Showing posts sorted by relevance for query DDOS. Sort by date Show all posts
Showing posts sorted by relevance for query DDOS. Sort by date Show all posts

Top 5 DDoS Attacks of 2011, Exclusive Report By Corero Network Security

Posted by Avik Sarkar On 10/09/2011 04:42:00 pm

Corero Network Security (cns:LN), the leader in on-premises Distributed Denial of Service (DDoS) Defense Systems for enterprises, data centers and hosting providers, named its list of 2011's Top 5 DDoS attacks. Corero's findings show an increase in newer, intelligent application-layer DDoS attacks that are extremely difficult to identify "in the cloud," and often go undetected until it is too late. Corero also found an uptick in attacks against corporations by "hactivists" DDoS-ing sites for political and ideological motives, rather than financial gain. Attacks against Mastercard, Visa, Sony, PayPal and the CIA top Corero's list.
"The cat-and-mouse game between IT administrators, criminals and hactivists has intensified in 2011 as the number of application-layer DDoS attacks has exploded. Coupled with an increase in political and ideological hactivism, companies have to be extremely diligent in identifying and combating attempts to disable their websites, steal proprietary information and to deface their web applications, " said Mike Paquette, chief strategy officer, Corero Network Security.

Corero's 2011 Top 5 DDoS Attacks:-

1. Anonymous DDoS Attacks on WikiLeaks "Censors" Visa, MasterCard and PayPal. The most significant DDoS attack so far this year, the WikiLeaks-related DDoS attacks on Visa, MasterCard and PayPal were both Anonymous' "coming out" party, and the first widespread example of what has been dubbed "cyber rioting" on the Internet, with virtual passersby joining in the attack voluntarily.

2. Sony PlayStation Network DDoS. A shocking wake-up call for many gamers, customers and investors, the Sony Playstation Network DDoS attack began a series of cyber attacks and data breaches that damaged Sony financially and hurt its reputation.

3. CIA and SOCA Hit by LulzSec DDoS Attacks. The appearance of LulzSec on the cyber attack scene, highlighted by bold DDoS attacks on the CIA and the U.K. Serious Organised Crime Agency (SOCA), made us wonder if anyone was safe on the Internet.

4. WordPress DDoS. A massive DDoS attack disrupted one of the world's largest blog hosts--some 18 million websites. The huge attack hit the company's data centers with tens of millions of packets per second.

5. Hong Kong Stock Exchange. This DDoS attack had a major impact on the financial world, disrupting stock market trading in Hong Kong. This was a highly leveraged DDoS attack, potentially affecting hundreds of companies and individuals through a single target.

For all the pain and suffering DDoS attacks have caused, there are a number of best practices that companies can implement to reduce their risk. The most effective defense against DDoS attacks requires expert preparation of defensive resources, ongoing vigilance and a rapid, organized response.

-News Source (Corero Network Security)


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

WikiLeaks Again Under DDoS Attack For Last 5 Days

Posted by Avik Sarkar On 8/09/2012 05:04:00 am

WikiLeaks Again Under DDoS Attack For Last 5 Days

Yet again Wikileaks official website faced denial of service attack. Earlier we have seen two similar attack, first it was in 2011 when  an Anonymous member took responsibility of that Attack on Wikileaks website. That  time the attacker executed a massive Denial of Service while using newly developed tool #refref. In an exlusive report by Corero Network Security said the attack on Wikileaks site was one of the largest DDoS attack ever took place in 2011. Back in May this year, Wikileaks was also taken down by a DDoS attack which also infected controversial file sharing site "The Pirate Bay". As per sources the site has been down for the last five days, during which it has been experiencing a massive Distributed Denial of Service (DDoS) attack. So far it was the longest attack ever happened against Wikileaks. The most notable thing is that according the organisation already claimed a government entity is behind the hit. Many of other unofficial sources are connecting this attack with a recent story, which restarted the WikiLeaks donation. At the time of the attack team VOGH took the following screen shot which clearly showing that Wikileaks.org was indeed inaccessible

The first tweet was sent out on August 3:-
WikiLeaks.org is down for unknown reasons. We are investigating. wikileaks.org is still up.
#WikiLeaks donation page and FDNN portal down. You can still donate via supporter merchandise: http://wikileaks.spreadshirt.com/ http://www.cdbaby.com/cd/wikileaksbeattheblockade2
WikiLeaks has been under sustained large scale DDoS attacks since August 3. Help us purchase more bandwidth: http://shop.wikileaks.org/donate
Speculation on DDoS attack against WikiLeaks timing: 1. Olympics cover 2. Upcomng release. 3. Ongoing Syria, Stratfor releases
Wikileaks est actuellement sous le feu d’une attaque DDOS d’ampleur.
wlcentral.org and http://justice4assange.com are now down.
Update: http://wikileaks.org https://secure.fdn2.org/fdn2/nouser http://cabledrum.net/ still down. http://wlcentral.org/ http://justice4assange.com/ back online.
UPDATE: WikiLeaks battles ongoing DDoS attack
#WikiLeaks .onion mirror available: http://isax7s5yooqgelbr.onion/ Accessible only through Tor

