ddos attack | Breaking Cybersecurity News | The Hacker News

16-Year-Old Teenager has been arrested over his alleged involvement in the World's biggest largest DDoS attacks against the Dutch anti-spam group Spamhaus . The teenager, whose name is unknown at this point, was arrested by British police in April, but details of his arrest were just leaked to the British press on Thursday. He was taken into custody when police swooped on his south-west London home after investigations identified significant sums of money were flowing through his bank account. The suspect was found with his computer systems open and logged on to various virtual systems and forums. The March 20 attack on Spamhaus has been dubbed as the " biggest cyber attack in the history of the Internet " which saw server of the Dutch anti-spam organization being bombarded with traffic in tune of 300 billion bits per second (300Gbps). A DDoS attack takes place when hackers use an army of infected computers to send traffic to a server, causing a shutdown in the process. I

There is currently a Mega cyber attack campaign being launched on a large number of WordPress websites across the Internet.  In April, 2012 we reported about a large distributed brute force attack against millions of WordPress sites were occurring, out of that hackers are successful to compromise 90,000 servers to create a large Botnet  of Wordpress hosts. According to the DDOS attack logs report  received from a ' The Hacker News ' reader ' Steven Veldkamp ', victim's website was under under heavy DDOS attack recently, coming from various compromised Wordpress based websites. Possibly using the brute force attack on WordPress administrative portals with the a world list of the most commonly used username and password combinations, attackers are taking control of many poorly secured WordPress Hosts. After analyzing the piece of a DDOS attack Log file from timing 23/Sep/2013:13:03:13 +0200 to 23/Sep/2013:13:02:47 +0200, we found that in 26 second attacker was

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

The Fourth Edition of an International Information Security Conference hosted in Romania , The DefCamp 2013  is now open for Call for Papers . Over 300 Security experts, Researchers, and Enthusiasts from Romania and neighboring countries are expected to take part in the event in Bucharest, at the Crystal Palace Ballroom on November 29-30, 2013 . The Crystal Palace Ballroom is hosting one of the most mesmerizing event of Hacking & Information security in Romania, Defcamp.  In its Fourth year, The conference aims - continues to impress its audience with IT knowledge sharing, competition with varying levels of difficulty, Romanian and foreign speakers, surprises and fun. " We have awaited the 48 hours of DefCamp 2013 since the closing moment of the last edition.  It is hypnotizing to exchange ideas, to compete, to expand your knowledge and to meet people  who you know only from the virtual world. DCTF (DefCamp Capture the Flag) - our main  competition of the co

During the weekend China's Internet was taken down by a powerful distributed denial of service (DDoS) attack on the .cn domain slowed and blocked Internet access inaccessibility for hours. Security expert clarified that China could have been perpetrated by sophisticated hackers or by a single individual. The China Internet Network Information Center [ CINIC ] reported that the attack began at 02:00 local time on Sunday with a peek at 04:00 that made it the largest DDoS attack the country's networks have ever faced. The CCINIC is responsible for registering sites in the .cn domain. Before malicious coders can launch a DDoS attack, they must infect the computers of unsuspecting users, often by tricking people into installing malware on their computers. The China Internet Network Information Center confirmed the attack with an official statement informing internet users that it is gradually restoring web services and that will operate to improve the security leve

Internet Activists and Collective Hacker group Anonymous carried out a series of cyber attacks on Turkish government websites in retaliation for violent police response to anti-government protests, launched #OpTurkey operation. There are several videos to be seen on YouTube about the protest of yesterday, one of the videos show one of the protesters wearing an Anonymous mask . " You have censored social media and other communications of your people in order to suppress the knowledge of your crimes against them. Now Anonymous will shut you down and your own people will remove you from power, " the group tells the Turkish administration. The Anonymous attack came after a series of brutal clashes between police and protesters that arose on Friday after Turkish police conducted a crackdown on a peaceful environmental demonstration in Istanbul's Taksim Square. With #opTurkey , the hacktivist collective plans to "attack every Internet and communications asset of the Turkish g

