Items tagged with DDoS
The cybersecurity folks at Cloudflare have to be feeling like a million bucks right about now. Or make it a billion smackers. Either way, they are completely justified in reveling at staving off a massive distributed denial of service (DDOS) attack, the largest ever, in fact. It happened earlier this summer, only you never knew it, because of Cloudflare's efforts. Perhaps the best part about this whole situation is that the largest attack effort ever recorded was automatically detected and mitigated, by Cloudflare's autonomous edge DDoS protection systems. These are powered by the firm's own home-grown software-defined denial of service daemon. How large of an attack are we talking about? According...
Read more...
Plex is a widely popular platform that allows you to curate all your media on a home server and stream it either within your home or over the internet to other PCs, Macs, smartphones, or tablets. Over the years, Plex has grown to include features like Live TV, podcasts, and even retro gaming to broaden its appeal to everyday users. However, the company's central user-facing Plex Media Server, which is accessed via a web interface on multiple platforms (including Windows and macOS), is reportedly being used to aid in distributed denial of service (DDoS) attacks according to a security bulletin from Netscout. Plex Media Server uses the G’Day Mate (GDM) network/service discovery protocol...
Read more...
Amazon has earned itself some well-deserved bragging rights for putting a stop to what ranks as the largest distributed denial of service (DDoS) attack ever, and by quite a bit. According to data divulged by Amazon, it halted a DDoS attack that peaked with a "previously unseen volume" of 2.3 terabits per second in February 2020. The attempted attack leveraged a compromised Connection-less Lightweight Directory Access Protocol (CLDAC). It also resulted in three days of "elevated threat during a single week" before it subsided. Amazon shared the details in its latest AWS Shield Threat Landscape report (PDF), in which it notes that the "largest known DDoS attacks are UDP reflection attacks." CLDAP...
Read more...
Video game publisher Ubisoft has filed a lawsuit in a California courtroom against an alleged distributed denial-of-service (DDoS) attack website. The lawsuit lists multiple people from around the globe as defendants. Ubisoft announced last year that it had a plan to stop players that utilized DDoS attacks during games. These attacks create lag in multiplayer matches and can cause server crashes. The game publisher claimed that it had seen a 93 percent drop in the frequency of attacks after sharing its plan to combat them. Ubisoft is now aiming to kill the source of the attacks by filing a lawsuit against the website called SNG.one. The website allegedly sells subscriptions for up to $299.85...
Read more...
It seems that even Blizzard's World of Warcraft can be a cruel, cruel mistress. Unfortunate fans of the classic WoW experience had their days ruined today by a sustained DDOS attack on Blizzard's servers, according to multiple sources. It isn't just WoW Classic, either. Several independent sources are reporting that servers for the latest expansion, Battle of Azeroth, are also under attack. WoW Classic only launched on August 26th, 2019, which is just a couple of weeks ago at the time of writing. What kind of heartless monster would attack classic MMO fans at a time like this? Could it be a nefarious attack by North Korea, like the Sony breach of 2014? Could it be the work of jilted lovers,...
Read more...
Code distribution site GitHub was hit with a massive distributed denial-of-service (DDoS) attack yesterday afternoon, but thanks to prior planning and automatic routines to counter such attacks, it was able to come through [relatively] unscathed. At its peak, GitHub was inundated with a record 1.35 Tbps of traffic, and was subsequently hit with another brief 400 Gbps burst of traffic. GitHub experienced sporadic outages over during a 9-minute period. By the 10-minute mark, its systems were fully restored and the attack was successfully mitigated. The DDoS attack was carried out not with an enormous botnet, but with UDP-based memcached traffic. "Memcached is a tool meant to cache data and reduce...
Read more...
A security firm is warning of a new botnet targeting IoT (Internet of Things) devices that is on the move. Dubbed IoT_reaper, the new botnet borrows some of the source code from Mirai, which took down the popular security blog KrebsOnSecurity with a massive DDoS attack, ultimately forcing Brian Krebs, the security expert in charge of the blog, to find a new hosting company and seek shelter behind Google Shield for DDoS protection. Unfortunately, it is believed that this new strain called Reaper could be even more virulent than Mirai. Whereas Mirai was able to spread by cracking weak passwords on IoT devices that oftentimes were never changed from their defaults, Reaper looks for multiple vulnerabilities...
Read more...
