Group items tagged

"A new botnet is actively targeting IoT devices using payloads compiled for a dozen CPU architectures and uses them to launch several types of DDoS and to spread various types of malware. The Dark Nexus botnet as it was named by the Bitdefender researchers who discovered it has gone through a very fast development process since it was initially spotted."

"His program became the first of a particular type of cyber attack called "distributed denial of service," in which large numbers of internet-connected devices, including computers, webcams and other smart gadgets, are told to send lots of traffic to one particular address, overloading it with so much activity that either the system shuts down or its network connections are completely blocked."

"This person or group, who go by the names BestBuy and Popopret, recently spammed an ad to folks on Jabber, an instant messaging service. They offered to perform a distributed denial of service (DDoS) attack on whomever their client(s) wanted, and they backed up their offer by claiming to wield the ability to perform some of the strongest DDoS attacks ever seen. Recent events in the history of the internet show us that these kind of attacks - if these hackers indeed have the power they claim - can wreak internet havoc by blocking user access to a range of some of the web's most popular destinations."

"DDoS attacks are also becoming more common. Brian Krebs, an independent security researcher, observed earlier this month that the "source code" to the Mirai botnet had been released by a hacker group, "virtually guaranteeing that the internet will soon be flooded with attacks from many new botnets powered by insecure routers, IP cameras, digital video recorders and other easily hackable devices""

"If mediocre malware can power some of the largest DDoS attacks ever, and considering the sad state of security of the Internet of Things in general, we should probably brace for more cyberattacks powered by our easy-to-hack "smart" Internet of Things, as many, including ourselves, had predicted months ago."

"The significance of the attack on Krebs is that it looks as though many of the attacks on him came from large numbers of enslaved devices - routers, cameras, networked TVs and the like. "Someone has a botnet with capabilities we haven't seen before," says Martin McKeay, Akamai's senior security expert. The DDoS arms race has just moved up a gear."

"Now, researchers from Incapsula have delved into the world of cut-rate DDoS providers, who market their services for $5 a pop on the website Fiverr. The DDoSers figleaf their offerings by calling them "stress testers" that website owners can use to determine whether their sites are configured to handle lots of traffic, but as the Incapsula team found, most will cheerfully attack sites other than your own (though one vendor said he wouldn't attack "government state websites, hospitals"). "

"This is where Google's Project Shield comes through: sites pre-register with Google to "reverse proxy" their traffic through Google's cloud platform. By making a change in DNS, publishers can route all their traffic through Google. This means that a DDoS attack has to be sufficiently robust as to take down Google's cloud (much harder than taking down a WordPress install on a rack in a commodity hosting provider)"

"Ddos attacks have been used to cause both financial and reputational damage to businesses and services from Sony to government websites. The attacks can last from hours to days, and typically use computers or internet routers infected with viruses to make innocent users unwitting parties to the attack. The Lizard Stresser tool was used effectively by Lizard Squad during cyber attacks on Microsoft's Xbox Live and Sony's PlayStation Network online gaming services in December last year."

"Distributed denial of service (DDoS) attacks are costing companies an average of $40,000 (£25,400) per hour, with around half of attacks lasting at least six hours and costing $500,000 (£317,570) per event."

"The new documents reveal that a GCHQ unit dubbed the Joint Threat Research Intelligence Group, or JTRIG, launched an operation called Rolling Thunder against the hacker collective in 2011. That operation included using DDoS attacks as well as malware to slow down the hackers and later identify them, as first reported by as reported by NBC News on Wednesday."

""If their website goes down as a result of an attack, they can lose their SEO ranking or it could have an effect on their brand, there is a lot at stake aside from revenues," he said."

"Bitcoin Internet Payment System (BIPS), a Denmark-based Bitcoin payment processor, suffered a denial-of-service (DDoS) attack."

Who said you could not bring the internet down?