DDoS attackers attempted to bring down an Banking services earlier this week using one of the largest Distributed denial of service attack using DNS reflection technique. Prolexic, the global leader in Distributed Denial of Service (DDoS) protection services, announced  that it has successfully mitigated the largest DNS reflection attack ever recorded, which peaked at 167 Gigabits per second (Gbps). The company did not name the target of the digital assault. DNS-reflection was the attack method used in Operation Stophaus , an attack waged in March by The Spamhaus Project, a Geneva-based not-for-profit organization dedicated to fighting Internet spam . When Spamhaus was assaulted by a vast 300Gbps peak DNS reflection attack, it engaged the help of a content delivery network (CDN) called CloudFlare to help defend itself. The DNS Reflection Denial of Service (DrDoS) technique exploits security weaknesses in the Domain Name System (DNS) Internet protocol. Using Internet protocol spoof

A website that can be described as " DDoS for hire " is perfectly legitimate, according to the owner. Malicious sites that offer attack services are not strangers on the Internet, but web sites sponsored by law enforcement is another story altogether. Ragebooter, is one of many sites that accepts payment through PayPal in order to flood sites with junk traffic, overloading servers and denying others access. The service uses a technique called DNS reflection to flood a website and amplify the amount of traffic directed at an address. Unlike other existing sites that offer similar services, the Ragebooter have particularly interesting back door leading directly to the FBI. It seems that the Federal Investigation Bureau uses the site to monitor the activity of users on the network, and that added to the site IP Logger that keeps the IP addresses of all users coming to the site. Investigation shows the site operator is a guy named Justin Folland located in M

#OpUSA campaign is officially started, the day has come, today May 7 as announced by Anonymous , a coordinated online attack will hit Banking and government websites. The announcement made by popular group of hacktivists is creating great concerns between US security experts in charge of defense the potential targets. The message passed sent by Anonymous to US authorities is eloquent, " We Will Wipe You Off the Cyber Map "  A new wave of attacks, presumably distributed-denial-of-service attack , is expected to hit principal US financial institutions exactly as already happened in the last months. The hacktivists participating to OpUSA campaign protest against the policy of the US Government blamed to have committed war crimes in foreign states and in its countries. "A nonymous will make sure that's this May 7 will be a day to remember. On that day anonymous will start phase one of operation USA. America you have committed multiple war crimes in Iraq, Afg

Distributed Denial of Service attacks have increased in scale, intensity and frequency. The wide range of motives for these attacks political , criminal, or social makes every merchant or organization with an online presence a potential target. Over the weekend Incapsula mitigated a unique DDoS attack against a large gaming website, in which they have discovered a DDoS attack using thousands of legitimate WordPress blogs without the need for them to be compromised. Incapsula released the list of approximately 2,500 WordPress sites from where the attack was originated, including some very large sites like Trendmicro.com, Gizmodo.it and Zendesk.com . In a recent report , we posted about another method for DDoS attacks using DNS amplification , where a DNS request is made to an open DNS resolver with the source IP address forged so that it is the IP address of the targeted site to which the response is thus sent, but this new method uses HTTP rather than DNS. The

The Dutch police have confirmed the arrest of a 35-year-old man suspected of taking part in a massive DDoS attack against the anti-spam group Spamhaus back in March . The attack's bandwidth peaked at over 300Gbps, making it the largest DDoS attack in history. Their target, Spamhaus, is a company which creates blacklists of spam sites and sells them to Internet Service Providers. Spamhaus was attacked with DDOS and the website overcrowded with traffic and went offline. Later CloudFlare was hired by Spamhaus to protect against such attacks. The suspect was arrested by Spanish authorities in Barcelona based on a European arrest warrant and is expected to be transferred to the Netherlands soon. The man arrested is believed to be Sven Kamphuis, the owner and manager of Dutch hosting firm Cyberbunker that has been implicated in the attack. This DDoS attack was believed to have been sparked when Spamhaus placed CyberBunker on its spam blacklist. Cyberbunker is a D

