Articles about Attack Traffic

DDoS trends: Bigger, badder but not longer

DDoS attacks once again escalated in both size and frequency during the first six months of 2016. Netscout's DDoS mitigation arm Arbor Networks warns that attacks greater than 100Gbps are far from uncommon. The security firm has monitored 274 attacks over 100Gbps in the first half of 2016, versus 223 in all of 2015. The …
John Leyden, 19 Jul 2016

Chinese gambling site served near record-breaking complex DDoS

A chinese gambling company has been pulverised with multiple nine-vector, 470 Gbps, 110 million packet-per-second distributed denial of service (DDoS) attacks, some of the biggest and most complex ever recorded. The unnamed company was attacked by DDoS that used nine vectors in a very rare bid to bypass Incapsula's mitigation …
Darren Pauli, 01 Jul 2016

Anonymous whales on Denmark, Iceland with OpKillingBay DDoS

A pair of Akamai researchers are warning that entities using the name and iconography of hacker collective Anonymous will soon expand a six-year distributed denial of service (DDoS) attack campaign against Japan to other whale-and-dolphin-eating nations. The operation, dubbed KillingBay, is detailed in a report [PDF] and is …
Darren Pauli, 22 Apr 2016

DNS root server attack was not aimed at root servers – infosec bods

The internet's root servers were not the target of a distributed denial-of-service (DDoS) attack in December which for a short time took out four of the 13 pillars of the global network. That's according to two security researchers who will present their findings at a conference in Argentina on Friday. Instead, they conclude …
Kieren McCarthy, 29 Mar 2016
Rose and Jack drowning scene Titanic. Pic: Fox pictures

Cloud sellers who acted on Heartbleed sink when it comes to DROWN

Response to the critical web-crypto-blasting DROWN vulnerability in SSL/TLS by cloud services has been much slower than the frantic patching witnessed when the Heartbleed vulnerability surfaced two years ago. DROWN (which stands for Decrypting RSA with Obsolete and Weakened eNcryption) is a serious design flaw that affects …
John Leyden, 08 Mar 2016
Tor

Lose the onion tears, Tor fanboys: CloudFlare may consider binning CAPTCHAs, says CEO

Tor users crying over CloudFlare's CAPTCHAs will soon be able to put away their onions, rather than their .onions, the company has suggested. CloudFlare CEO Matthew Prince told The Register he would love to create a no-more-tears system allowing the anonymizing network's legitimate users to access CloudFlare-hosted websites …

Roses are red, violets are blue, Valentine's Day means DDoS for you

Net scum have bashed florists with distributed denial of service attacks over Valentine's Day in a bid to extract ransoms, security analysts say. The attacks affected almost a dozen florists who were customers of security company Incapsula, and likely many others not monitored by the firm. Security bods Ofer Gayer and Tim …
Darren Pauli, 15 Feb 2016

Internet's root servers take hit in DDoS attack

The internet's root servers came under a concerted distributed denial of service (DDoS) attack last week that effectively knocked three of the 13 critical pillars of the internet offline for several hours. The attack came just days before the Janet academic network received a similar DDoS attack. According to a first analysis …
Kieren McCarthy, 08 Dec 2015
Wordpress logo

WordPress blogger patch foot-drag nag: You're tempting hackers

Misconfigured and unpatched WordPress sites are causing a rash of problems both to themselves and the wider internet. In fact, this ever-present internet security threat has flared up again over the last week because of several new issues. The most pressing problem involves a recent brute force amplification attack on …
John Leyden, 20 Oct 2015

FBI takes down Dridex botnet, seizes servers, arrests suspect

The FBI has teamed up with security vendors to disrupt the operations of Dridex banking Trojan. Multiple command-and-control (C&C) servers used by the Dridex Trojan have been taken down and seized in a co-ordinated action after the FBI obtained court orders. The take-down operation is geared towards crippling the malware’s …
John Leyden, 14 Oct 2015

DDoS defences spiked by CloudPiercer tool - paper

The real IP addresses of some 70 per cent of websites protected by popular distributed denial of service attack protection providers like CloudFlare, Prolexic and Incapsula can be revealed using a simple web tool built on newly uncovered flaws, according to a recent paper. Sensitive websites admins wishing to protect against …
Darren Pauli, 08 Oct 2015

Mobile advertising DDoS JavaScript drip serves site with 4.5bn hits

CloudFlare has turned up an unusual form of denial-of-service attack: mobile advertisements that are pumping out around 275,000 HTTP requests per second. The cloud outfit didn't name the victim, but said the Layer 7 HTTP floods hitting the target is the latest example of a once-theoretical attack turning up in the real world …
Darren Pauli, 28 Sep 2015
NBN Logo