Most WikiLeaks mirrors have been brought offline as well, with some coming back today. Even sites simply related to WikiLeaks have been targeted. These include the WikiLeaks-endorsed website Cabledrum, including its mirror of the WikiLeaks website, and French non-profit FDNN, which hosts a WikiLeaks' donation portal. The latter was attacked shortly after WikiLeaks linked to it as an alternative to donate while the WikiLeaks website is down. WL Central and Justice for Assange were also attacked for a short period of time. According to Zdnet a hacker group calling themselves 'AntiLeaks' is claiming responsibility for the attack, and has issued the following statement:-
"You can call me DietPepsi. I am the leader of AntiLeaks. We are not doing this to call attention to ourselves. We are young adults, citizens of the United States of America and are deeply concerned about the recent developments with Julian Assange and his attempt at aslyum in Ecuador.
Assange is the head of a new breed of terrorist. We are doing this as a protest against his attempt to escape justice into Ecuador. This would be a catalyst for many more like him to rise up in his place. We will not stop and they will not stop us."




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Vulnerabilities Found in Google Plus, An Attacker Can Perform DDoS Attack Using Google's Bandwidth

Posted by Avik Sarkar On 8/30/2011 03:08:00 am


Hello hacker meet your new friend Google plus. Don't get panic. Now you can perform DDoS attack while using the bandwidth of Google.  A security expert has discovered certain flaws in Google’s server which can allow hackers to mount massive distributed denial of service (DDOS) attacks. Simone Quatrini, a penetration tester with Italy-based security firm AIR Sicurezza Informatica, revealed that vulnerabilities in Google’s server allow hackers to use the search engine as a proxy to retrieve content for them.
The security expert has developed a script which can allow it to use Google’s bandwidth to launch DDOS attacks on any website. Quatrini contacted Google about the flaw on August 10, but got no reply from the company. It was then that he decided to disclose the vulnerabilities to the public. Researcher and computer student Ryan Dewhurst had also alerted Google about the flaws, but also did not receive a reply. Quatrini claimed he was getting a bandwidth of 91Mbps even though his home server only receives bandwidth of 6Mbps.
“Is possible to request any file type, and G+ will download and show all the content. So, if you paralyse so many requests, is possible to DDoS any site with Google bandwidth. Is also possible to start the attack without be logged in G+,” Said Quatrini.
Here is video which will clarify you how to do DDoS while using Google's Bandwidth:-
To Download the DDoS Source Code click Here



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Serious Organised Crime Agency (SOCA) Under DDoS Attack

Posted by Avik Sarkar On 5/05/2012 01:41:00 am

Serious Organised Crime Agency (SOCA) Under DDoS Attack 
Hacker performed massive denial of service attack to take down the official website of UK's Serious Organised Crime Agency (SOCA). Last night cyber criminals sent large number of data packets by which they managed to send SOCA offline. SOCA authority confirmed that they have suffered a DDoS attack which interrupts  their services. A spokesman said the site was taken offline at 22:30 on Wednesday, but that the attack did not "pose a security risk to the organisation". The exact reason of this attack is unclear but it can be predicated that either Soca's movement  on closing down 36 websites believed to be selling stolen credit card information may caused this DDoS attack. “The SOCA DDoS attack is probably related to the carder site takedowns last week,” F-Secure’s Chief Research Officer Mikko Hypponen wrote on Twitter.Experts are also highlighting another reason which may have influenced hacktivist to engage this cyber attack and that is the Supreme Court's decession on blocking The Pirate Bay in UK . What ever this is the second time in less than a year that SOCA's website has found itself the target of malicious attackers, having previously suffered from a DDoS attack at the hands of the notorious LulzSec gang in June 2011.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

The Pirate Bay Criticize Anonymous DDoS Attack on Virgin Media

Posted by Avik Sarkar On 5/12/2012 11:02:00 pm

The Pirate Bay Criticize Anonymous DDoS Attack on Virgin Media
 
Earlier in this month High Court has ruled to block The Pirate Bay in U.K. In action hacker collective Anonymous performed massive denial of service attack which targeted Virgin Media - one of those ISP who immediately followed the Court order and blocked Pirate Bay. It is said that the denial of service attack was simply a tit for tat as Virgin Media is the 1st ISP who instantly followed the High Court order while saying- "As a responsible ISP, Virgin Media complies with court orders addressed to the company but strongly believes that changing consumer behaviour to tackle copyright infringement also needs compelling legal alternatives, such as our agreement with Spotify, to give consumers access to great content at the right price." And this make Anonymous angry with Virgin and as a result they sent Virgin Media offline for a certain time. 
But here comes a twist and that is The Pirate Bay has denounced an Anonymous DDoS campaign that took down Virgin Media, calling it an "ugly" method that's no better than the UK court order for ISPs to block users from getting to The Pirate Bay. 

