was not to steal personal data but to launch a distributed denial of service (DDoS) attack against other websites. In a DDoS attack, the malwares trying to communicate with the website makes the computers with internet-connectivity so overwhelmed that they fail to handle legitimate requests and lead to crash. “Our review indicates that the server did not contain consumer personal information; data was not transmitted outside the agency, and the website was not specifically targeted. We have taken measures to further strengthen security,” Albright said. Albright also shed out speculations that the attack would adversely impact on the second round of enrollment period, which begins on November 15, for the health coverage under the Obamacare. Meanwhile, the CMS’s parent agency – Office of Inspector General of the Department of Health and Human Services- and the HHS leadership have been notified of the attack and sources say investigation is under process. The Department of Homeland Security spokesperson said that the affected server has been forensically preserved by its Computer Emergency Readiness Team (US-CERT). The agency, which is also responsible in investigating cyber attacks, said that they had identified the malware designed to launch the DDoS attack and extracted them. Source: http://www.wallstreetotc.com/hackers-launch-ddos-attack-on-obamacare-website-server-user-data-safe/28570/

Read this article:
Hackers upload malicious files on the Obamacare website to launch a DDoS Attack

Report on China’s underground services for DDoS Attacks

After analyzing trends in the Chinese underground, Trend Micro found that activity in the marketplace doubled between 2012 and 2013. Upon an even closer look, researchers at the firm also found that the most coveted tools and services in the underground were compromised hosts, remote access trojans (RATs) and distributed denial-of-service (DDoS) attack services. Trend Micro’s new research paper, “The Chinese Underground in 2013,”(PDF) detailed criminal activity facilitated in the space, and in a Thursday interview with SCMagazine.com, Christopher Budd, global threat communication manager at the company, said that, among the products, compromised hosts were most sought after. In the report, Trend Micro defined “compromised hosts” as client workstations or servers that cybercriminals “have gained command and control of” without the owners’ consent. “That makes sense, because the compromised host is a multi-tasker,” Budd said. “It’s kind of a like a Swiss army knife – you can do multiple things with it.” The report also highlighted the going rate last year for popular black market services. Distributed denial-of-service (DDoS) offerings, for instance, were offered for anywhere from $16 per day to nearly $500 for a “lifetime” DDoS toolkit rental, the report revealed. Researchers also monitored underground activity centered around mobile attacks. Trend Micro found that the most in demand offerings were SMS spamming services, SMS servers and premium service numbers. Overall, the report noted that the increased activity in the China’s underground took into account, both the number of participants and the number of product and services offerings in 2013. In his interview, Rudd also noted that attacks, facilitated through shady transactions in China’s underground market, were most often aimed at other users in the country – an ongoing trend that will likely continue. “The participants in the Chinese underground looking inward, and the Russian underground looking outward [in attacks], has been a consistent trend,” Budd said. “And partly, that’s linguistic, because the people in the Chinese underground market [products and services] in Chinese as opposed to English – [but] it’s a combination of cultural and linguistic factors,” he said. Source: http://www.scmagazine.com/report-chinas-underground-activity-doubled-last-year/article/369849/

See the original article here:
Report on China’s underground services for DDoS Attacks