NBN vaults Australia into global top-10 … DDoS attack sources

Australia has won the dubious honour of being named in the global top-10 DDoS sources, and in its quarterly State of the Internet report, Akamai reckons our tiny number of high-speed fibre broadband users are the cause. In its Q2 report, Akamai says that attack traffic coming from Australia topped 4 per cent of global DDoS …
steam_dota_character_648

Unable to log on to online games? Blame cheap-rate DDoSers

Running botnets-for-hire to mount DDoS attacks has become cheaper and easier than ever, according to a new research. Imperva Incapsula reckons botnet-for-hire services might be acquired for for as little $19.99 per month, via underground forums and payable in Bitcoins. Short, single-vector attacks associated with botnet-for-hire …
John Leyden, 10 Jun 2015
Moose

There's a Moose loose aboot this hoose: Linux worm hijacks Twitter feeds for spam slinging

ESET researchers Olivier Bilodeau and Thomas Dupuy have found malware capable of compromising routers and embedded devices, seizing control of social networking accounts, and booting out competitors. The duo report the Moose malware exploits weak login credentials in the networking gear, and does not require vulnerabilities to …
Darren Pauli, 26 May 2015
Two upended shopping trolleys in an alleyway. Photo by Cyron, licensecd under CC 2.0

Bank-card-sniffing shop menace Punkey pinned down in US Secret Service investigation

Security researchers have identified a new strain of point-of-sale (POS) malware during an investigation led by the US Secret Service. Stolen payment card information and the IP addresses of more than 75 infected sales tills were found by security researchers at Trustwave during the probe. It's unclear how many victims the so- …
John Leyden, 16 Apr 2015
Great Wall of China

GitHub jammed by injected JavaScript, servers whacked by DDoS

GitHub's servers are being hammered by web traffic from an army of unwitting cyber-foot-soldiers. It appears when thousands of people visit websites that serve ads and tracking code from Baidu – China's answer to Google – from outside the Middle Kingdom, network gateways on the Chinese border silently inject a JavaScript …
Shaun Nichols, 27 Mar 2015

BT Home Hub SIP backdoor blunder blamed for VoIP fraud

Flaws in a BT Home Hub set-up are being blamed for helping facilitate a VoIP scam. El Reg reader Keith Harbridge, an independent IT consultant, said his client, a firm of solicitors, is just one of number of companies stung by the scam, which occurred in early March. Independent security consultants at Pen Test Partners …
John Leyden, 25 Mar 2015

Want an Internet of Stuff? Not so 4K-ing fast ... yet – Akamai

Analysis Akamai’s quarterly State of the Internet report paints a pretty grim picture for 4K adoption. As well as charting IPv6 uptake, an important step forward to catering for the billions of new connected objects that account for the Internet of Things (IoT), the report finds that internet speeds in many countries still lag behind the …
Faultline, 19 Jan 2015

PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai

Broadband and IPv6 are hot – and distributed denial-of-service attacks and IPv4 are not. Well, that's according to Akamai. The cache-and-carry-on biz said in its latest State of the Internet report that, for the first time ever, the average connection speed for netizens is more than 4Mbps, meaning your average punter has a " …
Shaun Nichols, 30 Sep 2014
Popvote DDoS

'Most sophisticated DDoS' ever strikes Hong Kong democracy poll

One of the largest and most sophisticated distributed denial of service (DDOS) attacks has hit a controversial online democracy poll canvassing opinion on future Hong Kong elections. Over the weekend some 680,000 people cast votes in the unofficial poll that offered residents of special administrative region to highlight their …
Darren Pauli, 23 Jun 2014
Collapsed house

MUM's WordPress recipe blog USED AS ZOMBIE in DDoS attacks

Tens of thousands of vulnerable WordPress sites have been co-opted into a server-based botnet being used to run DDoS attacks. More than 160,000 legitimate WordPress sites were abused to run a large HTTP-based (layer 7) distributed flood attack against a target, which called in cloud security firm Sucuri for help. Security …
John Leyden, 12 Mar 2014
Spam

SPAM supposedly spotted leaving the fridge

It's still silly season, it seems. Tell the world that a bunch of small business broadband routers have been compromised and recruited into botnets, and the world yawns. Add in a television or a multi-media centre, and there's a faint flicker of interest – perhaps a raised eyebrow, but not much more. Add in the word “ …
Hacker baseball cap

Old JBoss vuln in the wild, needs patching

JBoss sysadmins need to get busy hardening their systems, with a rising number of attacks against the system, according to Imperva. The attacks are based on an exploit that was published back in October by Andrea Micalizzi. The exploit code gave remote attackers arbitrary code execution access to HP's PCM Plus and Application …

Indonesia becomes MOST DANGEROUS place on the internet

Indonesia has had the dubious honour of supplanting China as the number one source of attack traffic globally in the second quarter, according to the latest stats from content delivery and security firm Akamai. The vendor’s State of the Internet report for Q2 found Indonesia accounted for 38 per cent of the world’s attack …
Phil Muncaster, 17 Oct 2013