It's been an unfortunately busy few weeks for Android vulnerabilities. Earlier in the month, we wrote about SonicSpy, a grandiose piece of malware that could gain an incredible amount of control over your device - including, of course, being able to record your audio. Just last week, we followed-up with another story talking about the 500 apps Google obliterated from the Play Store that bundled an exploited ad network. Today, WireX is the name of the game, a piece of malware whose sole purpose is to turn our innocent mobile devices into a DDoSing bot network. On August 17, WireX hit many content providers, as well as content delivery networks, with a surge of traffic to render them useless....
Read more...
There are lots of obvious examples of how IoT (Internet of Things) connected and smart devices can enrich our lives. However, as we've noted numerous times over the past year, there are a number of caveats that can also come with them. The glaring issue of course has to do with security, or the lack of it really. And perhaps the absolute lack of ownership certain manufacturers take with it and their products. Research firm Radware once helps underscore the glaring need for better IoT security with some hard proof about what we're dealing with. Employing a "honeypot" approach - a system specifically designed to lure exploits - the firm found that IoT attacks are not just on...
Read more...
A full-blown Skynet situation might be the thing of science fiction (we hope, anyway), but that doesn't mean bizarre things involving machines can't happen. As proof of this, Verizon teased an entry in its upcoming 2017 Data Breach Digest that describes a recent DDoS attack on an unnamed university involving vending machines, light bulbs, and 5,000 Internet of Things (IoT) devices. As with many DDoS attacks involving IoT devices, this one is the result of system administrators being a little too lax with security on these seemingly benign devices. The university in question dismissed complaints from students across campus about slow or inaccessible network connectivity. When things took a turn...
Read more...
Large scale distributed denial of service (DDoS) attacks powered by thousands and sometimes millions of Internet of Things (IoT) devices that have been turned into a massive botnet is something that content delivery networks (CDNs) and service providers must be prepared for in 2017. Lest anyone thinks otherwise, yet another "huge DDoS" assault was reported before the end of this year, this time from Incapsula, which fended off the largest attack to date on its network. With ten days to go before 2016 is in the rear view mirror (along with all of the celebrities it took), Incapsula found itself mitigating a DDoS attack that peaked at 650 gigabits per second, which is about 30Gbps more than the...
Read more...
We recently witnessed a new and disturbing trend in cyber security and that is the widespread hacking of Internet connected devices to initiate DDoS attacks on an unprecedented scale. That is the method that made possible the Mirai botnet that targeted security expert Brian Krebs and his security blog with 620 gigabits per second of traffic, which at the time was a record. It is also what's causing a surge in DDoS attacks, as noted by content delivery network (CDN) Akamai. The CDN made its findings known in a recent security report compiled with data gathered from its intelligence platform. In it Akamai notes that the two largest DDoS attacks this past quarter both leveraged the Mira botnet....
Read more...
On Friday, DNS provider Dyn was walloped by a massive DDoS botnet attack which slowed down or completely sidelined major websites like Amazon, Twitter, and The New York Times. The attack was carried out using improperly configured Internet of Things (IoT) devices that were zombified by Mirai malware. In this particular case, however, the majority of the IoT devices used in the botnet were webcams made by China-based XiongMai Technologies. "It’s remarkable that virtually an entire company’s product line has just been turned into a botnet that is now attacking the United States," said Flashpoint research director Allison Nixon. With all of the attention be thrust onto XiongMai, the company acknowledged...
Read more...
So here we go again, another "massive and sustained Internet attack" made possible by a large collection of hacked Internet of Things (IoT) devices, things such as CCTV video cameras, digital video records, all sorts of smart home gadgets with a connection to the Internet, KrebsOnSecurity has determined. This is not the first time it has happened and it won't be the last. The recent attack, an apparent retaliation by WikiLeak supporters after the Obama administration allegedly used its influence to push the Ecuadorian government to cut off Internet access to whistleblower Julian Assange, focused its artillery of hacked IoT devices on DNS provider Dyn. It was another large scale DDoS attack,...
Read more...
This past week has been rife with controversial news related to the U.S. election. Of course, there is always an inordinate amount of news during an election cycle, but this week in particular began with some big stories. First, the U.S. officially accused Russia for the infamous DNC hack that outed the Hillary Clinton campaign's manipulation of the democratic primary. That was followed by WikiLeaks tweeting out an array of cryptic hashes in preparation for its latest data dump, and later the Ecuadorian government admitting it cut WikiLeaks’ founder, Julian Assange’s, access to the Internet in retaliation for previous leaks. Sprinkled amongst all of this drama was the third Presidential debate,...
