Category - DDoS Defense

1
Distributed Denial of Service ‘DDoS’ attack on Iran government
2
The New Era of Distributed Denial-of-service ‘DDoS’ Attacks
3
Distributed Denial of Service ‘DDoS’ attack target Maldivian websites
4
TechWeekEurope investigates the Distributed Denial of Service ‘DDoS’ market
5
2 UK LulzSec hackers plead guilty in London court for launching DDoS attacks
6
Legalize Distributed Denial of Service ‘DDoS’, says Dutch opposition party
7
Twitter Down: Blames Bug for Double Outage, Denies DoS Attack
8
Québec government sites hit with Distributed denial of service ‘DDoS’ Attack
9
Alleged Lulzsec member, Ryan Cleary, indicted in U.S.
10
London Internet Exchange hit by suspected DDoS attack

Distributed Denial of Service ‘DDoS’ attack on Iran government

The Syrian government may be on its last legs but they have fought the rebels in a number of ways that have not received much publicity. For example, it was recently discovered that someone was targeting pro-rebel websites and individuals outside of Syria. The attack came in the form of phony email addressed to a specific individual and made to appear it was from another rebel sympathizer or activist that the recipient knew. There was a file attached which, when opened, secretly installed monitoring software. Thus the infected computer could be secretly monitored by the Syrian government and files, email, and even all keyboard activity quietly copied.

This is known in the trade as “spear fishing” (or “phishing”), which is a Cyber War technique that sends official looking email to specific individuals, with an attachment which, if opened, secretly installs a program that sends files from the email recipient’s PC to the spear fisher’s computer. In the past few years an increasing number of military, government, and contractor personnel have received these official looking emails, with a PDF document attached and asking for prompt attention. Despite being widely known, spear phishing still works and intelligence gathering organizations use it more and more.  The spear phishing campaign against Syrian rebels was discovered and it appears that damage was limited (or perhaps not).

China has been particularly active in using this against pro-reform Chinese living outside of China. Other police states have also been found using these techniques. Another favorite Information War tactic is to shut down opposition web sites. This is usually done using a DDOS (distributed denial of service) attack. These are carried out by first using a computer virus (often delivered as an email attachment or via a game or an infected website), that installs a secret Trojan horse type program, that allows someone else to take over that computer remotely and turn it into a “zombie” for spamming, stealing, monitoring, or DDOS attacks to shut down another site. There are millions of zombie PCs out there and these can be rented, either for spamming or launching DDOS attacks. Anyone with about $100,000 in cash could carry out attacks. You can equip a web site to resist, or even brush off, a DDOS attack and some of those attacked were prepared. But others were not. Websites supporting the overthrow of dictators are increasingly being shut down, sometimes for weeks, by DDOS attacks or zombies that disable the site internally.

Syria was not known to have an extensive Cyber War capability, they apparently had Iranian Cyber War experts helping out. Criminal (as in Internet based crime) gangs are often preferred because these guys are up-to-date on all the latest techniques. All you usually have to do in return is offer the gangs a safe haven. The gangs have to refrain from major operations against the country they are in but most of the targets are in the West (that’s where most of the money is). Of course, no one will admit to this sort of thing. But criminal gangs working for the secret police is an ancient practice in these two countries, something that goes back centuries. None of the major Internet crime gangs are in Syria, which leaves Iran, or even Russia or China, as the supplier of Cyber War weapons and technology to Syria.

Source: http://www.strategypage.com/htmw/htiw/articles/20120723.aspx

The New Era of Distributed Denial-of-service ‘DDoS’ Attacks

The perpetrators of a growing number of distributed denial-of-service attacks today are not scammers. Rather, they are individuals or groups hoping to make political or ideological statements. These troublemakers are known as “hacktivists.”

This information comes from a survey released earlier this year by Arbor Networks. Each year, this company releases its Worldwide Security Infrastructure Report. And in the most recent report, released in February of this year, Arbor found that 35 percent of its respondents said that ideology or politics is the most common motivator for distributed denial-of-service attacks.

That was the most common response. Vandalism was cited as the second most popular reason behind these attacks, with 31 percent of survey respondents citing this motivation.

The growth of denial-of-service attacks

A distributed denial-of-service attack is an increasingly popular form of hacking in which multiple outside systems are programmed to flood the bandwidth or resources of a particular web server. The goal is to prevent users from accessing network resources.

For instance, those launching a distributed denial-of-service attack may try to shut down portions of a bank’s website or prevent users from accessing the online homes of major credit card companies.