Taiwan bids to bolster security with free malware database

Taiwan’s National Centre for High-Performance Computing (NCHC) has launched what it claims to be the world’s first free malware database designed to help businesses, academics and researchers better identify and defend against criminally-coded attacks. The centre, one of the 11 which comprise Taiwan’s National Applied Research …
Phil Muncaster, 02 Sep 2013
Carna botnet

US remains global sluggard in broadband speed rankings

Akamai's latest State or the Internet report shows that the US is making little headway in becoming a top-ranked broadband nation, and is being outpaced by Asia and Europe based on traffic analysis from the first quarter of the year. The US ranked ninth in average measured connection speed which, while a 27 per cent increase, …
Iain Thomson, 24 Jul 2013
The Register breaking news

CISPA row: Slurped citizen data is ENORMO HACK TARGET - infosec boss

The ability to identify common patterns in real-world attacks makes crowd-sourcing threat intelligence extremely useful, according to a study from security tools firm Imperva. The report arrives just as a privacy row rages over the new Cyber Intelligence Sharing and Protection Act (CISPA) law in the US. But the head of the …
John Leyden, 23 Apr 2013

BIGGEST DDoS in history FAILS to slash interweb arteries

Analysis The massive 300Gbit-a-second DDoS attack against anti-spam non-profit Spamhaus this week didn't actually break the internet's backbone, contrary to many early reports. The largest distributed denial-of-service (DDoS) assault in history began on 18 March, and initially hit the Spamhaus website and CloudFlare, the networking biz …
John Leyden, 28 Mar 2013
Network Cables Index Image

BIGGEST DDoS ATTACK IN HISTORY hammers Spamhaus

Anti-spam organisation Spamhaus has recovered from possibly the largest ‪DDoS‬ attack in history. A massive 300Gbps was thrown against Spamhaus' website but the anti-spam organisation was able to recover from the attack and get its core services back up and running. CloudFlare, the content delivery firm hired by Spamhaus last …
John Leyden, 27 Mar 2013
The Register breaking news

Asia has fastest internet, launches most cyber-attacks

Not only is Asia home to the world's fastest internet connections, but it's also the source of the most internet attack traffic, according to new data from content delivery provider Akamai. The latest edition of the company's quarterly "State of the Internet" report once again crowns Hong Kong as home of the fastest broadband …
Neil McAllister, 24 Jan 2013
The Register breaking news

US gov blames Iran for cyberattacks on American banks

Denial-of-service attacks against US banks' web systems were the work of Iran rather than Islamic activists, says a former American government official. A group called the Izz ad-Din al-Qassam Cyber Fighters claimed responsibility for two waves of cyber-attacks against US banks including US Bancorp, Bank of America, Citigroup, …
John Leyden, 09 Jan 2013
The Register breaking news

Hackers warn: We'll hit US banks... again

Hackers who claimed responsibility for a series of denial of service attacks against US banks in September have warned the US they plan to renew their assault shortly. The Izz ad-Din al-Qassam Cyber Fighters named US Bancorp, JP Morgan Chase, Bank of America, PNC Financial Services Group and SunTrust as possible attack targets …
John Leyden, 17 Dec 2012

BT: Olympics cyber attackers were amateurs

Twelve year old hacktivists and journalists with infected laptops were the biggest info security threats to the London 2012 Games - an event which in the end was notable for the absence of a major cyber attack, BT has revealed. The telco giant was in charge of supporting the official London2012.com site and the huge IP …
Phil Muncaster, 21 Nov 2012
The Register breaking news

One in seven North American home networks full of malware

One in seven home networks in North America are infected with malware, a recent study has revealed. Half the threats detected during Q3 2012 were made up of spam-spewing zombies or banking Trojans while the remainder were mostly adware and other lesser threats, according to a study by Kindsight Security Labs. The study was based …
John Leyden, 02 Nov 2012
balaclava_thief_burglar

Gaping network port with easy-to-guess password? You ARE the 79%

High-profile, sophisticated hackers stealing industrial secrets tend to hog the headlines but opportunistic hackers searching for routine vulnerabilities can create a world of hurt for victims, often small businesses. Verizon’s Data Breach Investigations Report found that 79 per cent of attacks during 2011 were classified as ‘ …
John Leyden, 24 Oct 2012
The Register breaking news

Anonymous cell: Shove off, credit-hoggers, WE took down HSBC

Updated An Anonymous-affiliated group has claimed responsibility for attacks that left HSBC websites worldwide knocked offline on Thursday night. UK-based Fawkes Security claimed responsibility for the digital sit-in via a post to Pastebin. As some of you may be aware HSBC bank suffered several DDoS attacks on the named sites in the …
John Leyden, 19 Oct 2012
The Register breaking news