Anti-Piracy Outfit Denies launching DDoS attacks on Anime Sites

The effects of a DDoS attack that crippled NYAA, one of the largest anime torrent sites, continue today with fingers being pointed at everyone from the Japanese government to an anti-piracy group working with anime distributors. Subtitling site HorribleSubs, which was also affected, has its own ideas. Distributed Denial of Service or DDoS attacks are a relatively common occurrence in the file-sharing community and something that many sites are subjected to throughout the course of a year. They disrupt service and can often cost money to mitigate. Those carrying out the attacks have a variety of motives, from extortion and blackmail to “the lulz“, and a dozen reasons in between. Often the reasons are never discovered. During the past few days several sites involved in the unauthorized sharing of anime have been targeted by DDoS-style attacks. Swaps24 reported that Haruhichan, Tokyo Toshokan and AnimeTake were under assault from assailants unknown, although all now appear to be back online. A far more serious situation has played out at NYAA.se, however. The site is probably the largest public dedicated anime torrent index around and after being hit with an attack last weekend it remains offline today. The attack on NYAA had wider effects too. NYAA and leading fan-subbing site HorribleSubs reportedly shared the same hosting infrastructure so the DDoS attack took down both sites. That’s significant, not least since at the end of August HorribleSubs reported that their titles had been downloaded half a billion times. As the image above shows it now appears that HorribleSubs has recovered (and added torrent magnet links) but the same cannot be said about NYAA. The site’s extended downtime continues with no apparent end in sight. This has resulted in a backlash from the site’s fans and somewhat inevitably accusatory fingers are being pointed at potential DDoS suspects. As far-fetched as it might sound, one of the early suspects was the Japanese government itself. The launch of a brand new anti-piracy campaign last month in partnership with 15 producers certainly provided a motive, but a nation carrying out this kind of assault seems unlikely in the extreme. Quickly, however, an announcement from HorribleSubs turned attentions elsewhere. “Chill down. It’s not just us. Every famous anime sites [are] getting DDoS attacks, but that doesn’t mean this is the end,” the site’s operator wrote on Facebook. “We have located where DDoS are coming from. It’s from ?#?Crunchyroll? and ?#?Funimation? Employees.” Funimation is an US television and film production company best known for its distribution of anime while Crunchyroll is a website and community focused on, among other things, Asian anime and manga. While both could at least have a motive to carry out a DDoS, no evidence has been produced to back up the HorribleSubs claims. That said, HorribleSubs admits that its key motivation is to annoy Crunchyroll. “We do not translate our own shows because we rip from Crunchyroll, FUNimation, Hulu, The Anime Network, Niconico, and Daisuki,” the site’s about page reads, adding: “We aren’t doing this for e-penis but for the sole reason of pissing off Crunchyroll.” Shortly after, attention turned to anti-piracy outfit Remove Your Media (RYM). The company works with anime companies Funimation and Viz Media, which includes the sending of millions of DMCA notices to Google. The spark came when the company published a tweet (now removed) which threatened to send “thousands” of warning letters to NYAA users once the site was back online. This doesn’t seem like an idle threat. A few weeks ago the company posted a screenshot on Twitter containing an unredacted list of Comcast, Charter and CenturyLink IP addresses said to have been monitored infringing copyright. Due to the NYAA downtime, RYM later indicated it had switched to warning users of Kickass.to. This involvement with anime companies combined with the warning notice statement led to DDoS accusations being directed at RYM. TorrentFreak spoke to the company’s Eric Green and asked if they knew anything about the attacks. “The short answer is No. In fact we were waiting for [NYAA] to go back online to begin monitoring illegal transfers again. Sorry to disappoint but we had no involvement,” Green told TF. Just a couple of hours ago RYM made a new announcement on Twitter, stating that the original tweet had been removed due to false accusations. “Nyaa post deleted due to all the Ddos libel directed at this account. Infringement notices continue to ISPs, for piracy, regardless of tracker,” they conclude. Although it’s impossible to say who is behind the attacks, it does seem improbable that an anti-piracy company getting paid to send notices would do something that is a) seriously illegal and b) counter-productive to getting paid for sending notices. That said, it seems likely that someone who doesn’t appreciate unofficial anime sites operating smoothly is behind the attack. Who that might be will remain a mystery, at least for now. Source: http://torrentfreak.com/anti-piracy-outfit-denies-ddosing-anime-sites-140904/

