Most Updated News on How to Protect Against DoS Attacks!

1
Anonymous Hackers Turned Stock Analysts Are Targeting US & Chinese Corporations
2
Anonymous Goes After Florida Gov. Rick Scott for Polluting the Gulf of Mexico
3
A new botnet has been discovered that takes login credentials
4
Anonymous Launches DDoS Attacks on Banks in “Op Icarus”
5
Members associated with the Anonymous movement have launched DDoS attacks against several North Carolina government online portals as a method of protest against the recent House Bill 2 (HB2) that includes several clauses perceived as anti-LGBT.
6
Anonymous Launches DDoS Attacks on Banks in “Op Icarus”
7
Chinese hackers prowling Taiwan’s systems: Chang
8
Student shuts down 444 school websites to ‘remind teachers they are incompetent’
9
DDoS attacks Explained
10
Commercial Bank of Ceylon website hit by hack attack

Anonymous Hackers Turned Stock Analysts Are Targeting US & Chinese Corporations

A relatively unknown division of the Anonymous hacker collective that goes by the name of Anonymous Analytics has been sabotaging companies on the stock market by revealing flaws in their financial statements, with catastrophic results.

The group, which was founded in 2011, is comprised of former Anonymous hackers who decided that hacking into companies, dumping data, or launching DDoS attacks is not enough.

Anonymous Analytics are the stock market’s vigilantes

Instead, they decided to use their skills as market analysts and black hat hackers to scour the Internet for clues, sometimes with less-than-ethical techniques, and then compile financial reports on the companies they find cheating on the stock market.

Until now, the group has published reports on eleven companies. The list includes mostly US and Chinese corporations, among which the most recognizable names are Qihoo 360 and Western Union.

Its most resounding success was the report on REXLot, a Chinese-based lottery machine service. Anonymous Analytics revealed that REXLot inflated its revenue and the amount of cash on its balance sheet, based on the amount of interest earned.

Anonymus Analytics sends REXLot stock into a downward spiral

The group published its findings on June 24, 2015, and REXLot stock price plummeted from 0.485 Hong Kong dollar per share to 0.12, before trading was suspended.

REXLot rejoined the market on April 18, this year, but even after submitting a 53-page report, the company stock fell again by 50 percent.

After reading REXLot’s report, the group tweeted, “After 10 months, REXLot publishes a confused clarification announcement. We read it and endless laughs were had. We will respond shortly.” And they did, a day after. Another day after that, the group published a second report on the company and modified its rating from “sell” to “strong sell.”

A week later, news outlets reported that REXLot did not have enough cash to make due bond payments, which meant the company had to sell assets to repay bonds, proving the group right, and also showing its power and influence in the financial world.

For an Anonymous sub-division, the group has caused more financial damages to companies around the globe than any fourteen-year-old teen with a rented DDoS stressor, which would make them more qualified to get involved into #OpIcarus more than anyone else.

Source: http://news.softpedia.com/news/anonymous-hackers-turned-stock-analysts-are-targeting-us-chinese-corporations-504495.shtml

Anonymous Goes After Florida Gov. Rick Scott for Polluting the Gulf of Mexico

A member of the Anonymous hacker collective has uploaded a video online requesting the impeachment and immediate resignation of Florida Governor Rick Scott.

In videos posted first on Facebook and then on YouTube, the group launches accusations of corruption and complacency when it comes to the state’s dangerous situation regarding its polluted waters slowly dripping into the Atlantic.

The group specifically outlines the case of Lake Okeechobee, whose waters have slowly trickled into the Gulf of Mexico.

“This water could have easily been sent south to the Everglades, but is his greed for big sugar and the land deals to line his pockets,” the hacker group explains in its video.

Further, the group also brings accusations of Governor Scott protecting the state’s corrupt politicians and manipulating the judicial system with the help Pam Bondi, Florida’s Attorney General.

The Anonymous video also reminds everyone that Governor Scott was previously declared guilty of Medicaid fraud.

Anonymous’ ongoing war with the political class

This is neither the first nor the last time when Anonymous goes after political figures, in the US or other countries. Previously, the group issued similar threats against Donald Trump, Ted Cruz, and Denver Mayor Michael Hancock.

Unlike the case of Mayor Hancock, this time, the hacker group hasn’t provided any shred of evidence for their accusations. In most of these cases, the group only launched small DDoS attacks against public institutions or the target’s personal websites.

Long gone are the days when Anonymous would leak sensitive documents to support their claims.

