KrebsOnSecurity поражен новым огромным IoT-ботнетом “Meris”

В четверг вечером сайт KrebsOnSecurity подвергся довольно массированной (и, к счастью, кратковременной) распределенной атаке типа “отказ в обслуживании” (DDoS). Атака исходила от “Мериса“, того же нового ботнета, который на этой неделе совершил рекордные атаки на российского поискового гиганта “Яндекс”, а летом этого года – на компанию Cloudflare. Cloudflare недавно написала о своей атаке, которая достигла … Читать далее

Are the Days of “Booter” Services Numbered?

It may soon become easier for Internet service providers to anticipate and block certain types of online assaults launched by Web-based attack-for-hire services known as “booter” or “stresser” services, new research released today suggests. The findings come from researchers in Germany who’ve been studying patterns that emerge when miscreants attempt to mass-scan the entire Internet … Читать далее

Spreading the DDoS Disease and Selling the Cure

Earlier this month a hacker released the source code for Mirai, a malware strain that was used to launch a historically large 620 Gbps denial-of-service attack against this site in September. That attack came in apparent retribution for a story here which directly preceded the arrest of two Israeli men for allegedly running an online attack for hire service called … Читать далее

Alleged vDOS Proprietors Arrested in Israel

Two young Israeli men alleged to be the co-owners of a popular online attack-for-hire service were reportedly arrested in Israel on Thursday. The pair were arrested around the same time that KrebsOnSecurity published a story naming them as the masterminds behind a service that can be hired to knock Web sites and Internet users offline with powerful … Читать далее

Inside ‘The Attack That Almost Broke the Internet’

In March 2013, a coalition of spammers and spam-friendly hosting firms pooled their resources to launch what would become the largest distributed denial-of-service (DDoS) attack the Internet had ever witnessed. The assault briefly knocked offline the world’s largest anti-spam organization, and caused a great deal of collateral damage to innocent bystanders in the process. Here’s … Читать далее

Stress-Testing the Booter Services, Financially

The past few years have witnessed a rapid proliferation of cheap, Web-based services that troublemakers can hire to knock virtually any person or site offline for hours on end. Such services succeed partly because they’ve enabled users to pay for attacks with PayPal. But a collaborative effort by PayPal and security researchers has made it far more difficult for these services to … Читать далее

Spreading the Disease and Selling the Cure

When Karim Rattani isn’t manning the till at the local Subway franchise in his adopted hometown of Cartersville, Ga., he’s usually tinkering with code. The 21-year-old Pakistani native is the lead programmer for two very different yet complementary online services: One lets people launch powerful attacks that can knock Web sites, businesses and other targets … Читать далее

Lizard Kids: A Long Trail of Fail

The Lizard Squad, a band of young hooligans that recently became Internet famous for launching crippling distributed denial-of-service (DDoS) attacks against the largest online gaming networks, is now advertising its own Lizard-branded DDoS-for-hire service. Read on for a decidedly different take on this offering than what’s being portrayed in the mainstream media. Lizard Stresser login page taunts … Читать далее