Read more...
If the internet was incredibly slow for you this morning when browsing certain websites, or if you were having trouble posting your “wakeup” tweet to Twitter, we now know the root cause. A massive distributed denial of service (DDoS) attack was carried out against Dyn, which provides DNS service to a number of big name sites including Amazon, Twitter, reddit, Spotify, The New York Times, and Airbnb (among others). The outages seemed to mainly be concentrated around the northeastern United States, with another “hot pocket” of activity centered in Texas. Dyn posted a note to its website earlier this morning, writing: Starting at 11:10 UTC on October 21st-Friday 2016 we began monitoring and mitigating...
Read more...
Well, this isn't good. The source code for the botnet that took KrebsOnSecurity down by tapping into an unprecedented number of Internet of Things (IoT) devices has been released to the public. It's availability virtually ensures that distributed denial of service (DDoS) attacks equal in size or even larger will follow, creating financial headaches and service disruptions for companies both big and small. Brian Krebs, a renowned security expert and author of the aforementioned blog, recently found his website the target of one of the largest DDoS attacks in history. The massive attack brought in a record 620 gigabits per second of traffic. That's almost twice as much as Akamai, the cloud provider...
Read more...
If you thought that the massive DDoS attack earlier this month on Brian Krebs’ security blog was record-breaking, take a look at what just happened to France-based hosting provider OVH. OVH was the victim of a wide-scale DDoS attack that was carried via network of over 152,000 IoT devices. According to OVH founder and CTO Octave Klaba, the DDoS attack reached nearly 1 Tbps at its peak. Of those IoT devices participating in the DDoS attack, they were primarily comprised of CCTV cameras and DVRs. Many of these types devices' network settings are improperly configured, which leaves them ripe for the picking for hackers that would love to use them to carry our destructive attacks. Klaba originally...
Read more...
The web is becoming the wild, wild west all over again it seems. You could argue the Internet's always been a potentially dangerous place, but with the proliferation of smart devices becoming increasingly commonplace, cybercriminals now have more points of entry into home networks than ever before. Smart home automation gadgets collectively comprise much of what's referred to as the Internet of Things (IoT), and just like your PC, they can be silently hijacked and enlisted into a botnet, a malicious network of systems under the control of a foreign party. Individually, all these smart lighting, media streamers, Nest thermostats, and other IoT gadgets don't pose a major threat, just as a...
Read more...
Today the bad guys have won. Not the war, mind you, but a skirmish with renowned security journalist Brian Krebs, author of The New York Times bestseller "Spam Nation," a former writer for the The Washington Post, and owner of KrebsOnSecurity, a popular security blog that's no longer live after cloud service provider Akamai gave Krebs just 2 hours to pack his things and leave. Of course, there's more to the story than that. Akamai isn't some evil company secretly working for the bad guys (we hope not, anyway). But it was providing free service to Krebs for his blog. You get what you pay for. In this case, Krebs wasn't paying a dime, so Akamai decided enough was enough when Krebs found himself...
Read more...
Researchers from the Negev Cyber-Security Research Center at Ben-Gurion University recently released a terrifying piece of news. It explains that if a malicious entity decided to craft malware that infected only a few thousand mobile phones, it would be possible to cripple an entire 911 system. That means legitimate calls couldn't make it through, and staffers manning the lines would be inundated with fake calls. The research published last week reveals that in most states, if as few as 6,000 mobile phones were infected with malware that serves no other purpose but to ring 911 repeatedly, it could cripple the entire operation in that state. If the number of infected phones jumps...
Read more...
Two 18-year-olds from Israel find themselves in hot water with the United States Federal Bureau of Investigation (FBI) for their alleged roles in running a lucrative attack service called vDOS. They're said to have earned over $600,000 in the past two years by helping customers coordinate over 150,000 Distributed Denial of Service (DDoS) attacks.Israeli authorities arrested the two teenagers, Itay Huri and Yarden Bidani, on Thursday as part of an investigation by the FBI. They were questioned and released the next day for what amounts to around $10,000 bond each. Authorities also seized their passports and placed them on house arrest—they've been ordered not to use the Internet or any kind of...
Read more...
