Staminus Communications – a California-based hosting and DDoS (Distributed Denial of Service) protection company – is recovering a massive data breach after hackers broke down into its servers and leaked personal and sensitive details of its customers.
Though the company acknowledged that there was a problem in a message posted to Twitter on Thursday morning, it did not specify a data breach. Staminus's website went offline at 8 am Eastern Time on Thursday, and on Friday afternoon, a representative said in a Twitter post that "a rare event cascaded across multiple routers in a system-wide event, making our backbone unavailable."Read more
The group that claimed responsibility for taking down the BBC's global website last week has said the attack was "just the start." A group calling itself New World Hacking also claimed responsibility for an attack that downed Republican presidential candidate Donald Trump's campaign website for about an hour.
The cause of the attack was a massive distributed denial-of-service attack, which relies on pummeling a web server with so much traffic that it crumbles under the weight and stops responding. DDoS attacks are widely used, and simple to carry out, often by online groups with the aim of bringing down websites for extended periods.Read more
A group of hackers is threatening to take the gaming networks related to Xbox and PlayStation consoles offline for a week during Christmas, mirroring a similar attack last year that stopped gamers around the world from accessing games.
The group, which calls itself Phantom Squad, says it has already started attacking various gaming networks, including PlayStation Network, Xbox Live and Grand Theft Auto 5, and on Tuesday morning it said it had taken Reddit offline with a cyberattack. Experts have contacted Reddit to ask if it went offline as a result of a cyberattack, but at the time of publication there has been no response.Read more
A recent survey has revealed thatnearly half of the businesses believe they know both the identity and motivation of those behind DDoS attacks carried out against them, a large portion of which believed it was their competitors orchestrating the attacks.
Speaking with Kaspersky Lab, other perpetrators cited by respondents include criminals seeking to disrupt or distract while another attack took place and criminals seeking to disrupt their services for a ransom. Highlighting the DDoS attack on the JANET network that saw large parts of it brought down, ex-KPMG information protection and business resilience manager, said that Kaspersky's prediction is “highly likely”.Read more
Someone just DDoSed one of the most critical organs of the Internet anatomy – The Internet's DNS Root Servers. Early last week, a flood of as many as 5 Million queries per second hit many of the Internet's DNS Root Servers that act as the authoritative reference for mapping domain names to IP addresses and are a total of 13 in numbers.
The attack took place on two separate occasions. The first DDoS attack to the Internet's backbone root servers launched on November 30 that lasted 160 minutes, and the second one started on December 1 that lasted almost an hour. The DDoS attack was able to knock 3 out of the 13 DNS root servers of the Internet offline for a couple of hours.Read more
A report from Recorded Future, a real-time threat intelligence protection company, shows that DDoS-for-Bitcoin extortion schemes are here to stay, with more and more attacks being launched solely for this reason.
This trend can be tracked down to an Akamai report released over the summer that documented the actions of a hacking group known as DD4BC. This group launched DDoS attacks on companies around the world, requesting small payments in Bitcoin for each target. The group's scheme was a simple one. They would send threatening emails to business owners, saying they would launch powerful DDoS attacks if a ransom was not paid in due time to a specific Bitcoin wallet.Read more
Hackers have targeted three Greek banks for a third time in five days, demanding a ransom from each lender of 20,000 bitcoin, according to Greek police and the country’s central bank.
A group demanded the bitcoin ransom after staging its first attacks, and then threatened a full collapse of the unnamed banks’ websites if they refused to pay up. These initial attacks took the form of a distributed denial of service — flooding the banks’ websites with requests so that they crashed under the strain. They succeeded in disrupting electronic transactions at all three banks for a short period, but customer information was protected, a police official said.Read more
ProtonMail decided to pay a $6000 ransom to cyberattackers lobbing a crippling DDoS attack at the service -- but this did nothing to prevent the attack.
The encrypted email service revealed on Thursday the extent of the distributed denial-of-service attack which began on Tuesday, 3 November. The attack, which sent vast amounts of traffic to ProtonMail leading to the overload of systems to the point that legitimate traffic could not get through, has stopped -- but the service has warned it may come under attack again. ProtonMail is used by the privacy-conscious to protect their online communication.Read more
Three new types of reflection DDoS attacks were observed by Akamai SIRT being used in the wild, utilizing three new amplification channels, namely NetBIOS name servers, Sentinel licensing servers, and RPC portmaps.
Reflection DDoS attacks are not new, the way reflection DDoS attacks work is simple. An attacker sends a network packet to another user. The packet is intentionally corrupted but is also spoofed with an origin network address belonging to the victim the attack wants to flood. Because the packet is corrupted, the intermediary sends it back to its origin, which since the origin address has been spoofed in this case is the victim's PC.Read more
Someone has been compromising MySQL servers around the world and using them to mount DDoS attacks. The latest targets of these attacks are an unnamed US hosting provider and a Chinese IP address.
Most of the servers affected in this campaign are located in India, China, Brazil and the Netherlands, but others can be found around the globe. "We believe that the attackers compromised MySQL servers to take advantage of their large bandwidth. With these resources, the attackers could launch bigger DDoS campaigns than if they used traditional consumer targets," Symantec researchers explained. The researchers didn't say how many servers in total were compromised.Read more