In their official statement TPB said - "Seems like some random Anonymous groups have run a DDOS campaign against Virgin media and some other sites. We'd like to be clear about our view on this:
We do NOT encourage these actions. We believe in the open and free internets, where anyone can express their views. Even if we strongly disagree with them and even if they hate us. So don't fight them using their ugly methods. DDOS and blocks are both forms of censorship.
If you want to help; start a tracker, arrange a manifestation, join or start a pirate party, teach your friends the art of bittorrent, set up a proxy, write your political representatives, develop a new p2p protocol, print some pro piracy posters and decorate your town with, support our promo bay artists or just be a nice person and give your mom a call to tell her you love her."
As far as the Anonymous DDoS goes, Virgin Media put out a statement that said the attack lasted one hour. Virgin Media also reiterated that it didn't have a choice to block The Pirate Bay; rather, the government forced its hand.


-Source (NS)


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

British Spy Agency GCHQ Performed DDoS Attack Against Anonymous -Snowden Documents Transpired

Posted by Avik Sarkar On 2/10/2014 01:49:00 am

British Spy Agency GCHQ Performed DDoS Attack Against Hacktivist Anonymous & LulzSec -Snowden Documents Transpired
While excavating the past, it was always found that cyber criminals, large hacker collective groups were the culprits for engaging voluminous denial of service attack. But this widely transfusing story get a one eighty degree reverse turn, when the former NSA contractor Edward Snowden revealed another trade secret. Recently a lurid story get spot lighted, as the whistle blower Snowden unfold yet another breathtaking stealthy  documents taken from the National Security Agency. The clandestine documents taken the mask from the so called good guys, unveiling British spy agency GCHQ had launched a secret war against the infamous hacktivist collective Anonymous and a splinter group known as LulzSec several years ago. Many of you guessed right, this was happened when Anonymous were targeting various UK companies and government websites. The documents disclose that GCHQ carried out seemingly illegal DDoS attacks against the collective, flooding their chatrooms with so much traffic that they would become inaccessible – and all with the approval of the British government. The revelations come less than a year after several LulzSec activists were jailed by a British court for carrying out similar DDoS attacks against targets including the CIA, the UK’s Serious Organized Crime Agency (SOCA), News International, Sony and the Westboro Baptist Church, among others. 
This sensational issue was made public by NBC News deferentially with the help of none other than Edward Snowden. In their exclusive report headed 'War on Anonymous: British Spies Attacked Hackers,' NBC said -The blunt instrument the spy unit used to target hackers, however, also interrupted the web communications of political dissidents who did not engage in any illegal hacking. It may also have shut down websites with no connection to Anonymous. According to the documents, a division of Government Communications Headquarters (GCHQ), the British counterpart of the NSA, shut down communications among Anonymous hacktivists by launching a “denial of service” (DDOS) attack – the same technique hackers use to take down bank, retail and government websites – making the British government the first Western government known to have conducted such an attack.
The documents, from a PowerPoint presentation prepared for a 2012 NSA conference called SIGDEV, show that the unit known as the Joint Threat Research Intelligence Group, or JTRIG, boasted of using the DDOS attack – which it dubbed Rolling Thunder -- and other techniques to scare away 80 percent of the users of Anonymous internet chat rooms. 
The existence of JTRIG has never been previously disclosed publicly. The documents also show that JTRIG infiltrated chat rooms known as IRCs and identified individual hackers who had taken confidential information from websites. In one case JTRIG helped send a hacktivist to prison for stealing data from PayPal, and in another it helped identify hacktivists who attacked government websites. 
As soon as this story getting all the spot lights, immediately the GCHQ responded to this saying all their movements and operations were lawful“All of GCHQ’s work is carried out in accordance with a strict legal and policy framework which ensure[s] that our activities are authorized, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Parliamentary Intelligence and Security Committee. All of our operational processes rigorously support this position.” -GCHQ said the press. To know more detail about this story, don't forget to stay tuned with VOGH



