ddos attack | Breaking Cybersecurity News | The Hacker News

A sad reality for gamers all around the world who enjoy playing the very popular game Minecraft on their PCs. If you are one of them, you'll want to pay attention here. A plain text file containing over 1,800 Minecraft account usernames and passwords has just been leaked online, German media reports . The details available in the leak has been posted to Pastebin, which would allow anyone to log into a legitimate user's account in order to play online and download the full version of the game to their own computers. However, the more serious implication of the leaked credentials would be for those affected users who had used the same username and password combination for other online services, like shopping site, banking site, email service or for any social networking site. Minecraft is an incredibly popular online game bought by Microsoft just few months back for $2.5 billion. The game has more than 100 million registered accounts for its PC version alone, and

A UK man linked to the notorious hacking group, Lizard Squad , that claimed responsibility for knocking Sony's PlayStation Network and Microsoft's Xbox Live offline on Christmas Day has been arrested by the United Kingdom police. Lizard Squad launched simultaneous Distributed Denial-of-Service ( DDoS ) attacks against the largest online gaming networks, Xbox Live and PlayStation Network, on Dec. 25, 2014. Then offered to sell its own Lizard-branded DDoS-for-hire tool called Lizard Stresser . SECOND ARREST As part of an investigation, the UK Regional Organised Crime Unit, in collaboration with the Federal Bureau of Investigation (FBI), have arrested an 18 year old teenager in Southport, near Liverpool, UK on Friday morning, and seized his electronic and digital devices as well. So far, this is the second arrest made in connection to the attack after Thames Valley Police arrested a 22-year old , named Vinnie Omari , also believed to have been an alleged member of Liz

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo

Just a week ago on Christmas, the massive Distributed Denial of Service (DDoS) attack from the notorious hacking group Lizard Squad knocked Sony's PlayStation Network and Microsoft's Xbox Live offline, but as if it wasn't the end of disaster for Microsoft. This time it isn't a case of services being taken down — instead, the software development kit (SDK) for the Xbox Live is being freely circulated over the Internet. Another group calling itself H4LT has apparently managed to leak the Microsoft's official Xbox One developer SDK , potentially opening the door for homemade applications and allowing unapproved developers to create unofficial software for the system. The group announced the Xbox One leak via its official Twitter account, and also provided some screenshots of the November's release of the Durango XDK (Xbox Development Kit) files, including the accompanying development tools, device firmware and its documentation. H4LT group states noble reasons f

A 22-year-old man linked to the notorious hacking group, Lizard Squad, that claimed responsibility for knocking Sony's PlayStation Network and Microsoft's Xbox Live offline on Christmas Day was arrested by the United Kingdom police on Monday. Lizard Squad launched simultaneous Distributed Denial-of-Service ( DDoS ) attacks against the largest online gaming networks, Xbox Live and PlayStation Network, on Dec. 25. Then offered to sell its own Lizard-branded DDoS-for-hire tool called Lizard Stresser. Vinnie Omari , an alleged member of Lizard Squad, arrested by the police investigating PayPal thefts and cyber-fraud offences occurred in 2013-14 while raiding his London home. Law enforcement officials reportedly seized phones, laptops and an Xbox from his home. "The arrest is in connection with an ongoing investigation into cyber-fraud offences which took place between 2013 and August 2014 during which victims reported funds being stolen from their PayPal accounts,"

It was the sad Christmas day for gamers all around the world!! A lot of people get new PlayStations and Xboxes on Christmas, but this Christmas they bought the game, popped it into the console for online gaming, and what they found? Oh Crap! I can't log on . It was the notorious hacker group " Lizard Squad " who claimed the responsibility for taking down PlayStation Network, saying it has made unavailable both networks with apparent Distributed Denial of Service (DDoS) attacks — intentionally overloading servers by sending a flood of bogus web traffic, which made logging into the PlayStation Network and Xbox Live difficult for most users. Now Anonymous has declared war against Lizard Group, warning that " now you are all going down. " Recently, in response to Lizard Squad launching DDoS attacks on the Tor network , the international activist group Anonymous has leaked the personal details of one of the group's alleged members, warning the hacke

An online "hacktivist" group that calls itself Anonymous has claimed responsibility for hacking into email accounts of Swedish government in response to the seizure of world renowned The Pirate Bay website and server by Swedish police last week. Apart from Sweden government officials, the Anonymous hacktivist group also claimed to have hacked into the government email accounts of Israel, India, Brazil, Argentina, and Mexico, and revealed their email addresses with passwords in plain-text. The Anonymous group also left a message at the end of the leak: " Warning: Merry Christmas & a Happy New Year to all!! Bye :* " The hack was announced by Anonymous group on their official Twitter account. The tweet also shared a link of Pastebin where leaked data has been dumped with the list of the emails. The tweet reads: " BREAKING: Emails from Swedish government were hacked in retaliation for the seizure of servers of The Pirate Bay https://pastebin.c

