Archive - February 2019

1
Booter Owner Pleads Guilty in Federal Court
2
IoT and DDoS attacks dominate cybersecurity space
3
DoJ Charges Hackers with Staging Computer Attacks

Booter Owner Pleads Guilty in Federal Court

Illinois man offered “DDoS for hire” services that hit millions of victims.

 Sergiy P. Usatyuk, who owned a series of services that collectively launched millions of distributed denial-of-service (DDoS) attacks, has pleaded guilty in federal court to one count of conspiracy to cause damage to Internet-connected computers. The services he owned and offered for use included ExoStress.in (“ExoStresser”), QuezStresser.com, Betabooter.com (“Betabooter”), Databooter.com, Instabooter.com, Polystress.com, and Zstress.net.

The sites were booter services, a class of publicly available, Web-based services that allow cybercriminals to launch DDoS attacks, often for low fees paid by customers who sign up via Web browser and online payment.

According to court documents, Usatyuk ran the network between August 2015 and November 2017. In September 2017, the ExoStresser website advertised that ” … its booter service alone had launched 1,367,610 DDoS attacks, and caused targeted victim computer systems to suffer 109,186.4 hours of network downtime,” one of the documents shows.

No date for sentencing was announced.

Source: https://www.darkreading.com/attacks-breaches/booter-owner-pleads-guilty-in-federal-court/d/d-id/1333993

IoT and DDoS attacks dominate cybersecurity space

Connected devices often get attacked minutes after being plugged in.

IoT devices are being attacked with greater regularity than ever before, new research has suggested.

According to a new report by NETSCOUT, smart products often come under attack within five minutes of being plugged in, and are targeted by specific exploits within a day.

The Threat Landscape Report says IoT device security is ‘minimal to non-existent’ on many devices. That makes the IoT sector among the most vulnerable ones, especially knowing that medical equipment and connected cars fall under the IoT category.

DDoS, in general, is still on the rise, the report adds. The number of such attacks grew by a quarter last year. Attacks in the 100-400 Gbps range ‘exploded’, it says, concluding a ‘continued interest’ hackers have in this attack vector.

The global maximum DDoS attack size grew by 19 per cent last year, compared to the year before.

International institutions, such as the UN or the IMF, have never been this interesting to hackers. DDoS attacks against such organisations had risen by almost 200 per cent last year.

Hackers operate similarly to the way legitimate businesses operate. They employ the affiliate model, allowing them to rake up profits quite quickly.

“Our global findings reveal that the threat landscape in the second half of 2018 represents the equivalent of attacks on steroids,” said Hardik Modi, NETSCOUT’s senior director of Threat Intelligence. “With DDoS attack size and frequency, volume of nation state activity and speed of IoT threats all on the rise, the modern world can no longer ignore the digital threats we regularly face from malicious actors capable of capitalizing on the interdependencies that wind through our pervasively connected world.”

Source: https://www.itproportal.com/news/iot-and-ddos-attacks-dominate-cybersecurity-space/

DoJ Charges Hackers with Staging Computer Attacks

Federal authorities have arrested two alleged members of a hacking group known as the Apophis Squad on charges of making false threats of violent attacks and staging attacks on multiple computer systems.

According to an announcement from the Department of Justice (DoJ), the two defendants, Timothy Dalton Vaughn, 20, of Winston-Salem, North Carolina, and George Duke-Cohan, 19, of Hertfordshire, United Kingdom, are allegedly part of a global group of hackers suspected of wreaking havoc on the internet for the better part of 2018, including launching distributed-denial-of-service (DDoS) attacks.

Duke-Cohan, who is already serving a three-year sentence in the UK for threatening an airline, which turned out to be a hoax, is believed to go by the names DigitalCrimes and 7R1D3N7 online.

The defendants face multiple charges, including conducting cyber- and swatting attacks against individuals, businesses and institutions in the US and the UK, according to the DoJ.

“Members of Apophis Squad communicated various threats – sometimes using ‘spoofed’ email addresses to make it appear the threats had been sent by innocent parties, including the mayor of London,” the announcement stated.

“They also allegedly defaced websites and launched denial-of-service attacks. In addition, Vaughn allegedly conducted a DDoS attack that took down hoonigan.com, the website of a Long Beach motorsport company, for three days, and sent extortionate emails to the company demanding a Bitcoin payment to cease the attack.”

If convicted of all charges in the 11-count indictment, Vaughn could be sentenced to a maximum of 80 years in prison. Duke-Cohen, who is facing nine charges, would be sentenced to a maximum of 65 years if found guilty.

“The Apophis Squad also took credit for hacking and defacing the website of a university in Colombia, resulting in visitors to the site seeing a picture of Adolf Hitler holding a sign saying ‘YOU ARE HACKED’ alongside the message ‘Hacked by APOPHIS SQUAD,’” the DoJ wrote.

Source: https://www.infosecurity-magazine.com/news/doj-charges-hackers-with-staging-1/

Copyright © 2014. DoS Protection UK. All Rights Reserved. Website Developed by: 6folds Marketing Inc. | Demo Test