Group items tagged

More unusually, the attacks also employed a rapidly changing array of methods to maximize the effects of this torrent of data. The uncommon ability of the attackers to simultaneously saturate routers, bank servers, and the applications they run—and to then recalibrate their attack traffic depending on the results achieved—had the effect of temporarily overwhelming the targets."This very well could be a kid sitting in his mom's basement in Ohio launching these attacks." "It used to be DDoS attackers would try one method and they were kind of one-trick ponies," Matthew Prince, CEO and founder of CloudFlare, told Ars. "What these attacks appear to have shown is there are some attackers that have a full suite of DDoS methods, and they're trying all kinds of different things and continually shifting until they find something that works. It's still cavemen using clubs, but they have a whole toolbox full of different clubs they can use depending on what the situation calls for."

takes hold of computers by exploiting CVE-2013-2465, a critical Java vulnerability that Oracle patched in June. The security bug is present on Java 7 u21 and earlier. Once the bot has infected a computer, it copies itself to the autostart directory of its respective platform to ensure it runs whenever the machine is turned on. Compromised computers then report to an Internet relay chat channel that acts as a command and control server.

The botnet is designed to conduct distributed denial-of-service attacks on targets of the attackers' choice. Commands issued in the IRC channel allow the attackers to specify the IP address, port number, intensity, and duration of attacks.