Support

Archive | Hacktivism

DD4BC DDoS Extortion Threat Activity

For the last year or so, an individual or organization calling itself DD4BC (‘DDoS for Bitcoin’) has been rapidly increasing both the frequency and scope of its DDoS extortion attempts, shifting target demographics from Bitcoin exchanges to online casinos and betting shops and, most recently, to prominent financial institutions (banks, trading platforms and payment acquirers) across the United […]

Continue Reading

DDoS Attacks in the Wake of French Anti-terror Demonstrations

On January 15th, France’s chief information systems defense official, Adm. Arnaud Coustilliere, announced a sharp rise in online attacks against French web sites: “Calling it an unprecedented surge, Adm. Arnaud Coustilliere, head of cyberdefense for the French military, said about 19,000 French websites had faced cyberattacks in recent days, …” [1]. As we’ve done in […]

Continue Reading

North Korea Goes Offline

It was reported earlier today that North Korea was having Internet connectivity issues. Given recent events involving Sony Pictures Entertainment (SPE), these reports are of particular interest. The first question when you see this type of report is whether it’s purely a connectivity issue or whether an attack is behind it. While visibility into North Korean […]

Continue Reading

DDoS Activity in the Context of Hong Kong’s Pro-democracy Movement

In early August, we examined data demonstrating a striking correlation between real-world and online conflict [1], which ASERT tracks on a continual basis [2-7]. Recent political unrest provides another situation in which strong correlative indicators emerge when conducting time-series analysis of DDoS attack data. The latest round of pro-democracy protests in Hong Kong began on […]

Continue Reading

DDoS and Geopolitics – Attack analysis in the context of the Israeli-Hamas conflict

Since its inception, the ASERT team has been looking into politically motivated DDoS events [1] and continues to do so as the relationship between geopolitics and the threat landscape evolves [2]. In 2013, ASERT published three situational threat briefs related to unrest in Syria [3] and Thailand [4] and threat activity associated with the G20 […]

Continue Reading

Lessons learned from the U.S. financial services DDoS attacks

By Dan Holden and Curt Wilson of Arbor’s Security Engineering & Response Team (ASERT) During the months of September and October we witnessed targeted and very serious DDoS attacks against U.S. based financial institutions. They were very much premeditated, focused, advertised before the fact, and executed to the letter. In the case of the September […]

Continue Reading

DDoS attacks targeting traditional telecom systems

DDoS affects many types of systems. Some have used the term TDoS to refer to DDoS or DoS attacks on telecommunications systems (Telecommunications Denial of Service).  This is just another application for a DDoS attack, and was mentioned in 2010 by law enforcement and since discussed on a variety of blogs. Typical motives can be […]

Continue Reading

It’s not the end of the world: DarkComet misses by a mile

This blog post is the fourth installment in our ongoing series of articles exploring the crypto systems commonly found in various DDoS malware families.  Previous subjects have included Armageddon, Khan (now believed to be a very close “cousin” of Dirt Jumper version 5), and PonyDOS.  Today we’ll be diving deep into the details of the […]

Continue Reading