Cybercrime as political statement

And, as the Arbor Networks survey says, often the people behind these attacks are using this cybercrime as a way to make a statement. The perpetrators of a denial-of-service attack may think that Bank of America is corrupt. To show their displeasure, they may try to shut down its credit-card payment gateways.

One of the better-known distributed denial-of-service attacks came in early 2004. Mydoom impacted Microsoft Windows and sent paralyzing amounts of junk email through the use of infected computers.

The WikiLeaks denial-of-service attack

A more recent case took place in 2010. That’s when supporters of Julian Assange, the founder of WikiLeaks, launched a distributed denial-of-service attack against a host of major credit-card companies.

This last attack is a good example of what Arbor Networks found in its recent survey. Those who launched it were definitely making a political statement.

Will this trend continue? That remains to be seen. But one thing is certain: Today’s distributed denial-of-service hackers are not only skilled; increasingly, they’re motivated by convictions that are far deeper than those of the average online scammer.

Source: http://www.geekofficesolutions.com/2012/07/10/the-new-era-of-distributed-denial-of-service-attacks/

Distributed Denial of Service ‘DDoS’ attack target Maldivian websites

Service interruptions to some Maldivian websites have been observed throughout last week has continued.

Site managers of Haveeru Online and Sun Online report that increasing number of inaccessibility complaints have been received by the two most prominent news websites in the Maldives. Some people complain of inaccessibility to other websites as well.

Dhiraagu informed that the problems are caused only to Haveeru Online website and that the cause of it is due to DDoS attacks aimed at the website. DDoS attacks increase the traffic intentionally paralyzing a targeted computer network by flooding it with data sent simultaneously from many individual computers.

Dhiraagu Manager Marketing, Communications and Public Relations Mohamed Mirshan said that Dhiraagu does have precautionary measures in place and that “Haveeru and Dhiraagu are both victims” and that such problems are being solved as soon as the attacks hit.

“These attacks are targeted at Haveeru. These are not aimed at the Dhiraagu infrastructure. DDoS is very common all around the world. We have taken the same measures taken internationally. DDoS cannot be controlled by anyone other than its originators. The only thing we can do is, mitigate the attacks. Dhiraagu has also taken all necessary measures taken against it worldwide,” Mirshan said.

Even though Dhiraagu said that the attacks were only being targeted against Haveeru, Sun Online also informs that issue of inaccessibility has been noticed. Haveeru and Sun online stressed that the issue was observed even this morning.

Both online websites said that numerous complaints have been received regarding inaccessibility to the websites from abroad, due to these DDoS attacks.

Dhiraagu stated that DDoS attacks are cybercrimes and that the perpetrators need to be found and brought to justice.
Source: http://www.haveeru.com.mv/news/43134

TechWeekEurope investigates the Distributed Denial of Service ‘DDoS’ market

“I’ve put lots of sites offline,” the dealer says. “Shops, schools and another site, but I can’t tell you about that one here.”

Those pushing services on the Internet’s black market are unsurprisingly secretive about their targets when talking directly. Even with Skype’s encryption and peer-to-peer protections, this Distributed Denial of Service (DDoS) dealer wouldn’t reveal too much, for fear of being ensnared by law enforcement.

Sites across the web are being smashed offline by such DDoS dealers every day. Criminal organisations, disgruntled individuals, governments and private organisations pay them to knock enemies offline. And they know they can earn a lot by doing a little.

It isn’t difficult to find them either. Just head onto one of the many hacker forums and you’ll come across shiny DDoS advertisements, with tawdry, 90s-era banners displaying prices and contact details.

On the darker parts of the web, things are a little less glamorous, but the menus are largely the same.

More aggressive marketing

One seller going by the name of Gwapo is particularly open about the business he/she is running. Gwapo has a website called DDoS Service, which is remarkably simple, containing just two landing pages. But it also features a video advertisement of a young American man talking about what Gwapo can do.

The man claims Gwapo has four years of DDoS experience, in both attack and defence. It is a remarkably brazen piece of marketing. Perhaps even more remarkable is the fact that YouTube allows such videos to be published. Since being thrown on the site in mid-June, it has already acquired over 32,000 views. This is not the first promo vid Gwapo has put out either. The one below takes a more salacious tack.

DDoSers are unafraid of outlandish promotion. They know there is money to be earned here, and they know there is plenty of competition.
Dealing with the dealers

Whilst finding them is simple, getting dealers to open up is trickier. Gwapo was particularly reticent when speaking over Skype. But Tor Chat provided enough peace of mind for dealers to reveal more about themselves to TechWeekEurope, which has been contacting those pushing their wares on the DDoS market over the last month. To be clear, we did not ask the sellers to take down websites. DDoS is against the law and TechWeekEurope does not support it in any way.