In recent months the DDoS world has shifted from complex small scale Botnet attacks to much larger network based DDoS attacks , perpetrated largely by hijacked web servers. How many of these hijacked servers are out there remains to be seen. However, Incapsula recently got a very good idea of just how large these DDoS cannons are getting. Last Saturday Incapsula mitigated a rather small, 4Gbps DDoS attack, but this time it had a different pattern that attracted our attention. At first sight the attack seemed rather simple, generating 8 million DNS queries per second, to many domains, from spoofed IP addresses (using real domain name servers' IPs). But this time it included a hint about where it was coming from: all that traffic was coming from the same source. Probably on the same network, maybe even the same device. Tracing it to a single Source - TTL Giveaway Incapsula were able to trace the attack to a single source because this time the attackers slipped-u

Last April 7th the Anonymous collective hit the Israeli networks with a huge as historic offensive, for the first time an independent group of hackers declared war to a Governments to protest against its policy. Many web sites of the country were hit by DDoS attacks, the data on the event reported by Israel government are totally different from the information published by Anonymous that produced a report for #OpIsrael in which total damage are estimated of $3-plus billion. According security experts at TrendMicro the collective adopted various botnet coordinating large scale attacks, analyzing traffic directed to one of the targeted website, the researchers discovered that meanwhile usually more of 90% of the traffic is originated in Israel, during the attack almost the entire traffic was originated outside the country and internal connections have fallen to 9% as shown in the following chart: What is surprising is that TrendMicro discovered that many IP addre

Three members of the high profile internet hacktivist group LulzSec have admitted to their parts in a series of cyber attacks against the NHS, Sony and News International. Ryan Ackroyd, Jake Davis and Mustafa Al-Bassam, pleaded guilty to one charge of carrying out an unauthorized act to impair the operation of a computer, contrary to the Criminal Law Act 1977. In July 2011 the Sun's website was hacked and users were briefly re-directed to a spoof page that falsely claiming that Rupert Murdoch had died. Davis, from Shetland, and Bassam, a student from Peckham, south London, admitted conspiring to bring down the websites of law enforcement authorities in Britain and the US, including the CIA and the Serious Organized Crime Agency (SOCA). The group, an offshoot of the Anonymous hacktivists, but Both LulzSec and Anonymous wreaked havoc throughout 2011 and 2012, knocking thousands of websites offline and pilfering data from well-known companies. The men are said to h

A vulnerability in AirDroid application  which provides wireless management of your Android phone or tablet from any browser on the same Wi-Fi network allow hackers  to perform Dos attack from your Android device. Cross Site scripting or  XSS vulnerability in the browser version of AirDroid allows an attacker is able to send a malicious text message to the browser associated with the account when attacker is able to get access to a phone with AirDroid installed. According to advisory posted by US-Cert , When this message is viewed on the AirDroid web interface an attacker can conduct a cross-site scripting attack, which may be used to result in information leakage, privilege escalation, and/or denial of service on the host computer. Vulnerability is currently not patched and also AirDroid team didn't annouce any update regarding fix. As a general good security practice, only allow connections from trusted hosts and networks. Flaw registered as  CVE-2013-0134

The last week has seen probably the largest distributed denial-of-service (DDoS) attack ever. A massive 300Gbps was thrown against Internet blacklist maintainer Spamhaus' website but the anti-spam organisation , CloudFlare was able to recover from the attack and get its core services back up and running.  Spamhaus, a group based in both London and Geneva, is a non-profit organisation that aims to help email providers filter out spam and other unwanted content. Spamhaus is pretty resilient, as its own network is distributed across many countries, but the attack was still enough to knock its site offline on March 18. Five national cyber-police-forces are investigating the attacks.  A group calling itself STOPhaus,  an alliance of hactivists and cyber criminals is believed to responsible for bombarding Spamhaus with up to 300Gbps. The attacks on Spamhaus illustrate a larger problem with the vulnerability of systems fundamental to the architecture of the Internet, the D