In 2014, Anonymous had another run-in with the state of Florida, when the group targeted the city of Four Lauderdale because of its treatment of the homeless. In 2011, Anonymous also brought down government sites in Orlando, after the city started arresting people giving food to groups of homeless people larger than 25.

 

Source:  http://news.softpedia.com/news/anonymous-goes-after-florida-gov-rick-scott-for-polluting-the-gulf-of-mexico-504445.shtml

A new botnet has been discovered that takes login credentials

A new botnet has been discovered that takes login credentials from a less-secure site and tests them on banking and financial transactions sites, leaving users who reuse the same password across sites vulnerable to attack.

Internet security firm ThreatMetrix described the botnet in its Cybercrime Report covering the first quarter of 2016. In it, its said that botnet attacks have evolved from large-scale distributed denial of service (DDoS) attacks to low-and-slow attacks which are more difficult to detect. Rather than taking down a site or server, the new botnets mimic trusted customer behavior and logins to access accounts.

The new bots get customer login information from a lower-security site: one with ‘modest sign-up requirements’ for the creation of username/password combinations. The botnets take a list of user credentials from the dark web and run ‘massive credentialing sessions’ on lower-security sites. Often sites that provide content, like Netflix or Spotify, will be targeted for the first phase of attack as they have millions of customers and lower security requirements than most financial institutions and e-commerce sites. “These attacks result in huge spikes over a couple of days with sustained transaction levels of over 200 transactions / second as they slice down the list.” Every time they get a hit with a username/password combination it goes on a list, which is then used to launch a low-and-slow attack on financial and e-commerce institutions. These attacks are difficult to detect and comprised 264 million attacks on e-commerce websites in the first quarter of 2016 alone. They noted an overall 35% growth in bot attacks from the last quarter of 2015 to the first of 2016, a number which is expected to continue to grow.

“With recent data breaches, and the tendency for users to share passwords across websites, cybercriminals find it more lucrative to use a trusted credit card from a valid customer account than it is to attempt to re-use a stolen card that has a limited shelf life. This quarter saw the highest level of attacks on e-commerce with more than 60 million rejected transactions, representing a 90% increase over the previous year.”

Using known combinations targets those who reuse passwords on low and high security websites. While users have been warned against this practice for years, some reports still show that it is common practice. A 2013 report by UK communications watchdog OfCom showed that 55% of adults reuse the same passwords across sites. A similar 2015 study by TeleSign showed 73% of web accounts were protected by duplicated passwords.

Source:  https://thestack.com/security/2016/05/24/new-botnet-targets-password-recycling/

Anonymous Launches DDoS Attacks on Banks in “Op Icarus”

Headlines have been dominated this week by the Anonymous campaign of DDoS attacks against financial institutions all over the world. Named “Op Icarus” in honor of the character from Greek mythology, the campaign seeks to punish what Anonymous views as “corrupt” banks and individuals in the financial sector.

As we all know, distributed denial of service (DDoS) attacks can strike any industry or any organization at any time and without warning. Hacktivism like that carried out by Anonymous and their base of dedicated hackers often involves the use of DDoS attacks, since they provide quick results at low cost, and with minimal risk of compromising the identities of the perpetrators. What’s more, the service downtime they bring about can cause damage to the tune of six-figure sums, so it’s an ideal part of the toolkit for the hacktivist – a fact that is bolstered by people diversifying the techniques behind DDoS attacks.

Distributed denial of service attacks have been a threat to service availability for more than a decade. However, these DDoS attacks have become increasingly sophisticated and multi-vector in nature, overcoming traditional defense mechanisms or reactive countermeasures. These pointed attack campaigns continue to reinforce a growing need for DDoS attack mitigation solutions that can properly defeat attacks at the network edge, and ensure the accessibility required for the financial institutions to maintain business operations in the face of an attack.

While the impact on the individual targets of the DDoS attack campaign, “Op Icarus” is unclear; obstructing or eliminating the availability of email servers is significant. In an online world any type of service outage is barely tolerated, especially in the banking industry where transactions and communications are often time-sensitive, and account security is of utmost importance.

Until distributed denial of service attacks are effectively mitigated as a norm, we can expect hacker communities such as Anonymous to continue gaining notoriety as they bring services down, take websites offline and cause havoc on the internet in pursuit of their goals. 2016 has been a tough year for finance in regard to their cybersecurity, with the massive cyber heist of the Bangladesh Bank as well as the Qatar National Bank data leak having taken place already. It’s safe to say that banks across the globe need maximum security not only for their safes and vaults, but also for their networks. Regardless of the motivations for these attacks, financial firms must be proactive in their defenses.