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

DDoS Attack From Anonymous Cost PayPal £3.5 Million of Damage

Posted by Avik Sarkar On 11/23/2012 08:07:00 pm

DDoS Attack From Anonymous Cost PayPal £3.5 Million of Damage 

The distributed denial of service attack (DDoS) from hacktivist Anonymous has cost PayPal more than €4.3 million. The attack which was named Operation Payback were initially aimed at companies that opposed internet piracy, but switched to companies like Mastercard, Visa and PayPal after they refused to process payments to WikiLeaks. After that attack PayPal -the global leader in online money transfer and payments has paid around £3.5 million defend and arm itself against such kind distributed denial-of-service (DDoS) attacks. In a report BBC said that more than one hundred skilled employees from eBay, PayPal's parent company, spent almost three weeks working on DDoS-attack-related issues and that PayPal had bought software and hardware to defend itself against further attacks. In all, the total cost of this work came to £3.5 million. This details have been revealed in a court case at Southwark Crown Court where a defendant, Christopher Weatherhead (studying at Northampton University when who allegedly took part in the campaign), is facing charges of conspiring to impair the operation of computers. He has pleaded not guilty to conspiring to impair the operation of computers between 1 August 2010 and 22 January 2011.
Sandip Patel, prosecuting, said the group caused PayPal "enormous economic harm". Mr Patel said they used distributed denial of service, or DDoS, which flooded the targets computers with enormous amounts of online requests. Target websites would crash and users would be directed to a page displaying the message: "You've tried to bite the Anonymous hand. You angered the hive and now you are being stung."
Mr Patel said: "This case, simply put, is about hackers who used the internet to attack and disable computer systems - colloquially described as cyber-attackers or vandals." He said Mr Weatherhead, who used the online name Nerdo, posted plans on an Internet Relay Chat (IRC) channel encouraging an attack on PayPal. 
He said PayPal was the victim of a series of attacks "which caused considerable damage to its reputation and loss of trade". 






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Armageddon (DDoS Botnet) Started Integrating Apache Killer Exploit

Posted by Avik Sarkar On 3/09/2012 05:50:00 pm

Armageddon (DDoS Botnet) Started Integrating Apache Killer Exploit

The latest version of Denial of Service Bot (DDoS) named Armageddon integrates a relatively new exploit known as Apache Killer. Armageddon is a Russian malware family exclusively designed to launch DDoS attacks. Because it is sold as a toolkit on underground forums, there is more than one Armageddon-powered botnets on the Internet. Aside from the Apache Killer exploit, the latest Armageddon version also incorporates other application-layer DDoS techniques that target popular Internet forum platforms like vBulletin or phpBB, however these are not particularly ground-breaking.
The Apache Killer exploit was released in August 2011. It exploits a vulnerability in the Apache Web server by sending a specially crafted "Range" HTTP header to trigger a denial-of-service condition. The attack is particularly dangerous because it can be successfully executed from a single computer and the entire targeted machine needs to be rebooted in order to recover from it. The vulnerability exploited by Apache Killer is identified as CVE-2011-3192 and was patched in Apache HTTPD 2.2.20, a week after the exploit was publicly released. Apache 2.2.21 contains an improved fix.
Recommendation:-
System administrators should upgrade their Apache servers to the latest available version or should implement known work arounds. "There is an update to the Apache mod_security module that attempts to address this type of attack by filtering requests with 'Range' headers that are too large.

-Source (PC World)




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Russian Hacker 'Dmitry Zubakha' Arrested For DDoS Attacks on Amazon, eBay & Priceline

Posted by Avik Sarkar On 7/24/2012 01:36:00 am

Russian Hacker 'Dmitry Zubakha' Arrested For DDoS Attacks on Amazon, eBay & Priceline

A twenty five years old hacker from Russia get arrested for allegedly perforimg two massive DDoS (Denial-of-Service) attacks on one of the most popular online shopping site Amazon.com and eBay in 2008. Dmitry Olegovich Zubakha also known as "Cyber bandit" in most of the hacker's underground community was indicted in 2011, but he was just arrested in Cyprus on Wednesday. The arrest of Zubakha took place under an international warrant and  currently he is in custody pending extradition to the United States. According to the indictment unsealed on Thursday said- Zubakha, with the help of another Russian hacker planned and executed DDoS attacks against Amazon.com, eBay, and Priceline in the middle of 2008. Zubakha and his co-conspirator launched the attack with the help of a DDoS botnet to generate a large number of traffic which interrupts the normal service of those online shopping sites. According to a press release by the U.S. Department of Justice (DOJ), the attacks made it "difficult for Amazon customers to complete their business on line."
He has been charged by law enforcement for stealing more than 28,000 credit cards in 2009 for that reason, Zubakha and his partner are also charged with aggravated identity theft for illegally using the credit card of at least one person. At present the charges in the indictment conspiracy, intentionally causing damage toa protected computer resulting in a loss of more than $5000, possession of more than 15 unauthorized access devices (credit card numbers), and aggravated identity theft are just allegations. Zubakha faces up to five years in prison for conspiracy, up to teh years in prison and a $250,000 fine for intentionally causing damage to a protected computer, up to ten years in prison and a $250,000 fine for possessing unauthorized access devices, and an additional two years in prison for aggravated identity theft. 