Cyber criminals are using new malware variants by exploiting GNU Bash vulnerability referred to as ShellShock ( CVE-2014-6271 ) in order to infect embedded devices running BusyBox software, according to a researcher. A new variant of " Bashlite " malware targeting devices running BusyBox software was spotted by the researchers at Trend Micro shortly after the public disclosure of the ShellShock vulnerability. BusyBox provides set of command line utilities that are specifically designed to run in constrained embedded environments. At compile time, different capabilities can be left out, reducing the size of the binaries, and efforts are made to make them memory efficient. This makes the software an excellent candidate for use in consumer electronics devices, which seem to have been the items of interest in this case. The malware variant, detected as ELF_BASHLITE.A (ELF_FLOODER.W) , when executed on victim's machine, scans compromised networks for device

After successful in launching reflection and amplification Distributed Denial-of-Service (DDoS) attacks by abusing various protocols such as DNS, NTP and SMTP, hackers are now abusing Simple Service Discovery Protocol (SSDP) – part of the UPnP protocol standard – to target home and office devices, researchers warned. SSDP is a network protocol based on the Internet Protocol Suite that comes enabled on millions of networked devices, such as computers, printers, Internet gateways, Router / Wi-Fi access points, mobile devices, webcams, smart TVs and gaming consoles, to discover each other and automatically establish working configurations that enable data sharing, media streaming, media playback control and other services. FLAW IN UPnP USED IN AMPLIFICATION DDoS ATTACK Prolexic Security Engineering & Response Team (PLXsert) at Akamai Technologies have issued a warning that the devices use in residential or small office environments are being co-opted into reflection

The Distributed Denial of Service ( DDoS ) attack is becoming more sophisticated and complex, and, according to security experts , the next DDoS vector to be concerned about is SNMP (Simple Network Management Protocol) amplification attacks. Yesterday afternoon, the SANS Internet Storm Center reported SNMP scans spoofed from Google's public recursive DNS server searching for vulnerable routers and other devices that support the protocol with DDoS traffic and are opened to the public Internet. " We are receiving some reports about SNMP scans that claim to originate from 8.8.8.8 (Google's public recursive DNS server), " wrote Johannes Ullrich, dean of research of the SANS Technology Institute and head of the Internet Storm Center. " This is likely part of an attempt to launch a DDoS against Google by using SNMP as an amplifier/reflector. " Simple Network Management Protocol (SNMP) is a UDP-based protocol designed to allow the monitoring of network-

It's been a bad weekend for Sony Playstation. The entire PlayStation Network was down much of the day after a dedicated distributed denial-of-service (DDoS) attack by online attackers, which left the network inaccessible to users. It's possible that EVE Online and Guild Wars 2 have also been hit by the attackers. Developers on the EVE Online forums have announced DDoS issues, and many users on the Guild Wars 2 forums have been reporting login issues. Sony's PlayStation Network is an online service that connects PlayStation 3 and PlayStation 4 video game consoles to the Internet and to over-the-top video services such as Netflix. What's weird about this attack is that it also includes a security threat against the American Airlines plane in which the President of Sony Online Entertainment, John Smedley, was traveling today. The aircraft along with a full load of passengers was diverted to Phoenix due to a bomb threat. WHO BRING DOWN SONY PLAYSTATION NETWORK? Tw

The hacktivist group Anonymous has reportedly taken down the official website of the Israeli intelligence agency Mossad against Israel's military incursion in Gaza, which has resulted in hundreds of civilian casualties. The government of Israel has yet to comment on the Mossad hack attack. The ' Hacktivists ' were able to take down Mossad's website in a Distributed Denial of Service (DDoS) attack early morning, claims a statement on one of the Anonymous hacker's Twitter account. The attack on the website is supposed to be severe as it has been over 10 hours and the site is still down at the time of writing. OPERATION SAVE GAZA The Anonymous group has already targeted a number of other Israeli organizations as part of a campaign titled " Operation Save Gaza " in the mission to stop this " massacre ." Anonymous group has also claimed responsibility of taking down multiple Israeli government sites following the death of one of the organization's members. The member n

Botnets - a secretly compromised networks of ordinary home and office computers with rogue software or "malware" that are controlled by an individual criminal or a group - has dramatically increased over the past several years and are considered to pose the biggest threat to the Internet. Cyber criminals have brushed-up their hacking skills and are using Botnets as a cyber weapon to carry out multiple crimes like DDoS attacks (distributed denial of service), mass spamming, page rank and advertising revenue manipulation, mining bitcoins, cyber espionage and surveillance etc. 18 BOTNET INFECTIONS PER SECOND According to the director of FBI's cyber division, Joseph Demarest, Botnet has become one of the biggest enemies of the Internet today, and therefore its impact has been significant. Yesterday during a hearing before a U.S. Senate committee, he says that every second 18 computers worldwide are part of botnet armies, which amounts to over 500 million comp