Computer networks at major South Korean banks and top TV broadcasters crashed simultaneously Wednesday, during a Massive cyber attack. South Korean police investigating reports from several major broadcasters and banks. least three broadcasters KBS, MBC and YTN and the Shinhan and Nonghyu banks reported that their computer networks had been crached. The state-run Korea Information Security Agency said that Screens went blank at 2 p.m. and more than seven hours later some systems were still down.  The take down was apparently not from a distributed denial-of-service (DDOS) attack, but a virus that has apparently infected machines in these organizations and delivered its payload simultaneously. An official at the Korea Communications Commission said investigators speculate that malicious code was spread from company servers that send automatic updates of security software and virus patches. The Associated Press says: " The latest network paralysis took place ju

Incapsula announced this week that they're offering an intriguing Backdoor Protection feature for sites using their cloud-based website security and performance services. What's a Backdoor? A backdoor is a malicious function that enables hackers to remotely operate a site or server, even after whatever exploit they used for initial access has been patched. Installing a backdoor is often the first thing a hacker will do after gaining access to your site - so if you've been hacked before, there's a good chance you've already got one. Hackers love backdoors because they provide easy return access to the site. Once installed, backdoors can used to distribute spam and malware, launch distributed denial of service (DDoS) attacks, or to help steal valuable data like credit card numbers. Recently, Incapsula reported how during the ongoing DDoS attacks against United States banks, a backdoor was used to turn a compromised site into a unwilling foot-soldier in the hackers Zombie Bo

Incapsula security study reveals how a simple neglect in managing the administrative password of a small UK site was quickly exploited by Botnet shepherds operating obscurely out of Turkey to hurl large amounts of traffic at American banks. If you've been following the news, you are probably aware of a wave of DDoS attacks that recently hit several major U.S. banks. Izz ad-Din al-Qassam, a hacker group that claimed responsibility for these attacks, declared them to be a retaliation for an anti-Islam video that mocked the Prophet Muhammad and a part of the on-going "Operation Ababil." As the reports of the attack started to roll in, Incapsula security team was able to uncover one of the secret foot-soldiers behind the assault: a compromised general-interest UK-based website that was trying to hurl large chunks of junk traffic at three of the world's largest financial institutions (PNC, HSBC and Fifth Third Bank). At On the eve of the attack, this website sud

U.S. intelligence sources confirmed that, Official websites of Al-Qaida were knocked offline two weeks back and still down due to DDoS attack. According to source , " This is one of the longest disruptions the organization has experienced since it set up its online distribution system in 2006. Al-Qaida also was hit by a massive cyber attack in late 2008, from which the online network never recovered ." The websites are forced to offline, just before the release of a film titled as " Salil al-Sawarim 3 ", which is actually the propaganda video of Iraqi soldiers with dead insurgents by Al-Qaida. From last few months, online jihadists are discussing the release and had been sharing images and footage from the production. The cyber attack comes as the U.S. State Department, according to a senior official. The cyber attack on Al-Qaida network delayed the release of movie. According to another source, the last version " Salil As-Sawarim 2 " movie was do

Accunetix a web application security company reported vulnerabilities found in the Wordpress Pingback feature. According to report, Pingback vulnerability exists in the WordPress blogging platform that could leak information and lead to distributed denial of service (DDoS) attacks. " WordPress has an XMLRPC API that can be accessed through the xmlrpc.php file. When WordPress is processing pingbacks, it's trying to resolve the source URL, and if successful, will make a request to that URL and inspect the response for a link to a certain WordPress blog post. If it finds such a link, it will post a comment on this blog post announcing that somebody mentioned this blog post in their blog. " Bogdan Calin explained . Pingback is one of three types of linkbacks, methods for Web authors to request notification when somebody links to one of their documents. This enables authors to keep track of who is linking to, or referring to their articles. Some weblog software, such as Mo