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

DDoS Tool For Apache Server 2.3.14

Posted by Avik Sarkar On 10/25/2011 03:42:00 pm

After killapache success yet another POC on apache for DDOS tools. Apache Server 2.3.14 Denial of Service (DDOS) Vulnerability exploit. Latest version of Apache Server 2.3.14 fails. The Egyptian Hacker and Exploit writer “Xen0n” discovered this Vulnerability and Develop an perl exploit for (DDOS) Vulnerability. The script is written in perl can be easily modified.

To Download POC Apache Server 2.3.14 Click Here


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Pirate Bay & WikiLeaks Goes Offline After Prolonged Denial of Service Attack

Posted by Avik Sarkar On 5/18/2012 01:34:00 am

Pirate Bay & WikiLeaks Goes Offline After Prolonged Denial of Service Attack
 
Most popular and controversial file sharing site "The Pirate Bay" faced a prolonged distributed denial of service which interrupts the service. In their official Facebook page confirmed the attack. DDoS attack left the site largely inaccessible for the last 24 hours, with only intermittent service in the UK. The Pirate Bay took to its Facebook page to confirm the attack, saying that it did not know who was behind it, although it ‘had its suspicions’. There had initially been speculation that the attack on The Pirate Bay was initiated as an act of revenge by the Anonymous hacker collective after members of The Pirate Bay criticised Anonymous for organizing DDoS attacks on UK internet service provider (ISP) Virgin Media for blocking access to The Pirate Bay. The Pirate Bay has said, however, that Anonymous is not to blame for the attack on its site.
Meanwhile, a former Anonymous member by the name of AnonNyre has claimed responsibility for DDoSing the Pirate Bay site. There is no evidence though to confirm that AnonNyre was actually behind the attacks. 

Not only TPB, but also Wikileaks official website faced massive distributed denial of service attack which hampers the site for 72 long hours. According to official twitter of Wikileaks "WikiLeaks has been under sustained DDOS attacks over the last 72 hours..."  
This not the first time, before this Wikileaks have faced cyber attack and an Anonymous member took responsibility of that Attack on Wikileaks website. That  time the attacker executed a massive Denial of Service while using newly developed tool #refref. In an exlusive report by Corero Network Security said the attack on Wikileaks site was one of the largest DDoS attack ever took place in 2011. But still it is not clear if there is any connection between the two incidents. 





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

DDoS Attack Send Twitter Offline, Lady Hacker Named 'Cosmo' From 'UGNazi' Took Responsibility

Posted by Avik Sarkar On 6/24/2012 05:41:00 pm

DDoS Attack Send Twitter Offline, Lady Hacker Named 'Cosmo' From 'UGNazi' Took Responsibility

One of the world famous and widely used social network Twitter again faced cyber attack. This time the site was unavailable for over 30 minutes in countries all over the world from Europe through to Asia. As expected the reason behind this outage is massive denial of service attack. According to the report of Telegraph an infamous hacker group named Underground Nazi also known as UG Nazi affiliated with hacktivist LulzSec, immediately, claimed responsibility for the downage attributing it to a prolonged DDoS attack. A lady hacker codenamed Cosmo, claimed taking down the site had been 'surprisingly simple'. "It wasn't really difficult at all, I myself honestly thought Twitter would be more protected from a DDoS Attack, but I guess not," she added. 
Meanwhile twitter completely denied the whole phenomena. A spokesman for Twitter said the issue was caused by 'a cascaded bug in one of our infrastructure components'. He declined to say whether it was a technical failure or a malicious attack.