The Norwegian police have arrested and charged a 17-year-old for a massive distributed denial-of-service (DDoS) attack earlier this week that disabled the websites of major financial institutions and other businesses in the country. Distributed Denial of Service (DDoS) attack is designed to sabotage, shut down and overload the targeted website with web traffic more than its capacity in order to make it unavailable to users. The attack targeted five major banks, two telecommunication firms, three airlines and one insurance company, as their websites and online payment systems were disrupted. The unnamed teen claimed to be a part of the hacktivist group Anonymous Norway for what was thought to be the country's biggest ever cyber-attack on businesses. Although, the Anonymous Norway, via a Twitter message, has dismissed any connection to him or the cyber attack. The youngster was a resident of Bergen, on Norway's west coast. He was arrested on Thursday morning and que

A month after the FBI and Europol took down the GameOver Zeus botnet by seizing servers and disrupting the botnet's operation, security researchers have unearthed a new variant of malware based explicitly on the same Gameover ZeuS that compromised users' computers and collectively formed a massive botnet. GAMEOVER ZEUS TROJAN The massive botnet, essentially a collection of zombie computers, specifically was designed to steal banking passwords with the capability to perform Denial of Service (DoS) attacks on banks and other financial institutions in order to deny legitimate users access to the site, so that the thefts kept hidden from the users. As a result of it, Gameover ZeuS' developers have stolen more than $100 million from banks, businesses and consumers worldwide. NEW GAMEOVER ZEUS TROJAN On Thursday, security researchers at the security firm Malcovery came across a series of new spam campaigns that were distributing a piece of malware based on the Gameover Zeus code which

Hackers are leveraging large number of compromised machines (a botnet network) to carry out massive DNS Flood DDoS attack against a large Video Gaming Industry website, peaking above 110 Gbps. A US based security solutions provider Incapsula , is protecting a famous Video Gaming website from this high bandwidth DDoS attack from last 48 Hours and according to them, the attack is still continuing. Incapsula has not yet disclosed the name of the video gaming company. "The attack is still going on - that over 48 hours by now, from what I see it ain't gonna stop anytime soon ," Incapsula spokesperson wrote in an e-mail to The Hacker News. DDoS AT 90 MILLION PACKETS/SECOND The researchers at the security firm noticed a surge of massive DNS Flood DDoS attack on one of its clients, peaking at approximately 90 Mpps (Million Packets Per Second), which is really a very very big number. Majority number of attacking IP addresses belong to China and India. " Good reason to think

Hackers and cyber attacks are getting evil and worst nightmare for companies day-by-day. Just last week a group of hackers ruined the code-hosting and software collaboration platform, ' Code Spaces ' by destroying their Amazon cloud server, complete data and its backup files too. Recently, the largest ever and most severe Distributed Denial of Service (DDoS) attacks in the history of the Internet has been recorded that hit the online democracy poll promoting opinion on the upcoming Hong Kong elections. PopVote , an online mock election operated by The University of Hong Kong's Public Opinion Program, by Saturday recorded more than half a million votes in less than 30 hours in the unofficial referendum that provided permanent residents of Hong Kong to choose their preferred political representatives, that is suppose to be continued until June 29. However, the Chief Executive is officially chosen by a 1,200-member Election Committee under the current political system and drawn largel

Code Spaces , a code-hosting and software collaboration platform used by different organizations for project management and development needs, was forced to shut down operations after an attacker compromised its internal system and deleted its customer's data and backups as well. This is really a nightmare for the code-hosting company based in Coventry, UK that claimed to offer " Rock Solid, Secure and Affordable Svn Hosting, Git Hosting and Project Management. " Codespaces.com homepage shows a lengthy explanation on the attack and an apology from its customer. " Code Spaces will not be able to operate beyond this point, the cost of resolving this issue to date and the expected cost of refunding customers who have been left without the service they paid for will put Code Spaces in an irreversible position both financially and in terms of ongoing credibility, " read the note. " As such at this point in time we have no alternative but to cease trading and concentra

Yesterday, the most popular RSS reader Feedly was down as a result of a large scale distributed-denial-of service (DDoS) attack carried by the cybercriminals to extort money. On Wednesday, the Feedly was temporarily unavailable for its users. Feedly posted details of the attack at 5:00 AM ET on its blog saying that they were under a Distributed Denial of Service (DDoS) attack and cyber-criminals were demanding money in return for returning the service to its normal operations. " Criminals are attacking feedly with a distributed denial of service attack (DDoS). The attacker is trying to extort us money to make it stop, " Edwin Khodabakchian, founder and CEO of Feedly said in a statement on Wednesday. He also expressed regret, " We want to apologize for the inconvenience. Please know that you data is safe and you will be able to re-access your feedly as soon as the attack is neutralized. " Feedly is a very popular RSS feed service which is available for desktop, iOS and