2015, DDOS and Internet - Cyber Security Informer

Six Charged in Mass Takedown of DDoS-for-Hire Sites

Krebs on Security

DECEMBER 14, 2022

Department of Justice (DOJ) today seized four-dozen domains that sold “booter” or “stresser” services — businesses that make it easy and cheap for even non-technical users to launch powerful Distributed Denial of Service (DDoS) attacks designed knock targets offline. The DOJ also charged six U.S.

DDOS

DDOS Computers and Electronics Internet Internet

Courts Hand Down Hard Jail Time for DDoS

Krebs on Security

JANUARY 14, 2019

On Friday, a 34-year-old Connecticut man received a whopping 10-year prison sentence for carrying out distributed denial-of-service (DDoS) attacks against a number of hospitals in 2014. dual citizen, admitted attacking an African phone company in 2016, and to inadvertently knocking out Internet access for much of the country in the process.

DDOS

DDOS Internet Internet Spyware

DDoS-for-Hire Boss Gets 13 Months Jail Time

Krebs on Security

NOVEMBER 20, 2019

A 21-year-old Illinois man was sentenced last week to 13 months in prison for running multiple DDoS-for-hire services that launched millions of attacks over several years. Justice Department, in just the first 13 months of the 27-month long conspiracy, Usatyuk’s booter users ordered approximately 3,829,812 DDoS attacks.

DDOS

DDOS Internet Internet Advertising

Massive DDoS attack brought down 25% Iranian Internet connectivity

Security Affairs

FEBRUARY 9, 2020

Iran comes under cyber-attack again, a massive offensive brought down a large portion of the Iranian access to the Internet. Iran infrastructures are under attack, a massive cyberattack brought down a large portion of the Iranian access to the Internet, according to the experts the national connectivity fell to 75%.

DDOS

DDOS Internet Internet Telecommunications

AWS mitigated largest DDoS attack ever of 2.3 Tbps

Security Affairs

JUNE 17, 2020

Tbps DDoS attack, the largest ever, which surpassed the previous record of 1.7 Amazon announced it has mitigated the largest ever DDoS attack of 2.3 ” The report didn’t name the target of the DDoS attack, AWS experts only revealed that the magnitude was obtained with CLDAP reflection attack. Pierluigi Paganini.

DDOS

DDOS Advertising Internet Internet

FBI warns cyber actors abusing protocols as new DDoS attack vectors

Security Affairs

JULY 27, 2020

The FBI issued an alert last week warning about the discovery of new network protocols that have been exploited to launch large-scale DDoS attacks. The Federal Bureau of Investigation sent an alert last week warning about large-scale distributed denial of service (DDoS) attacks that abused new network protocols. continues the report.

DDOS

DDOS IoT Internet Internet

Experts warn of surge in DDoS attacks targeting education institutions

Security Affairs

SEPTEMBER 15, 2020

Experts warn of a surge in the DDoS attacks against education institutions and the academic industry across the world. The DDoS attacks are causing severe issues to the targeted education institutions such as temporarily takedown of the network and online classes. ” reads the analysis published by CheckPoint. Pierluigi Paganini.

Education

Education DDOS Advertising Cyber Attacks

Hoaxcalls Botnet expands the target list and adds new DDoS capabilities

Security Affairs

APRIL 24, 2020

The Hoaxcalls IoT botnet expanded the list of targeted devices and has added new distributed denial of service (DDoS) capabilities. The botnet was initially designed to launch DDoS attacks using UDP, DNS and HEX floods. Experts also noticed that the new variant implements 16 new DDoS capabilities. ” Radware concludes.

DDOS

DDOS IoT Advertising DNS

New Lucifer DDoS botnet targets Windows systems with multiple exploits

Security Affairs

JUNE 26, 2020

Upon infecting a system the bot turns it into a cryptomining client and could use it to launch distributed denial-of-service (DDoS) attacks. The malware author named the bot Satan DDoS, but Palo Alto Network’s Unit42 researchers dubbed it Lucifer because there’s another malware with the same name, the Satan Ransomware.

DDOS

DDOS Malware Advertising Passwords

Developer of DDoS Mirai based botnets sentenced to prison

Security Affairs

JUNE 26, 2020

A man accused to have developed distributed denial of service (DDoS) botnets based on the Mirai botnet was sentenced to 13 months in federal prison. Schuchman compromised hundreds of thousands of IoT devices, including home routers and IP cameras, to create multiple DDoS IoT botnets that he rented to carry out the attacks.

