ddos
Latest
Arizona man gets 20 months in prison for emergency system DDoS attacks
Denial of service attacks are serious by themselves, but doubly so when they target vital systems... and one perpetrator is finding that out first-hand. A court has sentenced Arizona resident Randall Charles Tucker (who nicknamed himself the "Bitcoin Baron") to 20 months in prison for launching distributed denial of service attacks against city websites, including damaging attacks against Madison, Wisconsin. He not only took down the city's website, but "crippled" its emergency communication system to the point where first responders had trouble reaching the 911 center. It also 'degraded' the automatic dispatching for emergency crews.
Senators ask the FCC if it was truly targeted by DDoS attacks
US Senators Brian Schatz and Ron Wyden want to know once and for all whether the FCC truly suffered DDoS attacks in the middle of soliciting net neutrality comments in 2014 and 2017 like it claimed. If you'll recall, a couple of recent Gizmodo reports and an interview with former Chairman Tom Wheeler cast doubt on the veracity of those claims. The Senators have sent a letter to the commission, asking if any third-party entity confirmed that the outages it suffered those times were truly caused by DDoS. If they were, Schatz and Wyden want to know why no investigation was conducted.
FCC accused of lying about 2014 and 2017 DDoS attacks
A recent Gizmodo report has resurfaced doubts about the FCC's explanation regarding the cause of its website outage in 2017. If you'll recall, that event prevented people from posting comments on chairman Ajit Pai's plan to eliminate net neutrality rules. Pai and a couple of other FCC officials blamed it on a DDoS attack and referenced another outage that happened in 2014, which an anonymous high-level official blamed on the same thing. Back then, the agency (then under Tom Wheeler) called for comments on amended net neutrality guidelines that would allow ISPs to sell access to "fast lanes." By referencing the older incident, the officials are probably saying that the outage wasn't caused by the massive support for net neutrality: the website has long been the target of DDoS attacks. Problem is, former FCC chairman Tom Wheeler said the 2014 attack never happened.
Alphabet's Project Shield expands DDoS protection to politics
Today, Alphabet announced that Project Shield is widening its scope. The free service is now expanding to include protecting any registered political organization from DDoS attacks. This includes candidates, political action committees and campaigns.
'World of Warcraft' cyberattacker sentenced to year in prison
One World of Warcraft player is paying the price for taking a virtual rivalry too far. A US federal court has sentenced Romanian man Calin Mateias to spend a year in federal prison after he pleaded guilty to launching a distributed denial of service attack against WoW's servers in response to being "angered" by one player. The 2010 traffic flood knocked thousands of players offline and cost Blizzard $30,000 (which Mateias repaid in April) in recovery expenses.
Police take down the world's largest DDoS-for-hire service
The internet might be slightly safer against distributed denial of service attacks in the near future... slightly. Police in twelve countries have taken down WebStresser, believed to be the world's largest service for paid DDoS attacks. The joint campaign (Operation Power Off) seized WebStresser's infrastructure in the US, UK and the Netherlands, and busted site administrators ranging as far as Australia and Hong Kong.
GitHub survives massive DDoS attack relatively unscathed
GitHub, a web-based code distribution and version control service, survived a massive denial of service attack on Wednesday. According to a report at Wired, a staggering 1.35 terabits per second (Tbps) of traffic hit the site at once. Within 10 minutes the company called for help from a DDoS mitigation service similar to Google's Project Shield, Akamai's Prolexic, which took over to filter and weed out malicious traffic packets. The attack, says Wired, ended after eight minutes. This may have been the largest DDoS attack ever; Wired notes the attack on domain name server Dyn in late 2016 reached 1.2 Tbps of traffic.
US government will investigate fake net neutrality comments
In December, a number of US Representatives sent a letter to the Government Accountability Office (GAO) asking it to investigate fraudulent comments submitted to the FCC's proposal to repeal net neutrality. Multiple groups found evidence that millions of the comments submitted during the FCC's public comment period were linked to fake email addresses, were fraudulently posted under others' names and addresses and were even attributed to people known to be dead. Congressional leaders, attorneys general and even FCC commissioners called for the FCC to delay its vote on the proposal while the extent of the fake comments could be properly investigated, though as we well know, the FCC went ahead with the vote anyway. Now, Ars Technica reports, the GAO has agreed to investigate the issue.