Read More:
Anti-Piracy Outfit Denies launching DDoS attacks on Anime Sites

DDoS Attacks: Increasingly the Weapon of Choice

Distributed denial of service (DDoS) attacks are a method attackers favor for disrupting an organization’s operations by flooding the network with traffic, overwhelming available bandwidth, and making network resources unavailable. According to research from the Ponemon Institute, DDoS attacks accounted for 18 percent of data center outages in 2013, up from 2 percent in 2010. They found that such attacks are the most costly data-center attacks to mitigate, costing an average of $822,000 per outage, leading to problems such as business disruption, loss of revenues, and reduced productivity. However, the costs can be even higher for organizations that rely on their websites as their main sales vehicle, since the unavailability of those websites can lead to those organizations losing multiple millions of dollars in sales. According to Forrester Research, the average organization loses $27 million for a 24-hour outage, with business services and financial services institutions faring the worst. Despite the damage that DDoS attacks can do in and of themselves, they are often used as a smoke screen to divert resources into clearing up the disruption, leaving organizations unaware of other attacks happening simultaneously. Often, the real motivations are financial manipulation or a competitive takeout. In other cases, the motivations are ideological, looking to hurt or embarrass organizations. For example, in late 2012 to early 2013, 46 financial institutions in the United States were hit with over 200 coordinated and timed DDoS attacks. It is believed that the motivation for this campaign of attacks was to cause consumers to lose their trust in the retail banking system. However, organizations in any walk of life can be impacted, both in the private and public sector, and such attacks should be considered a top concern by any organization, especially as DDoS attacks are increasingly becoming a weapon of choice. Not only are DDoS attacks growing in number and affecting a wider range of organizations, but more tools are becoming available that make them easier to pull off. Whereas previously an attacker would have had to possess a fair degree of skill and recruit an army of computers into a botnet in order to create enough computing power to launch an attack, new attack methods require considerably fewer resources and less skill. DDoS attack kits are now readily available on the Internet for low prices, making the job of a relatively unskilled hacktivist much easier, and DDoS-as-a-service attacks are an increasingly common phenomenon, whereby attackers hire themselves and their botnets out to those wishing to launch attacks. Another recent development is the use of network time protocol amplification attacks, which use publicly available network time protocol servers, the real purpose of which is to provide clock-synchronization services over public networks. Using this method means that attackers no longer need to go through the effort of putting together a botnet to launch their attacks. Recently, there has also been a dramatic rise in mobile applications used in DDoS attacks, driven by the ease with which mobile apps can be downloaded. These apps allow any mobile user to join a DDoS attack if he or she wishes—for example, for an ideological cause with which he or she sympathizes. It is predicted that such attacks will increase dramatically. The tremendous growth in DDoS attacks in 2013 that continued, if not accelerated, in 2014 means that all organizations should beware of the consequences. Where they do not have the resources in-house to defend themselves, organizations should investigate the use of services that can divert traffic away from their networks while remediation measures are taken. While, on the one hand, there is a trend toward increasing complexity and sophistication of attacks, on the other hand, attacks are becoming easier to pull off by an ever-wider range of criminal actors. The DDoS attack landscape is set to become much more complicated, and many more organizations will become victims. All organizations should beware. Source: https://blogs.rsa.com/ddos-attacks-increasingly-weapon-choice/

More here:
DDoS Attacks: Increasingly the Weapon of Choice

Russia’s Zvezda television channel website comes under DDoS attack

The channel’s technical experts managed to partially restore the website’s operation, but it is still not working properly Russia’s Zvezda television channel website came under a DDoS attack on Friday. “The Zvezda channel’s website came under a massive DDoS attack. Its first round occurred at 14:00 Moscow time, making the website inaccessible to users,” the channel said in a statement. The channel’s technical experts managed to partially restore the website’s operation, but it is still not working properly. Source: http://en.itar-tass.com/non-political/747331

Read the original post:
Russia’s Zvezda television channel website comes under DDoS attack

FBI probe into hack and DDoS attacks on banks

THE Federal Bureau of Investigation is probing a computer-hacking attack on JPMorgan Chase and as many as four other banks, in what people familiar with the probe described as a significant breach of corporate computer security. The timing and extent of the hacking attacks wasn’t immediately clear, though cybersecurity experts began probing the possible JPMorgan breach earlier this month, according to people familiar with the investigation. Source: http://www.theaustralian.com.au/business/wall-street-journal/fbi-probe-into-hack-attacks-on-banks/story-fnay3ubk-1227040501221?nk=a9c75ab55e6d5171cc79455c78c5564d#

Link:
FBI probe into hack and DDoS attacks on banks

Anonymous Hacked Ferguson Police Servers and Launched a DDOS Attack

Police officers in Ferguson, Missouri have been forced to communicate via text message after Anonymous launched a DDOS attack against the city’s servers shutting them down, following the murder of Michael Brown. On top of that, private servers of the Ferguson police department were hacked to get personal information. Both peaceful and violent protests have taken place in response to the atrocity in Ferguson. Last Thursday, anonymous performed a DDoS attack on Ferguson servers. The attack was in reaction to the murder of 18 year old, Michael Brown, an African American teenager who was killed unjustly by white policemen. Law enforcement officials said recently that the FBI has taken an immense interest in the investigation of hacking attempts directed at the personal computers and online accounts of police officers who are part of the department responsible for the murder. CNN and other mainstream media outlets, in affiliation with three policeman, who’s names are undisclosed, have reported the police as victims of a ‘cyber attack’, suggesting that anonymous is to blame for the violent demonstrations that took place in Ferguson, avoiding the clear fact that the PD of Ferguson are responsible, and a reaction like this is to be expected in result to the killing of an innocent person. This is of no surprise that corporately funded news outlets would be hesitant to speak negatively of the police. In reality, despite the propaganda that the 1% will spew forth, it is organizations like Anonymous that are fighting for freedom, unrestricted by the fascist regulations of a fear-mongering governing body, we can fight for peace using whatever means possible. Source: http://anonopsofficial.blogspot.ca/2014/08/anonymous-hacked-ferguson-police.html