DDOS

DDOS IoT Advertising Internet

New Zealand stock exchange (NZX) halted 2 days by DDoS attack

Security Affairs

AUGUST 27, 2020

New Zealand’s stock exchange (NZX) confirmed it was hit by a massive distributed denial of service (DDoS) attack from abroad that knocked it offline two days. The DDoS attack impacted traders, anyway financial or personal information of the users was not accessed. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

DDOS

DDOS Marketing Advertising Internet

Booter Boss Interviewed in 2014 Pleads Guilty

Krebs on Security

FEBRUARY 28, 2019

A 20-year-old Illinois man has pleaded guilty to running multiple DDoS-for-hire services that launched millions of attacks over several years. But Usatyuk’s involvement in the DDoS-for-hire space very much predates that period. Booter Master ” — was heavily involved in helping to launch crippling DDoS attacks.

DDOS

DDOS Computers and Electronics Internet Internet

Enemybot, a new DDoS botnet appears in the threat landscape

Security Affairs

APRIL 17, 2022

Enemybot is a DDoS botnet that targeted several routers and web servers by exploiting known vulnerabilities. Researchers from Fortinet discovered a new DDoS botnet, tracked as Enemybot, that has targeted several routers and web servers by exploiting known vulnerabilities. Upon installing the threat, the bot drops a file in /tmp/.pwned

DDOS

DDOS Architecture Malware Cybercrime

T-Mobile suffered a major outage in the US allegedly caused by a massive DDoS attack

Security Affairs

JUNE 16, 2020

Wireless carrier T-Mobile suffered a major outage in the United States, that impacted service at other carriers, due to a “massive” DDoS attack. Wireless carrier T-Mobile suffered a massive DDoS attack that caused a major outage in the United States that impacted service at other carriers due to a “massive” DDoS attack.

DDOS

DDOS Mobile Wireless Advertising

DDoS-for-Hire Services operator sentenced to 13 months in prison

Security Affairs

NOVEMBER 15, 2019

the administrator of DDoS-for-hire services was sentenced to 13 months in prison, and additional three years of supervised release. Usatyuk , a man that was operating several DDoS-for-hire services was sentenced to 13 months in prison, and additional three years of supervised release. Sergiy P. , hours of network downtime.

DDOS

DDOS Computers and Electronics Advertising Internet

The operator of DDoS-for-hire service pleads guilty

Security Affairs

MARCH 3, 2019

Usatyuk developed and operated other DDoS-for-hire services with a co-conspirator between August 2015 and November 2017. 12, 2017, an advertising on the ExoStresser website ( exostress.in) said that the booter service alone had launched 1,367,610 DDoS attacks, and caused targeted victim computer systems to suffer 109,186.4

DDOS

DDOS Cybercrime Advertising Cyber Attacks

SANDMAN AND FINEPROXY BEHIND THE DDOS ATTACKS AGAINST TIMETV.LIVE

Security Affairs

APRIL 28, 2020

Timetv.live is the latest Azeri news site targeted by Denial of Service (DDoS) attacks launched by Sandman threat actor, the attack took place on March 21, 2020. Just like many other DDoS attacks we have seen in the past against Azeri media, the attacker monitors the success of the floods using the HostTracker service.

DDOS

DDOS Media VPN Advertising

Law enforcement take down 15 DDoS-for-Hire services

Security Affairs

DECEMBER 22, 2018

The Department of Justice (DoJ) announced that the FBI seized 15 domains associated with DDoS-for-hire services. The FBI has seized 15 domains associated with DDoS-for-hire services (aka booters or stressers ) that were used by their customers to launch powerful DDoS attacks. Authorities Take Down 15 DDoS-for-Hire Websites.

DDOS

DDOS Advertising Internet Internet

Mirai-based DDoS botnet IZ1H9 added 13 payloads to target routers

Security Affairs

OCTOBER 11, 2023

A Mirai-based DDoS botnet tracked as IZ1H9 has added thirteen new exploits to target routers from different vendors, including D-Link, Zyxel, and TP-Link. Below is the list of exploit payloads added to the bot: D-Link: CVE-2015-1187 , CVE-2016-20017 , CVE-2020-25506 , and CVE-2021-45382. ” concludes the analysis.