Ned – not his real name – told us he was a 17-year-old computer science student. He claims friends introduced him to the illicit cyber services game. “Now I got some Russian friends,” he quips. His biggest ever hit lasted for two days, for which he was paid just over $250. In that case, he was asked to kill the attack early. The buyer got tetchy about how successful the hit was.

To carry out that brutal hit, Ned relied on a botnet of around 2000 bots, he says. Without prompting, Ned initiates a demo. His target? One of the most popular hacking forums on the Web. We go to the site as soon as he says it is down. He knocks it offline for around 30 seconds before killing the DDoS. Any site is fair game, it seems.

As for pricing, he was offering a small site without protection at just $4 an hour. For a larger website, the cost can be as much as $100 an hour. Initially, Ned comes across as ambivalent to the dangers of selling DDoS services. Is he not worried about getting chucked out of school and thrown in jail? “Nah,” he coolly responds. But when we push him, asking if he would be happy to take down a major banking site, Ned backs down. “I don’t want to get in trouble,” he says.

Another dealer, who claims to focus his botnet’s energy specifically on sites using Cisco, Juniper and Cloudflare gear to mitigate attacks, says he has done single deals for over a $1000. Like Ned, he says some buyers will pay as much as $100 for each hour a big-league website is downed.

Yet, as with many other dealers, BProof said he will happily accept between $5 and $10 to take easy targets offline for an hour. The bots he was herding could apparently do plenty of damage with just a little effort. “I can take down CloudFlare lines with 30 bots, that’s nothing for me,” was one claim (CloudFlare is a content delivery network). He offers us a 10 minute test. We decline. It was already clear how easy it was for these denizens of the dark web to kill websites.

It’s also clear that acquiring services can be very cheap indeed. Even the most impecunious of businesses could knock a competitor down. For many companies, having a website taken offline for a while causes nothing more than a little embarrassment. But for others, it can cause substantial financial damage.
Who’s buying?

All kinds of organisations are getting pummelled by DDoS attacks in today’s world. And all kinds of organisations are paying for them too.

Some even get creative with their DDoS strikes. André Stewart, president international at Corero Network Security, said he knew of a telecoms company that saw its services downed by a competitor after launching a free VoIP service. The envious rival set up an online game, which, when played, sent very small UDP [User Datagram Protocol] packets to attack the site from which free VoIP was being offered. It was a rare case of malicious gamification.

“That was almost undetected. We looked at it very carefully and analysed the packets and saw what was going on,” Stewart said. “There are cases of companies attacking other companies. That exists – for competitive advantage or to deny something that has been competitive.”

DDoS is a well-known as a protester’s weapon too. Hacktivists like Anonymous and LulzSec have proven that, with successful strikes on big-name sites, from Theresa May to the CIA. But Stewart believes everyday people are now buying DDoS services too, simply to vent their discontent at whatever organisation they’re frustrated at.

“Low-cost airlines get attacked, for instance, and government entities that manage speeding fines,” he said. “It has almost become the new way of customer dissatisfaction.”

This year has also seen a new target: non-profit groups. Avaaz, which campaigns against what it believes are immoral measures of nation state regimes, including the US and China, one can guess who would be keen to knock down their site. Removing Avaaz’s website also removes its donation page – i.e. its main source of funding.

The Pirate Bay has obvious enemies too – copyright holders. “I do think the music industry, the film industry, where there is a serious amount of money leaking, they would like to see it close down,” Stewart added. “They [music and film industry organisations] can operate in ways that are completely anonymous. If they want they can attack those types of sites [like The Pirate Bay].”

DDoS services are in high demand and for myriad reasons. Big corporations, small businesses, governments and irascible individuals all take an interest in them.
Going solo

But DDoS dealers don’t just rely on money from clients. They can go direct and extort those businesses whose very survival relies on an Internet presence. This can provide them with much more income than working the black market.

For those who go after online gambling businesses, the financial rewards can be huge, according to Stewart. “Somebody will send a note to the betting guys, saying ‘we will stop the service just before the game for an hour or two hours’. They will be able to calculate very easily how much it means to them and their business stopping for that amount of time,” he explains. “If the person is only asking for $50,000 they will pay for it. If they feel their security is not up to scratch.”

Such businesses are easy targets. Corero works with a number of gambling firms and claims to have difficulties in upgrading their kit to mitigate against DDoS strikes. “We’re not able to do any upgrades to their network or any changes until a major competition is off. And then there is always another one that starts,” Stewart adds.

