DDoS booters | Breaking Cybersecurity News | The Hacker News

Cybersecurity researchers have discovered a new emerging IoT botnet threat that leverages compromised smart devices to stage ' distributed denial-of-service ' attacks, potentially triggered on-demand through platforms offering DDoS-for-hire services. The botnet, named "dark_nexus" by Bitdefender researchers, works by employing credential stuffing attacks against a variety of devices, such as routers (from Dasan Zhone, Dlink, and ASUS), video recorders, and thermal cameras, to co-opt them into the botnet. So far, dark_nexus comprises at least 1,372 bots, acting as a reverse proxy, spanning across various locations in China, South Korea, Thailand, Brazil, and Russia. "While it might share some features with previously known IoT botnets, the way some of its modules have been developed makes it significantly more potent and robust," the researchers said . "For example, payloads are compiled for 12 different CPU architectures and dynamically deliver...

A teenage student has been charged with running a supplying malware that was used for launching distributed denial of service (DDoS) attacks against websites of some of the world's leading businesses. Jack Chappell , an 18-year-old teenager from Stockport, is accused of helping cyber criminals with his DDoS booter service (DDoS-for-hire service) to flood millions of websites around the world with the massive amount of data and eventually bring them down, making them unavailable to their users. Among the victims that were allegedly attacked by Chappell's malware are the National Crime Agency (NCA), T-Mobile, O2, Virgin Media, the BBC, Amazon, Vodafone, BT, Netflix, and NatWest that had its online banking systems down in a 2015 cyber attack. Chappell is charged following an investigation led by the West Midlands Regional Cyber Crime Unit and assisted by Israeli Police, the Federal Bureau of Investigation (FBI) and Europol's European Cybercrime Centre (EC3). According t...

The problem is simple: all breaches start with initial access, and initial access comes down to two primary attack vectors – credentials and devices. This is not news; every report you can find on the threat landscape depicts the same picture.  The solution is more complex. For this article, we'll focus on the device threat vector. The risk they pose is significant, which is why device management tools like Mobile Device Management (MDM) and Endpoint Detection and Response (EDR) are essential components of an organization's security infrastructure. However, relying solely on these tools to manage device risk actually creates a false sense of security. Instead of the blunt tools of device management, organizations are looking for solutions that deliver device trust . Device trust provides a comprehensive, risk-based approach to device security enforcement, closing the large gaps left behind by traditional device management solutions. Here are 5 of those limitations and how to ov...

Europol has announced that the law enforcement agencies from 13 countries around the globe have arrested 34 users of Netspoof DDoS attack tool and interviewed and warned 101 suspects in a global crackdown. According to the report published on the official website of Europol, law enforcement authorities worldwide have made the arrest between 5 December and 9 December 2016. Europol's European Cybercrime Centre (EC3) supported the law enforcement agencies in their efforts to identify suspects in the European Union and beyond. Arrested Suspects Are Mainly Teenagers All those arrested are mainly "young adults under the age of 20," who are suspected of paying for Netspoof stresser as well as booters services to maliciously deploy DDoS-for-hire software and using them to launch cyber attacks. The ddos attacks flooded target websites and web servers with massive amounts of data, leaving those services inaccessible to users. Europol's European Cybercrime Cent...