DDOS

DDOS Wireless Architecture IoT

Brazil expert discovers Oracle flaw that allows massive DDoS attacks

Security Affairs

OCTOBER 17, 2018

million servers running the RPCBIND service from being used in amplified DDoS attacks. The exploitation of this vulnerability could cause major problems on the Internet. million servers running RPCBIND on the Internet. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

DDOS

DDOS Internet Internet System Administration

Imperva mitigated DDoS attack generated 500 Million Packets per Second, the largest ever

Security Affairs

JANUARY 30, 2019

Imperva mitigated a SYN flood DDoS attack against one of its clients that exceeded 500 million packets per second, this is the largest ever. This attack was a SYN flood DDoS and it is the largest DDoS attack by packet volume ever observed. . Since today, the 2018 GitHub DDoS attack that peaked 1.35 or instance.

DDOS

DDOS Advertising Internet Internet

Number of hacktivist attacks declined by 95 percent since 2015

Security Affairs

MAY 18, 2019

According to a study conducted by IBM, the number of hacktivist attacks that caused quantifiable damage has declined by 95 percent since 2015. Researchers analyzed data collected by IBM’s X-Force threat intelligence unit between 2015 and 2019. X-Force data shows only eight Anonymous attacks in 2015 and 2016, and only one in 2018.

Advertising

Advertising Data collection DDOS Healthcare

Dutch police shut down bulletproof service hosting tens of DDoS botnets

Security Affairs

OCTOBER 3, 2019

Dutch police seized a bulletproof hosting service in a major takedown, the infrastructure was used by tens of IoT botnets involved in DDoS attacks. The servers were hosted at an unnamed data center in Amsterdam, it was used by tens of IoT botnets involved in DDoS attacks worldwide. ” continues the statement. Pierluigi Paganini.

DDOS

DDOS IoT Cybercrime Malware

A few dollars to bring down sites with new Bushido-based DDoS-for-hire service

Security Affairs

OCTOBER 27, 2018

Security researchers at FortiGuard Labs have discovered a new DDoS-for-hire service called “ 0x-booter” built with leaked code that implements an easy to use interface. “ The DDoS-for-hire service allows users to power different attacks, primarily at the Transport and Application layers. ” .

DDOS

DDOS IoT Advertising Hacking

Experts warn of spike in TCP DDoS reflection attacks targeting Amazon, SoftLayer and telco infrastructure

Security Affairs

NOVEMBER 11, 2019

Researchers from Radware reported that massive TCP SYN-ACK DDoS reflection attacks hit Amazon, SoftLayer and telecom infrastructure in the last month. Researchers from Radware are warning of a wave of TCP SYN-ACK DDoS reflection attacks that in the last 30 days hit Amazon, SoftLayer and telecom infrastructure. Pierluigi Paganini.

DDOS

DDOS Telecommunications Advertising Cybercrime

China used the Great Cannon DDoS Tool against forum used by Hong Kong protestors

Security Affairs

DECEMBER 5, 2019

China is accused to have used the “Great Cannon” DDoS tool to launch attacks against LIHKG , a forum used by Hong Kong residents to organize protests. The last time the Great Cannon was used by the Chinese authorities was in 2017 when it was involved in DDoS attacks on the Mingjingnews.com site, a US-based Chinese media outlet.

DDOS

DDOS Firewall Advertising Government

The CallStranger UPnP vulnerability affects billions of devices

Security Affairs

JUNE 9, 2020

that affects billions of devices, it could be exploited by attackers to carry out multiple malicious activities, including distributed denial-of-service (DDoS) attacks and data exfiltration. The researcher believes that botnets might soon start exploiting the flaw to launch DDoS attacks abusing end-user devices. Pierluigi Paganini.

DDOS

DDOS Internet Internet Advertising

Attackers are hacking NSC Linear eMerge E3 building access systems to launch DDoS attacks

Security Affairs

FEBRUARY 3, 2020

L inear eMerge E3 smart building access systems designed by N ortek Security & Control (NSC) are affected by a severe vulnerability (CVE-2019-7256) that has yet to be fixed and attackers are actively scanning the internet for vulnerable devices. Passwords can be found in p roduct documentation and compiled lists available on the Internet.”

DDOS

DDOS Hacking Internet Internet

Massive increase in XorDDoS Linux malware in last six months

Malwarebytes

MAY 25, 2022

Based on a case study in 2015 , Akamai strengthened the theory that the malware may be of Asian origin based on its targets. Since Linux is deployed on many IoT (Internet of Things) devices and cloud infrastructures, we are likely to see DDoS (distributed denial-of-system) attacks from botnets that have compromised such devices.