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

BoNeSi- A New DDoS Botnet Simulator Tool Available For Download

Posted by Avik Sarkar On 7/08/2012 01:12:00 pm

BoNeSi- A New DDoS Botnet Simulator Tool Available For Download 

After Armageddon now we got BoNeSi, the DDoS Botnet Simulator is a Tool to simulate Botnet Traffic in a testbed environment on the wire. It is designed to study the effect of DDoS attacks. BoNeSi generates ICMP, UDP and TCP (HTTP) flooding attacks from a defined botnet size (different IP addresses). BoNeSi is highly configurable and rates, data volume, source IP addresses, URLs and other parameters can be configured. There are plenty of other tools out there to spoof IP addresses with UDP and ICMP, but for TCP spoofing, there is no solution. BoNeSi is the first tool to simulate HTTP-GET floods from large-scale bot networks. BoNeSi also tries to avoid to generate packets with easy identifiable patterns (which can be filtered out easily).
It is highly recommend to run BoNeSi in a closed testbed environment. However, UDP and ICMP attacks could be run in the internet as well, but you should be carefull. HTTP-Flooding attacks can not be simulated in the internet, because answers from the webserver must be routed back to the host running BoNeSi. A demo video of BoNeSi in action can be found here.

To Download BoNeSi Click Here


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

'PayPal 14' Culprits Enter Guilty Pleading Over Pro-WikiLeaks DDoS Attack Versus PayPal

Posted by Avik Sarkar On 12/08/2013 01:14:00 am

Accused 'PayPal 14' Culprits of Anonymous Enter Guilty Pleading Over Pro-WikiLeaks DDoS Attack Versus PayPal

I am quite sure that all of your regular readers still remember the devastating cyber attack from Anonymous against PayPal, the attack was conducted under the banner of Operation PayPal (#OpPayPal). The infamous hacker community stated a reason for this mass protest as the online payment company suspending the account of WikiLeaks. #OpPayPal is considered as one of the most demolishing cyber attack ever taken in cyber space. PayPal with law enforcement agencies immediately taken steps and start investigation, in the primary step PayPal sent 1000 IP address of Anonymous hacker who was linked on that attack to FBI. As expected the hackers who were behind that attack was serially busted by the police. And finally the accused anonymous hacker appeared in federal court in California on Thursday and will be formally sentenced in one year. Eleven of the so-called “PayPal 14” members each pleaded guilty in court to one felony count of conspiracy and one misdemeanor count of damaging a computer as a result of their involvement in a distributed denial-of-service (DDoS) attack waged by Anonymous in late 2010 shortly after PayPal stopped processing donations to the anti-secrecy group WikiLeaks. Prosecutors say the defendants used a free computer program called the Low Ion Orbit Cannon, aka LOIC, to collectively flood PayPal’s servers with tremendous amounts of illegitimate internet traffic for one week that winter, at moments knocking the website offline as a result and causing what PayPal estimated to be roughly £3.5 million in damages
Pending good behavior, those 11 alleged Anons will be back in court early next December for sentencing, atpleading guilty to the misdemeanor counts only, likely removing themselves from any lingering felony convictions but earning an eventual 90 day jail stint when they are finally sentenced. A fourth defendant, Dennis Owen Collins, did not attend the hearing due to complications involving a similar case currently being considered by a federal judge in Alexandria Virginia in which he and one dozen others are accused of conspiring to cripple other websites as an act of protest during roughly the same time.
which point the felony charges are expected to be adjourned. Two of the remaining defendants cut deals that found them. In his press reaction defense attorney Stanley Cohen said the terms of the settlement were reached following over a year of negotiations, “based upon strength, not weakness; based upon principle, not acquiescence.” In the courtroom all the accused hacker stood up and said, ‘We did what you said we did . . .We believe it was an appropriate act from us and we’re willing to pay the price.’ 
On the other hand Cohen, who represented PayPal 14 defendant Mercedes Haefer in court, said one of the hacktivists told him after Thursdays hearing concluded that "This misdemeanor is a badge of honor and courage." When media questioned Michael Whelan, a lawyer for one of the defendants, he declined to comment on the plea. 