Geopolitical issues also affect gambling firms’ level of security against DDoS, he says. “Because a lot of these betting companies are based in tax havens, there aren’t many authorities that are ready to say ‘we will protect you’ because they’re already seen as dodging taxes – a lot of taxes they should be paying onshore. So they’re relatively unprotected.

“They will know how protected they are. If something new comes out and they’re not up to scratch, then they will not talk about it, but they will make the payment.”

Stewart knows of businesses who have paid “£100,000 here and £100,000 there” just to pay off those threatening to kill their sites. “That’s not uncommon.” If they didn’t pay, the losses would be much greater. “Companies have been known to go down for 6 hours, and the losses are in the millions.”

Symantec recently spotted a crimeware bot known as “Zemra” being used in DDoS attacks against specific machines for extortion. It featured a command-and-control panel hosted on a remote server, as well as a tonne of functionality, including 256-bit DES encryption/decryption for communication between server and client, and propagation through USB.

Zemra comes at a cost though. It first appeared on underground forums in May 2012 at €100. Even those dealing to the DDoS dealers can make a killing.
Infiltrating the markets

What is clear from TechWeekEurope’s trips to the underground markets is that botnets are at the core of the problem. No doubt many are using tools to carry out application-level DDoS attacks, such as Slowloris and Hulk, but botnets appeared to be the weapon of choice on the market.

If such markets are to be countered in the coming years, killing off botnets would be a fine place to start. Many efforts to slay these nasty networks have seen operations sinkholed, where bots are directed to servers belonging to the good guys, rather than the bad guys’ command and control centres.

Others, like the dismantling of DNSChanger, look to completely take apart the physical hardware. This can lead to issues, however. Many fear the hundreds of thousands still connected to the infrastructure of DNSChanger will lose internet connectivity when the FBI pulls the plug on 9 July.

But prophylactic measures are not good enough. Just taking servers offline or sinkholing operations only suspends malicious activity.To kill a botnet, arrests need to be made. “If you’re going to tackle it long-term, it really is going to involve apprehending the people who are behind it,” says David Emm, senior regional researcher at Kaspersky Lab.

Taking down more botnets will require greater cooperation between private and public bodies, and across borders too, Emm believes. Whilst there have been notable successes in the past year, there remain problems. Overcoming global demarcation of cyber policing is one of the biggest. Emm says most activity continues to happen at a “more informal level”. If major players such as the US and EU nations could organise more formal frameworks, this would speed up the intelligence sharing operation, he claims.

“One of the difficulties comes with speed of response. Although there is quite a lot of activity where law enforcement agencies in different parts of the world can cooperate, unless there is a supranational agreement that they can combine activities under, it is difficult with the informal stuff to be as quick as say the spammers or DDoSers can be,” Emm adds. “There are always going to be limits given you’ve got different zones of legislation where the cyber criminals don’t.”

Behind all this additional cooperation, “just good old-fashioned policing” is needed, says Ross Anderson, professor of security engineering at the University of Cambridge’s Computer Laboratory. “Even the UK police have had occasional successes. It’s just a matter of trying. Even crooks in Russia can be arrested if the Foreign Office starts to care about it,” he adds.

One recent case proved how more surreptitious means can help bring down cyber crime operations too. When the FBI announced the arrest of 24 people in June, it hinted at a maturation of cybercrime efforts. The cops set up their own market, where unwitting crooks went to sell and buy credit card details. IPs were collected and activity tracked across other nasty websites. Then the suspects were apprehended, not just in the US, but across the globe, with six taken into custody in the UK. It was one of the most impressive cyber operations in recent times.

Infiltrating the DDoS markets, or setting up honey traps as the FBI did, looks like the most efficient way to bring them down. In turn, botnets will become inactive and other cyber crimes mitigated too. The tools are there, police just have to be given the opportunity to start using them more.

Source: techweekeurope

2 UK LulzSec hackers plead guilty in London court for launching DDoS attacks

LONDON — Two British hackers linked to the notorious Lulz Security group pleaded guilty to a slew of computer crimes Monday, the latest blow against online miscreants whose exploits have grabbed headlines and embarrassed governments around the world.

Ryan Cleary, 20, and Jake Davis, 19, pleaded guilty to conspiring with other members of LulzSec to attack government, media, and law enforcement websites last year, according to Gryff Waldron, an official at London’s Southwark Crown Court.

LulzSec — an offshoot of the loose-knit movement known as Anonymous — has claimed responsibility for assaults on sites run by the Central Intelligence Agency, the U.S. Public Broadcasting Service, and media mogul Rupert Murdoch’s News International. Other targets included media and gaming giants Nintendo Co. and Sony Inc., security company HBGary Inc., Britain’s National Health Service, and Arizona State Police.