Malware

Malware IoT DDOS DNS

Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online

Security Affairs

JANUARY 19, 2020

According to ZDNet that first published the news, the list was leaked on a popular hacking forum by the operator of a DDoS booter service. The list appears to be the result of an Internet scan for devices using default credentials or easy-to-guess passwords. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT DDOS InfoSec Internet

‘Satori’ IoT Botnet Operator Pleads Guilty

Krebs on Security

SEPTEMBER 3, 2019

has pleaded guilty to federal hacking charges tied to his role in operating the “ Satori ” botnet, a crime machine powered by hacked Internet of Things (IoT) devices that was built to conduct massive denial-of-service attacks targeting Internet service providers, online gaming platforms and Web hosting companies.

IoT

IoT Internet Internet Hacking

British hacker sentenced to jail for attack on Liberian Telecoms firms

Security Affairs

JANUARY 11, 2019

An employee of the rival firm Cellcom paid Kaye to carry out a DDoS attack on the Liberian phone and internet provider Lonestar. Daniel Kaye admitted that the DDoS attack aimed at the African telco company inadvertently isolated Liberia from the Internet. SecurityAffairs – Liberia, DDoS). ” reported the BBC.

DDOS

DDOS Telecommunications Internet Internet

Hacker who disrupted Sony gaming gets a 27-months jail sentence

Security Affairs

JULY 4, 2019

Austin Thompson (23) from Utah, the hacker who carried out massive DDoS attacks on Sony, EA, and Steam gets a 27-months prison sentence. The hacker who brought offline with massive DDoS attacks online gaming networks between December 2013 and January 2014 has been sentenced to 27 months in prison. SecurityAffairs – Sony, DDoS).

DDOS

DDOS Computers and Electronics Advertising Internet

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Krebs on Security

JANUARY 8, 2024

For example, in 2010 Spamdot and its spam affiliate program Spamit were hacked, and its user database shows Sal and Icamis often accessed the forum from the same Internet address — usually from Cherepovets , an industrial town situated approximately 230 miles north of Moscow. And there were many good reasons to support this conclusion.

Cybercrime

Cybercrime Banking Computers and Electronics DDOS

Kaiji, a new Linux malware targets IoT devices in the wild

Security Affairs

MAY 5, 2020

Security researchers spotted a new piece of DDoS bot dubbed Kaiji that is targeting IoT devices via SSH brute-force attacks. The malicious code was designed to target Linux-based servers and Internet of Things (IoT) devices and use them as part of a DDoS botnet. You may want to block #C2 at: 1[.]versionday[.]xyz versionday[.]xyz

IoT

IoT Malware DDOS Advertising

Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways

Security Affairs

MAY 19, 2020

which is a product that became end-of-life (EOL) in 2015 and end-of-support-life (EOSL) in 2019.” The botnet borrows the code from Tsunami and Gafgyt botnets, it expanded the list of targeted devices and added new distributed denial of service (DDoS) capabilities. ” reads the analysis published by Palo Alto Networks.

IoT

IoT DDOS Authentication Firmware

Creator of multiple IoT botnets, including Satori, pleaded guilty

Security Affairs

SEPTEMBER 4, 2019

Kenneth Currin Schuchman (21) from Vancouver, Washington pleaded guilty to creating and operating multiple DDoS IoT botnet , including Satori. Kenneth Currin Schuchman (21) from Vancouver, Washington, aka Nexus Zeta, pleaded guilty to creating and operating multiple DDoS IoT botnets.

IoT

IoT DDOS Internet Internet

Security Affairs newsletter Round 251

Security Affairs

FEBRUARY 16, 2020

Massive DDoS attack brought down 25% Iranian Internet connectivity. Safer internet day – Cybercrime facts Infographic. Reading the 2019 Internet Crime Complaint Center (IC3) report. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. A new round of the weekly newsletter arrived!

Cyber Attacks

Cyber Attacks Banking Internet Internet

The Mystery of Fbot

Security Affairs

JANUARY 21, 2020

This wave is a significant timeline as a technology step-up for DDoS botnet and IoT malware development. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Figure 1 – Vamp’s account on Twitter). Would it mean that the coder of Fbot is abandoning his botnet after all of this time? Pierluigi Paganini.

DDOS

DDOS IoT Malware Advertising

Ecuador suffered 40 Million Cyber attacks after the Julian Assange arrest

Security Affairs

APRIL 16, 2019

.” Javier Jara, undersecretary of the electronic government department of the telecommunications ministry, confirmed that groups linked to Julian Assange launched “volumetric attacks” that blocked access to the internet. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Cyber Attacks

Cyber Attacks DDOS Telecommunications Government

FreakOut botnet target 3 recent flaws to compromise Linux devices

Security Affairs

JANUARY 19, 2021

The attacks aimed at compromising the tarted systems to create an IRC botnet, which can later be used to conduct several malicious activities, including DDoS attacks and crypto-mining campaign. DDOS and Flooding – HTTP, DNS, SYN Self-implementation of Slowlaris. Once infected a device, it will be later used as an attacking platform.