Banks on the business end of DDoS attack surge - report

Financial firms were in the crosshairs of cyber-attackers during the first three months of 2012, while a threefold increase in DDoS attacks was recorded. DDoS mitigation biz Prolexic reports that the growth in the number of attacks against its clients in banking and insurance was accompanied by a 3,000 per cent increase in …
John Leyden, 12 Apr 2012
The Register breaking news

Move over cybercrims, DDoS now protesters' weapon of choice

Ideological hacktivism has replaced cybercrime as the main motivatation behind DDoS attacks, according to a study by Arbor Networks. Up until last year, DDoS attacks were typically financially driven – either for reasons of competition or outright extortion – but the activities of Anonymous and related groups have changed that. …
John Leyden, 08 Feb 2012
The Register breaking news

Telstra Int in anti-DDoS crusade

Telstra has unveiled a global DDoS protection service for its international clients. The new service is being rolled out by Telstra International to provide added cloud based protection to multinational customers’ internet-facing infrastructure against a wide range of DDoS attacks. “DDoS attacks have increased tenfold since …
The Register breaking news

Krebs nabs ‘RSA attack’ list

When RSA’s network security was breached earlier this year, the result wasn’t only the replacement of its SecurID tokens all over the world. At the time, specialists believed that similar techniques could have been deployed against other victims who mostly didn’t go public. Only a handful of stories confirmed the use of …
The Register breaking news

'Directory traversal' attack becomes premier hack tool

A lesser-known attack called directory traversal is the single most commonly used technique in real-world web application attacks. Directory traversal cropped up in 37 per cent of attacks, almost the same as cross-site scripting (36 per cent), and a fair bit ahead of SQL injection (23 per cent). Remote file inclusion figured …
John Leyden, 27 Jul 2011
The Register breaking news

Wordpress traces 2nd DDoS assault to China

Blogging service WordPress suffered a further series of denial of service assaults on Friday, days after recovering from a particularly debilitating attack. WordPress.com, which serves 18 million sites, traced the vast majority of the attack traffic of the latest assault back to China. Analysis pointed to a Chinese language site …
John Leyden, 07 Mar 2011
The Register breaking news

Boffins devise 'cyberweapon' to take down internet

University Boffins say they've devised a way to take down the internet by turning core parts of its routing protocol against itself. The attack, which was presented last week at the Network and Distributed System Security Symposium in San Diego, California, attacks functionality in the BGP, or Border Gateway Protocol. The …
Dan Goodin, 14 Feb 2011
The Register breaking news

Botnets fuel internet DDoS insurgency

Updated Distributed denial of service attacks topped 100Gbps for the first time last year, during which attempts to flood websites with junk traffic went mainstream. Major incidents in 2010 included DDoS attacks associated with pro- and anti-WikiLeaks hackers and militias as well as hacking attacks linked to political turmoil in Burma …
John Leyden, 02 Feb 2011
The Register breaking news

Spamhaus DDoS blamed on shady Russian hosts, not Anonymous

Anti-spam organisation Spamhaus has recovered from a denial of service attack over the weekend. Initially though, Spamhaus may have been attacked in response to its warning that a WikiLeaks mirror called WikiLeaks.info was being hosted by a Russian bullet-proof hosting outfit, called Webalta, that also played home to phishing, …
John Leyden, 20 Dec 2010
The Register breaking news

UK.gov braces for possible Wikileaks hacklash

UK government websites are bracing themselves for an attack from Anonymous. Failure to grant Julian Assange bail at a hearing due to take place on Tuesday could be enough to push pro-Wikileaks activists – who have already attacked Mastercard, Amazon, PayPal and Swedish prosecutors – into an assault on UK government systems. Sir …
John Leyden, 14 Dec 2010
The Register breaking news

Auction for failed games developer hit by DDoS attack

Realtime Worlds' liquidation auction was blitzed off the web on Friday, following an attack on the website of auctioneers Sweeney Kincaid. The online auction of kit from the failed games developer was first postponed by four hours, but after more denial of service attacks, it was eventually moved offline. The auctioneers, …
John Leyden, 15 Nov 2010
The Register breaking news

Most security products not up to scratch

Only four per cent (one in 25) information security products pass muster when first tested under a widely-used industry kitemark scheme. Most products require two or more cycles of testing before achieving certification, according to security testing outfit ICSA Labs. ICSA Labs, which has tested anti-virus and firewall products …
John Leyden, 17 Nov 2009
The Register breaking news

Pirate Bay clampdown prompted file sharing site spike

Attempts to shut down notorious torrent tracker site The Pirate Bay have spurred a four-fold increase in the number of file sharing websites during the third quarter of 2009. At least some of these sites are primarily designed to distribute scareware and other types of malware rather than pirated content. Net security firm …
John Leyden, 02 Nov 2009