-Source (RT)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

GoDaddy Outage Was Not Beacuse of Hacker Attack But Technical Difficulties

Posted by Avik Sarkar On 9/13/2012 11:57:00 pm

GoDaddy Outage Was Not Beacuse of Hacker Attack But Technical Difficulties 

GoDaddy -the website which is widely known as a DNS and hosting provider remained down for most of time on 10th September came back online in the 10th evening. As expected thousands of other web sites reportedly went offline as their hosting provider GoDaddy experienced massive service disruptions. GoDaddy, which claims to be the world's biggest web hosting company, confirmed the problems on its official Twitter account but has not yet stated the cause of the disruptions. A hacker code named "Anonymous Own3r" on Twitter took responsibility of the outage. The attack came on behalf of the hacker collective group 'Anonymous' as a protest against GoDaddy's support of the SOPA act. The hacker stated the reason of the outage is a massive denial of service (DDoS) attack which was generated from an IRC-Botnet. A tweet from the @AnonOpsLegion account: "#TangoDown -- http://www.godaddy.com/ | by@AnonymousOwn3r" was the initial public promotion of the outage, leading some to believe that the Anonymous online activist collective was behind the disruption. However, the AnonymousOwn3r account clarified in various tweets that: "it's not Anonymous coletive [sic] the attack is coming just from me." But this claim was later disputed by posts from the @YourAnonNews account which is known to be one of the legitimate twitter source of Anon. 
After completing the investigation of the outage, GoDaddy released a press note where they have clearly said that the outage was not because of DDoS attack but internal technical difficulties. According to Scott Wagner Go Daddy CEO -
"GoDaddy.com and many of our customers experienced intermittent service outages starting shortly after 10 a.m. PDT. Service was fully restored by 4 p.m. PDT. The service outage was not caused by external influences. It was not a "hack" and it was not a denial of service attack (DDoS). We have determined the service outage was due to a series of internal network events that corrupted router data tables. Once the issues were identified, we took corrective actions to restore services for our customers and GoDaddy.com. We have implemented measures to prevent this from occurring again.
At no time was any customer data at risk or were any of our systems compromised. Throughout our history, we have provided 99.999% uptime in our DNS infrastructure. This is the level our customers expect from us and the level we expect of ourselves. We have let our customers down and we know it. We take our business and our customers' businesses very seriously. We apologize to our customers for these events and thank them for their patience."





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

HSBC Comeback Online After Prolonged DDoS Attack From Anonymous

Posted by Avik Sarkar On 10/20/2012 12:07:00 pm

HSBC Comeback Online After Prolonged DDoS Attack From Anonymous 

Massive attack against banking and financial sector continues, this time HSBC became the latest victim of cyber attack. The attack which interrupt the service for 10 hours long were mainly originated from Iran and Russia. After 'Izz ad-Din al Qassam Cyber Fighters' now it was the time for Fawkes Security, an offshoot of hacktivist group Anonymous, quickly took credit for the attack, acknowledging the take down in posts yesterday afternoon on Twitter and Pastebin The group claimed to have knocked HSBC’s main site, along with its US, UK and Canadian counterparts offline and on Friday,claimed it logged 20,000 debit card details from the site while it was down. 
According to HSBC newsroom- "On 18 October 2012 HSBC servers came under a denial of service attack which affected a number of HSBC websites around the world." But HSBC denied any sort of data loss. Fawkes Security claimed to have details of more than 20K cards, but in their release HSBC said "This denial of service attack did not affect any customer data, but did prevent customers using HSBC online services, including internet banking." 
But now the whole situation is under control, websites belonging to British bank and financial services company HSBC are back online and working normally. According to an update posted on its website, HSBC restored all of its websites globally to full accessibility as of 3:00am UK time. 
New York Stock Exchange, Bank of America, Wells Fargo, US Bank and PNC was brought down by few hacker collective group as protest against the anti Islamic movie. After this attack the name of HSBC has also been enlisted with those poor victims (affected banks & finance sector) who suffered DDoS attack in last month.





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Pastebin Under Massive Cyber Attack, 20K IP Address Blocked To Prevent DDoS Attack

Posted by Avik Sarkar On 2/22/2012 11:57:00 pm

Pastebin Under Massive Cyber Attack , More Than 20K IP Address Blocked To Prevent DDoS Attack

Pastebin - most widely used & world's number one paste tool yet again faced massive cyber attack. According to pastebin official twitter profile the 1st attack came on the 18th February where the attacker was using a botnet to send millions of requests to pastebin servers in an attempt to flood the network, inshort the attacker was trying to engage a DDoS attack. In response the pastebin team immediately took action while blocking more than 4000 IP address, but it was later found that those counter measure seems useless in-front of the attack so again more than 9000 IP address get blocked. According to the last twitter update pastebin confirmed that they are still adding more IP to the block list and now the number of block listed IP became more than 20000. This attack came on the day when Pastebin’s developers revealed the fact that the 3.1 version has gone online. 
In the press release Pastebin team said:- 
"For the last 16 hours Pastebin.com has been under attack by a botnet. Someone is using this botnet to send millions of requests to our servers in an attempt to flood the network to the point where it becomes inaccessible. A botnet is a collection of compromised computers connected to the Internet (each compromised computer is known as a 'bot').
So far we have been able to block about 20,000 IP's, but this number is growing by the minute. These IP's are most likely from innocent people who have no clue that their computer is being used for this purpose. It is highly recommended that you always have up-to-date antivirus software installed, and a good Firewall active.
Later today we will publish the list of IP's from today's 'botnet attack' on another server so you are able to check if your own computer has been compromised.
If your IP is in this list, you will not be able to access Pastebin at this time. With the current IPv4 system there are a total number of 4,294,967,296 IP's. The chance that your IP is blocked is rather small.
We sincerely apologize for the times that we were unable to block the attacks, and we will continue to fight these attacks as well as we can to make sure Pastebin is available 24/7."