DDOS

DDOS DNS Malware Internet

Law enforcement and Microsoft join forces to dismantle botnet using LED Light Control Console

Security Affairs

APRIL 20, 2020

Threat actors used the consoles to deliver malware and ransomware through an IoT botnet that was also used to launch distributed denial-of-service (DDoS) attacks. “One particular IP was associated with dozens of activities related to the distribution of malware, phishing emails, ransomware, and DDoS attacks.”

IoT

IoT DDOS Advertising Malware

New Mirai variant includes exploit for a flaw in Comtrend Routers

Security Affairs

JULY 14, 2020

Malware researchers at Trend Micro have discovered a new version of the Mirai Internet of Things (IoT) botnet that includes an exploit for the CVE-2020-10173 vulnerability impacting Comtrend routers. Experts believe that vulnerability impacting Comtrend routers will likely be exploited by other DDoS botnets. Pierluigi Paganini.

IoT

IoT Advertising DDOS Authentication

Crooks exploit exposed Docker APIs to build AESDDoS botnet

Security Affairs

JUNE 15, 2019

Threat actors are actively scanning the Internet for exposed Docker APIs on port 2375 and use them to deliver a malicious code that drops the AESDDoS Trojan. ” The AESDDoS malware is active since at least since 2014 and it was used to build large DDoS botnet. launching DDoS attacker, mining cryptocurrency, etc.).

DDOS

DDOS Malware Advertising Cryptocurrency

Six Charged in Mass Takedown of DDoS-for-Hire Sites

Courts Hand Down Hard Jail Time for DDoS

Trending Sources

DDoS-for-Hire Boss Gets 13 Months Jail Time

Massive DDoS attack brought down 25% Iranian Internet connectivity

AWS mitigated largest DDoS attack ever of 2.3 Tbps

FBI warns cyber actors abusing protocols as new DDoS attack vectors

Experts warn of surge in DDoS attacks targeting education institutions

Hoaxcalls Botnet expands the target list and adds new DDoS capabilities

New Lucifer DDoS botnet targets Windows systems with multiple exploits

Developer of DDoS Mirai based botnets sentenced to prison

New Zealand stock exchange (NZX) halted 2 days by DDoS attack

Booter Boss Interviewed in 2014 Pleads Guilty

Enemybot, a new DDoS botnet appears in the threat landscape

T-Mobile suffered a major outage in the US allegedly caused by a massive DDoS attack

DDoS-for-Hire Services operator sentenced to 13 months in prison

The operator of DDoS-for-hire service pleads guilty

SANDMAN AND FINEPROXY BEHIND THE DDOS ATTACKS AGAINST TIMETV.LIVE

Law enforcement take down 15 DDoS-for-Hire services

Mirai-based DDoS botnet IZ1H9 added 13 payloads to target routers

Brazil expert discovers Oracle flaw that allows massive DDoS attacks

Imperva mitigated DDoS attack generated 500 Million Packets per Second, the largest ever

Number of hacktivist attacks declined by 95 percent since 2015

Dutch police shut down bulletproof service hosting tens of DDoS botnets

A few dollars to bring down sites with new Bushido-based DDoS-for-hire service

Experts warn of spike in TCP DDoS reflection attacks targeting Amazon, SoftLayer and telco infrastructure

China used the Great Cannon DDoS Tool against forum used by Hong Kong protestors

The CallStranger UPnP vulnerability affects billions of devices

Attackers are hacking NSC Linear eMerge E3 building access systems to launch DDoS attacks

Massive increase in XorDDoS Linux malware in last six months

Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online

‘Satori’ IoT Botnet Operator Pleads Guilty

British hacker sentenced to jail for attack on Liberian Telecoms firms

Hacker who disrupted Sony gaming gets a 27-months jail sentence

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Kaiji, a new Linux malware targets IoT devices in the wild

Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways

Creator of multiple IoT botnets, including Satori, pleaded guilty

Security Affairs newsletter Round 251

The Mystery of Fbot

Ecuador suffered 40 Million Cyber attacks after the Julian Assange arrest

FreakOut botnet target 3 recent flaws to compromise Linux devices

Law enforcement and Microsoft join forces to dismantle botnet using LED Light Control Console

New Mirai variant includes exploit for a flaw in Comtrend Routers

Crooks exploit exposed Docker APIs to build AESDDoS botnet

Stay Connected