Source:  https://www.corero.com/blog/725-anonymous-declares-ddos-attacks-on-financial-sector-in-op-icarus.html

Members associated with the Anonymous movement have launched DDoS attacks against several North Carolina government online portals as a method of protest against the recent House Bill 2 (HB2) that includes several clauses perceived as anti-LGBT.

The attacks took place over the weekend and were aimed at the main North Carolina government portal (nc.gov) and the website of the North Carolina Governor Pat McCrory (governor.nc.gov).

The group’s Twitter account (@OperationLGBT) said these attacks will continue until the state changes the HB2 law, also known as the Bathroom Bill.

North Carolina passed a controversial version of this law this past March, one that prevents transgender people from using bathrooms corresponding to the gender with which they identify.

Furthermore, the new HB2 law, applicable statewide, also includes various provisions that nullify local ordinances around the state that provided some sort of protection for the LGBT community, like the ones regulating the use of public accommodations.

The LGBT community protested around the world and the US, and at one point, adult site xHamster blocked access to their service for North Carolina residents, but not before tweeting that both gay and transgender content is actually very popular in the state.

Contacted via Twitter, the hackers behind this campaign told Softpedia that they’re very happy with the support they received from the public for their campaign.

 

 

Source:  http://news.softpedia.com/news/anonymous-attacks-north-carolina-websites-over-controversial-anti-lgbt-law-504173.shtml

 

Anonymous Launches DDoS Attacks on Banks in “Op Icarus”

Headlines have been dominated this week by the Anonymous campaign of DDoS attacks against financial institutions all over the world. Named “Op Icarus” in honor of the character from Greek mythology, the campaign seeks to punish what Anonymous views as “corrupt” banks and individuals in the financial sector.

As we all know, distributed denial of service (DDoS) attacks can strike any industry or any organization at any time and without warning. Hacktivism like that carried out by Anonymous and their base of dedicated hackers often involves the use of DDoS attacks, since they provide quick results at low cost, and with minimal risk of compromising the identities of the perpetrators. What’s more, the service downtime they bring about can cause damage to the tune of six-figure sums, so it’s an ideal part of the toolkit for the hacktivist – a fact that is bolstered by people diversifying the techniques behind DDoS attacks.

Distributed denial of service attacks have been a threat to service availability for more than a decade. However, these DDoS attacks have become increasingly sophisticated and multi-vector in nature, overcoming traditional defense mechanisms or reactive countermeasures. These pointed attack campaigns continue to reinforce a growing need for DDoS attack mitigation solutions that can properly defeat attacks at the network edge, and ensure the accessibility required for the financial institutions to maintain business operations in the face of an attack.

While the impact on the individual targets of the DDoS attack campaign, “Op Icarus” is unclear; obstructing or eliminating the availability of email servers is significant. In an online world any type of service outage is barely tolerated, especially in the banking industry where transactions and communications are often time-sensitive, and account security is of utmost importance.

Until distributed denial of service attacks are effectively mitigated as a norm, we can expect hacker communities such as Anonymous to continue gaining notoriety as they bring services down, take websites offline and cause havoc on the internet in pursuit of their goals. 2016 has been a tough year for finance in regard to their cybersecurity, with the massive cyber heist of the Bangladesh Bank as well as the Qatar National Bank data leak having taken place already. It’s safe to say that banks across the globe need maximum security not only for their safes and vaults, but also for their networks. Regardless of the motivations for these attacks, financial firms must be proactive in their defenses.

Source:  https://www.corero.com/blog/725-anonymous-declares-ddos-attacks-on-financial-sector-in-op-icarus.html

Chinese hackers prowling Taiwan’s systems: Chang

China’s attempts to hack Taiwanese databases did not halt regardless of the state of cross-strait relations in the past eight years, as Beijing epitomizes Sun Tzu’s (孫子) maxim in the Art of War (孫子兵法): “Know your enemy,” Premier Simon Chang (張善政) said in an exclusive report published by the Liberty Times (the Taipei Times’ sister paper).

Taiwan’s information security systems found traces of Chinese hackers every time a cross-strait negotiation event occurred over the past eight years, primarily in the systems of the Ministry of Economic Affairs, Premier Simon Chang (張善政) said.

“Chinese cyberattacks have not been deterred by the calming of cross-strait relations as Beijing wishes to know what we are doing and our modes of thought, especially during negotiations,” he said.

The information obtained might not be used during the actual negotiation, but officials might be completely unaware that their limits or strategies are already known by China, Chang added.

