Feeds

DDoS botnet attacks gold miners and wine makers

Malware with posh taste

Build a business case: developing custom apps

Security researchers have discovered a strain of DDoS botnet agent that launches an attack against large corporate investment groups and mining-related interests.

The technically unremarkable JKDDOS botnet launches packet-flooding attacks on targeted websites from malware-infected zombie PCs. Targets over the months have included gaming sites and online stores as well as more obscure and unusual targets.

For example, an investment firm was repeatedly targeted for attack, DDoS mitigation tool firm Arbor Networks reports.

"A well-known investment company based in New York City was attacked by a JKDDOS botnet on six separate occasions during the 10-day period starting on October 21, 2010, with the shortest and longest attacks lasting approximately three and 33 hours, respectively," Jeff Edwards, a security researcher at Arbor, writes.

"Three different victims have some connection to the gold mining industry, and one victim was a manganese miner."

The botnet, seeded from exploit-serving websites in China and the US and controlled through a command infrastructure in China, has also attacked a "a corporate holding company that invests in major wineries".

It may be that JKDDOS is a tool in an underground denial of service for hire service, at least that is the most obvious explanation that springs to mind, but there is nothing to either prove or disprove this theory in the code itself, as a detailed write-up of the malware by Arbor demonstrates. ®

Endpoint data privacy in the cloud is easier than you think

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
Microsoft's Euro cloud darkens: US FEDS can dig into foreign servers
They're not emails, they're business records, says court
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Multipath TCP speeds up the internet so much that security breaks
Black Hat research says proposed protocol will bork network probes, flummox firewalls
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
Plug and PREY: Hackers reprogram USB drives to silently infect PCs
BadUSB instructs gadget chips to inject key-presses, redirect net traffic and more
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
prev story

Whitepapers

7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?