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Russia Is Facing Massive Cyber Attack (DDoS)

Posted by Avik Sarkar On 12/05/2011 08:16:00 pm


Russia is facing massive cyber attack. Hackers have shut down several Russian websites that provide independent election data, making state-controlled media one of the few widely accessible sources of information about today's parliamentary vote. The website of Golos.ru, the last remaining independent election-monitoring group based in Russia, was shut down early today. That group is partially financed by the European Commission. Also targeted were the websites of the Kremlin-critical Ekho Moskvy radio station, the "Moscow New Times," the weekly magazine "Bolshoi Gorod," and the news websites slon.ru and publicpost.ru.

"The attack on the website on election day is clearly an attempt to inhibit publication of information about violations," Moscow Echo editor-in-chief Alexei Venediktov wrote on Twitter.
Golos said it was the victim of a similar "distributed denial of service" (DDoS) attack, while several other opposition news sites were down. The Moscow Echo is popular among the liberal opposition although it is owned by state gas giant Gazprom. Golos said on Twitter that its main website as well as the website "Map of Violations" detailing claims of fraud across Russia were under "massive DDoS attacks". Golos head Liliya Shibanova said that the authorities seemed especially angry at their Map of Violations project, where people could upload any information or evidence of election violations.
"It's a very expensive operation," Shibanova said of the attacks. "It's a big organisation with plenty of means that must have done it."
She said the attack consisted of 50,000 hits per second by computers attempting to access the Golos website.



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Security Issues Call for Disabling WebGL

Posted by Avik Sarkar On 5/13/2011 11:18:00 pm



Context Information Security a security consulting firm stated that the WebGL standard for the Web with which 3D-graphics could be turned on any PC running a suitable Web-browser was risky since it let the content in that browser to nearly straight away gain admission into the graphics hardware of the system. V3.co.uk published this on May 9, 2011.
Often the said graphics hardware isn't developed because of security reasons; therefore the associated API regards all software as trustworthy, while really that mayn't be so which puts the computer in danger of attack.
And when such an attack is executed, it can wholly stop the end-user from managing to access his PC thus resulting in the OS (operating system) to collapse via the proliferation of malware, or become benign to programs wherein driver code may've been erroneous leading to possible exploitable situations.
Incidentally, by designing dubious programs, online-crooks can execute DDoS (distributed denial-of-service) assaults alternatively, by intentionally drawing complicated three-dimensional geometry too that results in more time for GPU hardware to render. Actually, the objective of WebGL is for starting a 3D-API inside the browser after deriving it from an OpenGL, with this API being accessible via a JavaScript of a website that maybe employing it.
States Senior Security Consultant James Forshaw at Context, it's not difficult to make client DDoS assaults trivial, with solely the browser being impacted. Nevertheless, within the current instance, the assault wholly stops an end-user from gaining admission into his PC; consequently, making it significantly severe, adds Forshaw. V3.co.uk published this.
Actually a very familiar security problem affecting WebGL is the denial-of-service condition, which's even recognized within the latest standards documentation. Primarily due to the nearly straight admission into graphics hardware by the API derived from WebGL, it's feasible for designing dubious programs alternatively certain complicated 3D-geometry that's capable of making the hardware render only over a long time-frame, thus leading to the DDoS condition.
Eventually according to Forshaw, since research in WebGL is currently limited, Context believes that it can't yet be widely used instead IT managers and consumers require deactivating it within their browsers, thus reported V3.co.uk.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Pastie.org - Popular Online Paste Tool Under DDoS Attack

Posted by Avik Sarkar On 4/24/2012 11:07:00 pm

Pastie.org - Popular Online Paste Tool Under DDoS Attack  

Popular online paste tool Pastie faced massive cyber attack. Last night an un-named hacker performed distributed denial of service attack twice which immediately send the website offline. Most probably the attack was generated from a botnet. "To protect it's network and other customers Rails Machine has decided to no longer host and sponsor the site. I did not see this coming and did not expect my hosting company to just pull the plug so quickly. I'm in the middle of RailsConf 2012 right now but working on a migration plan to deal with this..." said official spokesman of Pastie. The site is still not performing 

The above screen shot is taken from the index page. Earlier we have such scenario when  Pastebin, another widely paste tool faced DDoS attack and in counter measure authorities blocked 20K IP address.  






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search