While saying that Chinese probably do not have access to Taiwan’s policies and decisions on the draft cross-strait service trade accords and the draft cross-strait goods trade accords, Chang said that there is no way of being absolutely certain.

The policies of the incoming government might discourage Chinese from hacking if it has no plans to negotiate or interact with China, but the attacks could come in a different form, Chang said.

Chang said that cyberattacks came in two ways — one in which Web sites crash or get a denial of service or distributed denial of service (DDOS) message, and the other in which backdoors are opened into Web sites that allow hackers to steal sensitive information.

An index on Chinese hacking activity would depend on whether Taiwan’s Web sites are attacked openly — such as the Presidential Office’s Web site displaying the People’s Republic of China (PRC) national flag — which might indicate that more subtle hacking is also in progress, Chang said.

China’s efforts at bypassing Taiwan’s firewalls are mostly custom-designed and are extremely hard to detect, Chang said, adding that over the years, Taiwan has uncovered many different methods that are being noticed by other nations.

Chang said that after his dealings with information security, he does not harbor impractical illusions toward China and is of the mind that it is, for the most part, unfriendly toward Taiwan.

Chang said he counts the abolition of regulations on the establishment of the information security center as one of the greatest regrets during his term as premier, adding that the incoming government should seek to retain these regulations and staff.

He said that the staff at the center were the most experienced in dealing with Chinese hackers and they would be of invaluable service to the nation.

When asked whether Taiwan should be on alert in terms of corporations and the Chinese market, Chang said Taiwanese companies are even more concerned than the government over their goods or technologies slipping out of their fingers, adding that all the government had to do was hear what the companies and corporations are saying.

Chang also said that it is highly likely that Taiwanese Web sites would be targeted over the recent World Health Assembly issue, as China might be “afraid that we would say things we should not.”

 

Source:  http://www.taipeitimes.com/News/taiwan/archives/2016/05/15/2003646307

Student shuts down 444 school websites to ‘remind teachers they are incompetent’

TOKYO —

On May 11, police filed obstruction of business charges against a 16-year-old student, alleging that he launched a denial-of-service (DoS) attack against the Osaka Board of Educations server which holds the webpages of 444 elementary, junior high, and high schools in the area.

Although in high school now, at the time of the attacks last November, the student was in junior high school. According to police, he said his own school environment is what motivated his actions.

“I hate how the teachers talk down to us and never let us express ourselves. So, I thought I would remind them of their own incompetence. It felt good to see them have problems. I did it several times,” the boy said.

Police seized the student’s computer and some books about hacking. It is believed that he downloaded a tool which sent large volumes of data to the Board of Education servers, rendering access impossible for periods of about an hour. He would then confirm the take-down by monitoring the websites with his smartphone.

He also told police that he had wanted to join the hacking group Anonymous and that he didn’t know schools other than his own would be affected in the attack. Both statements are ironic in that, as a minor, his identity remains anonymous and apparently he turned out to be a little incompetent himself when it came to hacking.

This incident would mark the first time in the history of Japan that a cyberattack was launched against a local government, and punishments for such a crime include a maximum three-year-prison sentence or 500,000 yen fine.

However, considering the student is a minor and the number of people actually affected (i.e. people who wanted to access a school website during those times) was likely in the high single digits at most, he ought to get off lightly.

Source: Sankei West News

 

Source:  http://www.japantoday.com/category/crime/view/junior-high-student-shuts-down-444-school-websites-to-remind-teachers-they-are-incompetent

DDoS attacks Explained

DDoS is short for Distributed Denial of Service.

DDoS is a type of DOS attack where multiple compromised systems, which are often infected with a Trojan, are used to target a single system causing a Denial of Service (DoS) attack. Victims of a DDoS attack consist of both the end targeted system and all systems maliciously used and controlled by the hacker in the distributed attack.

How DDoS Attacks Work

According to this report on eSecurityPlanet, in a DDoS attack, the incoming traffic flooding the victim originates from many different sources – potentially hundreds of thousands or more. This effectively makes it impossible to stop the attack simply by blocking a single IP address; plus, it is very difficult to distinguish legitimate user traffic from attack traffic when spread across so many points of origin.

The Difference Between DoS and DDos Attacks

A Denial of Service (DoS) attack is different from a DDoS attack. The DoS attack typically uses one computer and one Internet connection to flood a targeted system or resource. The DDoS attack uses multiple computers and Internet connections to flood the targeted resource. DDoS attacks are often global attacks, distributed via botnets.

