Archive for the ‘DDoS’ Category

IoT botnet creator cops plea to hacking more than 800,000 devices

September 4th, 2019
A judge's gavel on a desk.

Enlarge (credit: Getty Images | Marilyn Nieves)

A 21-year-old Washington man has pleaded guilty to creating botnets that converted hundreds of thousands of routers, cameras, and other Internet-facing devices into money-making denial-of-service fleets that could knock out entire Web hosting companies.

Kenneth Currin Schuchman of Vancouver, Washington, admitted in federal court documents on Tuesday that he and two other co-conspirators operated Sartori and at least two other botnets that collectively enslaved more than 800,000 Internet-of-Things devices. They then used those botnets to sell denial-of-service attacks that customers could order. Last October, while on supervisory release after being indicted for those crimes, Schuchman created a new botnet and also arranged a swatting attack on one of his co-conspirators, the plea agreement, which is signed by the hacker, said.

The crime outlined in the court documents started with the advent in late 2016 of Mirai, a botnet that changed the DDoS paradigm by capitalizing on two salient features of IoT devices: their sheer numbers and their notoriously bad security. Mirai scanned the Internet for devices that were protected by an easy-to-guess default password. When the botnet found one, it corralled it into a botnet that could overwhelm even large targets with more junk traffic than they could handle.

Read 6 remaining paragraphs | Comments

Posted in Biz & IT, botnets, DDoS, Denial of Service, Internet of things, IoT, Policy | Comments (0)

‘Pulse wave’ DDoS – another way of blasting sites offline

August 18th, 2017

If there’s one thing we’ve learned, it’s that any new way of DDoSing will reveal that there are a huge number of undefended devices online

Posted in DDoS, DDoS-for-hire, Security threats, Vulnerability | Comments (0)

News in brief: WannaCry ‘kill switch’ man detained; Firefox file encryption; DDoS fails to persuade

August 3rd, 2017

Your daily round-up of some of the other stories in the news!

Posted in DDoS, Firefox, news in brief, WannaCry | Comments (0)

DDoS Attacks Can Cost Businesses Up to $2.5M Per Attack, Report Says

May 2nd, 2017

Neustar’s annual DDoS attack report says businesses can lose $2.5M on average detecting and mitigating DDoS attacks.

Posted in cost of DDoS attacks, DDoS, ddos attack, Distributed Denial of Service attacks, IoT, mirai, NeuStar, vulnerabilities | Comments (0)

Malware Hunter — Shodan’s new tool to find Malware C&C Servers

May 2nd, 2017

Rapidly growing, insecure internet-connected devices are becoming albatross around the necks of individuals and organizations with malware authors routinely hacking them to form botnets that can be further used as weapons in DDoS and other cyber attacks.

But now finding malicious servers, hosted by attackers, that control botnet of infected machines gets a bit easier. Thanks to Shodan and

Posted in Botnet, botnet detection, Cyber Attacks, DDoS, IoT Search Engine, Malware Hunter, Search engine, Shodan, Shodan search engine | Comments (0)

Discovery of 8,800 servers sends warning to Asian cybercriminals

April 27th, 2017

Move shows the importance of international co-operation to take down cybercrime at its roots

Posted in Botnet, DDoS, interpol, Law & order, ransomware | Comments (0)

Protestors urged to try and swamp White House website

January 20th, 2017

As the inauguration of Donald Trump gets under way in Washington DC, one activist is calling for a DIY DDoS-style attack – which may not be legal

Posted in DDoS, hacktivism, Law & order, LOIC | Comments (0)

Law Enforcement Targets Users of DDoS-For-Hire Services

December 14th, 2016

Law enforcement from more than a dozen countries last week carried out a series of operations designed to crack down on DDoS-for-hire services.

Posted in booters, DDoS, DDoS stressers, Distributed Denial of Service attacks, Europol, Government, National Crime Agency, nca | Comments (0)

BlackNurse revisited: what you need to know

November 17th, 2016

We’ve had a steady stream of questions about “BlackNurse”, so we thought we’d answer them all in one place. Here you are.

Posted in BlackNurse, DDoS, Denial of Service, DOS, firewall, ICMP | Comments (0)

Mirai Internet of Things Botnet Linked to Internet Outage | Flashpoint

October 22nd, 2016

In-brief: A denial of service attack on the managed DNS firm DYN was due, in part, to attacks from Internet of Things devices running the Mirai malware, the firm Flashpoint reported. Analysis by the firm Flashpoint suggests that large-scale denial of service attacks against the managed DNS provider DYN on Friday were carried out, in part, by cameras, digital video recorders and other “Internet of Things” endpoints infected with the Mirai malware. In a blog post, Flashpoint said its analysis confirmed that some of the malicious infrastructure responsible for the distributed denial-of-service (DDoS) attacks were running the Mirai malware. From the blog post: Flashpoint has confirmed that at least some of the devices used in the Dyn DNS attacks are DVRs, further matching the technical indicators and tactics, techniques, and procedures (TTPs) associated with previous known Mirai botnet attacks. However, unlike the botnets used to launch attacks against the website of […]

Definitive Guide to DLP

Posted in Botnet, DDoS, Flashpoint, mirai, Top Stories | Comments (0)