Mirai botnet creators plead guilty to charges over 2016 attack
The individuals behind the Mirai botnet that caused nationwide internet outages in October of last year have pleaded guilty to federal charges, ZDNet reports. Paras Jha, Josiah White and Dalton Norman were indicted by a court in Alaska earlier this month and have pleaded guilty to charges that carry a sentence of up to five years in prison.
US pressured North Korea by overwhelming hackers with data traffic
The US is no stranger to hacking North Korea, but it's usually in a bid to directly thwart the country's military ambitions. Now, however, those attacks are being used as a diplomatic strategy. The Washington Post has learned that President Trump ordered a broad pressure campaign against North Korea that led to the US conducting a denial of service attack against North Korea's spying office, the Reconnaissance General Bureau. The move flooded the RGB's servers with traffic that effectively strangled their internet access, including the Bureau 121 group responsible for the North's hacking campaigns. And while it clearly didn't change Kim Jong Un's mind, it does appear to have had a practical effect.
Google pulls 300 Android apps used for DDoS attacks
If a random storage manager or video player you downloaded recently has disappeared from your Android device, don't worry: it might have been for your own good. Google has removed 300 apps from the Play store, which were apparently merely masquerading as legitimate applications. In truth, they were made to hi-jack your phone so it can be used as part of a botnet's distributed denial of service (DDoS) attacks. WireX, as the botnet is called, pummeled several content providers and delivery networks with traffic from the devices it hi-jacked on August 17th, though it's been active since around August 2nd. In some cases, it also acted as a ransomware, demanding money from its victim.
Congressmen call for investigation of FCC cyberattack claims
The FCC has claimed that the site it uses to collect public comment on its plans to roll back net neutrality rules was taken down by a distributed denial of service (DDoS) attack instead of crippled by a massive number of commenters brought about by a John Oliver segment on HBO. When pressed for details, the agency denied that it hadn't documented the "attack," that sharing any details would undermine security and have stonewalled any demands for evidence of a cyberattack. On Thursday, however, Senator Brian Schatz and Congressman Frank Pallone Jr. sent a letter to the Government Accountability Office (GAO) encouraging a full review of the FCC's practices and claims.
FCC says sharing DDoS attack details undermines security
Back in May, HBO's John Oliver exhorted viewers to add their public comment on the FCC's website for net neutrality. While at first it seemed as if the server couldn't handle the extra load of commenters, the FCC said that the site had been a victim of multiple distributed denial-of-service (DDoS) attacks. When asked for evidence of the cyberattack by regulators, senators and journalists, the FCC refused to share any data. Last month, a group of ranking House committee members sent a letter to the FCC Chairman Ajit Pai, which expressed concerns about the agency's "cybersecurity preparedness, and the multiple reported problems with the FCC's website in taking public comments in the net neutrality proceeding." Pai's response — dated July 21st and posted on July 28th — was predictably vague in responding to the specific queries from the Representatives. He said "it would undermine our system's security to provide a specific roadmap of the additional solutions to which we have referred."
FCC denies report that it didn’t document alleged cyberattack (updated)
The Federal Communications Commission now claims to have no data on a DDoS attack that took down its website in May, just months after stating it had "gigabytes" of documentation on the incident. The supposed attack followed talk show host John Oliver redirecting viewers to the FCC's comment section, where he encouraged them to complain about the organization's stance on net neutrality. With over 9 million comments reportedly left on the site, the FCC quickly responded, stating that it couldn't accept more feedback, because it was incapacitated by an alleged DDoS attack. Now, after a freedom of information request filed by Gizmodo attempted to reveal more about the 'attack,' the FCC is claiming that its previous thorough analysis on the incident "did not result in written documentation." (Editor's note: the FCC has refuted the reporting done by Gizmodo and issued a statement. Please see the update below for the full details.)