Types of DDoS Attacks

There are many types of DDoS attacks. Common attacks include the following:

  • Traffic attacks: Traffic flooding attacks send a huge volume of TCP, UDP and ICPM packets to the target. Legitimate requests get lost and these attacks may be accompanied by malware exploitation.
  • Bandwidth attacks: This DDos attack overloads the target with massive amounts of junk data. This results in a loss of network bandwidth and equipment resources and can lead to a complete denial of service.
  • Application attacks: Application-layer data messages can deplete resources in the application layer, leaving the target’s system services unavailable

Source:  http://trickytamilan.blogspot.ca/2016/05/ddos-explained-fully.html

Commercial Bank of Ceylon website hit by hack attack

The Sri Lanka-based Commercial Bank of Ceylon has released a statement admitting that a “hacking attack” on its website resulted in a successful intrusion – however, it maintained that no customer data has been compromised.

The bank, which released a statement in the wake of major cyberattacks targeting the Bangladesh central bank and an unnamed firm in Vietnam, claimed to have successfully defended itself and said its systems have now been fully restored.

A notice posted to the bank’s website confirmed: “There was a hacking attack on our website and the bank took immediate corrective steps. Our systems are fully secure and operational. The hacking attack was also immediately communicated to the relevant authorities.

“We confirm that no sensitive customer data or valuable passwords were lost due to this intrusion. We are taking every measure to protect the privacy of our customers and have engaged external parties to review all our systems to ensure that no vulnerabilities exist.”

The statement did not elaborate on when the so-called ‘intrusion’ took place or exactly what computer systems were targeted by hackers. The breach notification notice has been pinned to the front page of the website.IBTimes UK contacted the bank for additional comment but had received no response at the time of publication.

Indeed, a hacking group recently posted what purported to be information from a Sri Lanka-based Commercial Bank online, as reported by Bank Info Security. The leaked files allegedly included 158,276 files in 22,901 folders and featured annual reports, application forms, financial statements, PHP files, web development backups and other documents from the bank’s corporate front-end website. Based on analysis of this data dump, no customer data appeared to be present and security researchers concluded the data was old. The links to the data dump have since been removed from the web.

The news comes after similar disclosures from the Qatar National Bank (QNB). As previously reported, hackers released data that included names, addresses, credit card data and National ID numbers of QNB customers – alongside more suspicious information that was labelled as belonging to Al-Jazeera journalists, the Al-Thani Royal Family and even members of the country’s security services.

Additionally, the Celylon cyberattack has emerged as hacking collective Anonymous continue to launch cyberattacks against a slew of financial institutions as part of ‘Op Icarus’. It remains unclear if the Sri Lanka incident was the result of a distributed-denial-of-service (DDoS)-style assault, an SQL injection tool or if the attacker was using more sophisticated methods.

A global cyber-scheme

Making matters more complicated, in recent weeks a number of banks have been targeted by hackers with darker motives. The Commercial Bank statement comes after it was confirmed a bank in Vietnam successfully foiled a cyberattack that attempted to compromise sensitive data via the Swift secure messaging service – which is used by over 11,000 financial institutions to send messages and large sums of money across the globe.

The firm in question, Hanoi-based Tien Phong Bank, revealed that in the fourth quarter of last year it identified suspicious requests sent through fraudulent messages on the ‘Swift’ platform that was trying to transfer more than $1m. Tien Phong was quick to stress the attack did not cause any loss of information and that its connection to Swift was not compromised.

However, the Bangladesh central bank, which was attacked in February, was not so lucky. Aspreviously reported, hackers were able to steal roughly $81m (£56m) from its account at the Federal Reserve Bank of New York and then transfer the funds to various bank accounts located in the Philippines.

For its part, Swift recently released a statement acknowledging “a small number of recent cases of fraud.” It said: “First and foremost we would like to reassure you again that the Swift network, core messaging services and software have not been compromised.

“The attackers clearly exhibit a deep and sophisticated knowledge of specific operational controls within the targeted banks – knowledge that may have been gained from malicious insiders or cyberattacks, or a combination of both.”

Meanwhile, BAE Systems has released an in-depth report claiming the malware used in these previous attacks was similar in design to that used in the cyberattack against Sony Pictures in 2014.

Source:  http://www.ibtimes.co.uk/commercial-bank-ceylon-website-hit-by-hack-attack-1560271

Copyright © 2014. DoS Protection UK. All Rights Reserved. Website Developed by: 6folds Marketing Inc. | Demo Test