Originally posted here:
Anonymous Hacked Ferguson Police Servers and Launched a DDOS Attack

DDoS attack downs Twitch on news of Amazon acquisition

Just hours after Amazon announced a $970m deal to acquire Twitch, the live video platform for gamers was taken offline temporarily by a distributed denial of service (DDoS) attack. Twitch is the latest in a string of online gaming platforms to be hit by DDoS attacks that have been linked to several groups, including Lizzard Squad, jihadist group Islamic State, and Anonymous. At the weekend, Sony’s PlayStation Network was knocked offline and several others experienced disruptions, including Microsoft’s Xbox Live and Blizzard’s Battle.net. DDoS attacks are commonly used by competitors or activists to take services offline using a variety of techniques that make services impossible to reach. The reason for the DDoS attack on Twitch is unknown, but industry pundits have speculated that it may be linked to concerns about the acquisition by Amazon. Commenting on the weekend disruptions, Dave Larson, CTO at Corero Network Security, said the drivers for launching DDoS attacks are far ranging and difficult to pinpoint in many cases. “Anyone can become a victim at any time and, as the attacks continue to become stronger, longer and more sophisticated, businesses that rely on their online web applications as a revenue source cannot become complacent,” he said. Larson said the latest DDoS attacks underscore the importance of including a DDoS first line of defence as a component of network security architecture. Lancope chief technology officer TK Keanini said that while DDoS was once a resource held by a few of the elite groups on the net, this method of attack is now available to anyone as it is offered as a service. “If you know where to look, and you have some crypto currency in hand, just point and shoot,” he said. According to Keanini, any business connected to the internet is likely to be targeted by a DDoS attack at some point. “But game networks have to work harder than most to remain secure as they are incredibly attractive targets. “Not only are they high profile, with any disruption making the news, but given all the in-game commerce, credit card and personal information is kept up to date and can be monetised by these cyber criminals,” he said. Source: http://www.computerweekly.com/news/2240227573/DDoS-attack-downs-Twitch-on-news-of-Amazon-acquisition

See the original post:
DDoS attack downs Twitch on news of Amazon acquisition

PlayStation network back online after DDoS attack

Sony’s PlayStation and Entertainment networks are back online after they were forced offline by a distributed denial-of-service (DDoS) attack, the company said late Sunday. “People can now enjoy the services on their PlayStation devices,” Sony spokesman Sid Shuman wrote in a blog post “We have seen no evidence of any intrusion to the network and no evidence of any unauthorized access to users personal information,” he said, also offering apologies for any inconvenience caused. Sony was hit by a large scale DDoS attack which struck upstream traffic routes over which Sony has no control, affecting players’ ability to log in, Sony Online Entertainment President John Smedley wrote on Twitter on Sunday. DDoS attacks attempt to crash a network by sending large amounts of data to a service provider. A group calling itself the “Lizard Squad” claimed on Twitter to be behind the attack. It said that it had “planted the ISIS flag on @Sony’s servers,” referring to the militant group that occupies parts of Syria and Iraq. Earlier on Sunday, the group tweeted directly to American Airlines writing that it had “received reports” that a flight carrying Smedley “has explosives on board.” This appeared to be a way to aggravate Sony further. Smedley had tweeted earlier that his flight had been diverted for reasons that had to do with “something about security and our cargo.” The Boeing 757, with 179 passengers and six crew which left from Dallas-Fort Worth for San Diego was diverted to Phoenix due to a “a security-related issue” and landed safely, according to American Airlines. Source: http://www.cio-asia.com/resource/networking/playstation-network-back-online-after-ddos-attack/

More:
PlayStation network back online after DDoS attack