The high-tech war on Tibetan communication
Each year, March 10th in Tibet brings more police onto the streets, closer online censorship of terms like "Free Tibet" and "Dalai Lama" and a spate of cyberattacks. "Every March 10th, almost all major Tibetan organizations in Dharamsala are targeted with Distributed Denial of Service and other cyber attacks," said Tenzin Dalha, a researcher at the Tibet Policy Institute, part of the Central Tibetan Administration. Four years ago, that happened to the Voice of Tibet (VOT), a nonprofit media outlet run out of the Indian hill town of Dharamsala, bringing its website down for several days. The reason for the crackdown is that the date commemorates March 10th, 1959. On that day, rumors spread in the Tibetan capital Lhasa about the impending arrest of Tibet's spiritual leader, the Dalai Lama, by the Chinese, who had invaded the territory in 1950. Tibetans rallied to support their spiritual leader and the mass protests led to a violent crackdown. The Dalai Lama and his entourage escaped to India, where he and the Tibetan government-in-exile remain. When VOT started in 1996, it was one of the few channels of communication between Tibetans and their government-in-exile across the border, as all newspapers, television and other print materials were heavily censored. Using shortwave radio, it transmitted its news service across the border into Chinese-occupied Tibet, both in Tibetan and Mandarin Chinese.
US: North Korea's been hacking everyone since 2009
US authorities believe the North Korean government has been using an army of hackers called "Hidden Cobra" to deploy cyber attacks over the past eight years. That's according to the Technical Alert formally issued by the Homeland Security and the FBI, which contains the details and tools NK's cyber army has been using to infiltrate the media, financial, aerospace and critical infrastructure sectors in the US and around the globe. The government agencies issued the alert after tracing the IP addresses of a malware variant used to manage NK's DDoS attacks to North Korean computers. While other players can spoof their IPs to frame NK, the US is encouraging cyber analysts to be on the lookout, warning them that the Asian country will continue to use cyber operations to advance its government's military and strategic objectives.
Senators ask FBI to investigate FCC's alleged cyberattack
The FCC isn't exactly forthcoming with evidence of the alleged denial of service attack on its servers, and that's leaving some worried. Is it protecting privacy (as it claims), or stifling attempts to post comments supporting net neutrality? A slew of Senators want to find out -- and they're going above the FCC's head to make sure they get answers. Senators Al Franken, Patrick Leahy, Edward Markey, Brian Schatz and Ron Wyden have sent a letter to FBI Acting Director Andrew McCabe asking his bureau to conduct a high-priority investigation of the FCC's cyberattack claims. While they don't directly accuse the FCC of dishonesty, it's clear from the wording that they aren't just taking the Commission's word at face value.
FCC stonewalls demands for evidence of cyberattack
The FCC swears that a denial of service attack hit its servers hours after Last Week Tonight's John Oliver rallied support for net neutrality, but where's the evidence? Well, don't expect it any time soon. In an interview with ZDNet, the regulator's David Bray says the FCC won't release the logs that might show who was responsible for the incident. The logs contain private info like IP addresses, he says. Bray does note that there wasn't a botnet involved, though -- instead, the traffic came from commercial cloud services using the FCC's public programming interface. But if it wasn't a botnet, then who was involved? Some critics are concerned that the FCC isn't exactly being forthright.
Nastier version of IoT botnet could brick your smart toaster
Two new versions of a nasty botnet called BrickerBot were spotted in the wild by researcher Pascal Geenens, who reported the latest attack for security firm Radware. Permanent denial-of-service botnets like these can infect poorly-protected IoT devices like smart toasters and web-enabled vibrators to bring down various connected web servers. These new BrickerBot iterations use scripts with even more commands and almost four times as many actual attacks as previous iterations to completely overwhelm their targets.
Black Lives Matter site faced over 100 attacks in half a year
When you launch protests in the modern era, you don't just have to worry about aggressive responses on the streets... you have to worry about your online presence, too. Deflect Labs has determined that Black Lives Matter's official website was subject to over 100 botnet-based denial of service attacks between April 29th and October 15th, a large part of it coming from members of a Ghost Squad hacking collective that had vocally denounced BLM's campaign. And it didn't require many people, either. Just two culprits (who may be the same person) launched nearly a fifth of the attacks, one of which tried to flood the site with traffic using nearly 1 million bots.