Waldron said two other defendants — 25-year-old Ryan Ackroyd and an unnamed 17-year-old — have pleaded not guilty to the same charges and will face trial in April of next year.

All four defendants have denied two counts of encouraging or assisting others to commit computer offenses and fraud. Waldron said prosecutors were still weighing whether to take Cleary and Davis to court on the remaining charges.

LulzSec, whose name draws on Internet-speak for “laugh out loud,” shot to prominence in mid-2011 with an eye-catching attack on PBS, whose website it defaced with a bogus story claiming that the late rapper Tupac Shakur had been discovered alive in New Zealand.

It was an opening shot in what became a months-long campaign of data theft, online vandalism and denial-of-service attacks, which work by jamming target websites with bogus traffic.

The hackers repeatedly humbled law enforcement — stealing data from FBI partner organization InfraGard, briefly jamming the website of Britain’s Serious and Organized Crime Agency, and publishing a large cache of emails from the Arizona Department of Public Safety.

The cybercrime spree focused attention on Anonymous, a loose-knit collection of Web-savvy activists and Internet pranksters — many of whom have turned their online guns on governments, officials or corporations over a variety of political grievances.

LulzSec and its reputed leader, known as Sabu, had some of the highest profiles in the movement. But in March U.S. officials unmasked Sabu as FBI informant Hector Xavier Monsegur and officials on both sides of the Atlantic swooped in on his alleged collaborators, making roughly half a dozen arrests.

Cleary, who had been nabbed in an earlier raid, also pleaded guilty to providing the hackers with illegally hijacked computer networks for use in denial-of-service attacks and breaching the Pentagon’s cyberdefenses by installing or altering files on U.S. Air Force Agency computers.

Cleary faces a U.S. federal indictment in relation to his cyberattacks, but his attorney says her client is autistic and that she would “fiercely contest” any move to extradite him to America.

Source: washingtonpost

Legalize Distributed Denial of Service ‘DDoS’, says Dutch opposition party

Dutch opposition party D66 has called for the legalization of DDoS in its new election manifesto.

Distributed denial of service (DDoS) attacks should be viewed as online public demonstrations, and as such should be regulated in the same basic manner as street demonstrations, says D66 campaign manager Kees Verhoeven.

Democrats 66 (a party formed by young intellectuals in 1966) currently has ten seats in the Dutch House of Representatives, five in the Senate and three in the European Parliament. It is in opposition to the Rutte-Verhagen coalition in The Netherlands. It describes itself, somewhat reluctantly, as “a progressive liberal party.”

D66 believes that online hacktivism is similar to on-street demonstrations and should be controlled in a similar manner: regulated, not banned. Under the proposals, hacktivists would need to give prior warning of their action to allow companies to take whatever defensive measures they choose. At the moment this often happens in general if not in detail: hacktivists will often pre-announce their targets if not necessarily the precise time of the attack.

The move would make a formal distinction between disrupting the online service of a company, and breaking into the servers of that company – a distinction that is not generally held in most jurisdictions.

D66 is also calling for greater privacy and consumer protection online. The collection and re-use of personal data by websites should be strictly on an informed opt-in basis, while the privacy of emails should be guaranteed. Website blocking should be allowed solely via a court order, and then only for serious offenses such as terrorism or inciting violence. The recent blocking of The Pirate Bay (TBP) website by both the Dutch and UK courts would thus not have happened.

Source: InfoSecurity

Twitter Down: Blames Bug for Double Outage, Denies DoS Attack

Normal service was restored for most users after several hours of confusion but some unfortunate people continued to face problems well past 4 pm EST on Thursday, as the company acknowledged the issue was still ongoing. “It did not say how many users were affected by the outage, or how long it lasted,” The Times of India reported.

The official blame was placed on a “cascading bug” that disrupted the system; the first message reporting the outage was posted, to the company blog, precisely at 9:35am PDT (4:35pm GMT). The message said engineers were investigating the issue. The next update, an hour later, suggested the issue was resolved. However, it was soon re-written to inform users resolution of the problem was “ongoing”.

Incidentally, the company line aside, a hacker claiming membership with the UGNazi hacker group claimed responsibility. There is no confirmation the cited Denial-of-Service (DoS) attack was theirs. According to Total Telecom, a Twitter spokesman later denied the claim, reiterating the “outage was due to a cascaded bug in one of our infrastructure components.”

Following the second service outage, Twitter reportedly began a full recovery procedure around 11am PDT (6pm GMT).

“We are currently conducting a comprehensive review to ensure that we can avoid this chain of events in the future,” the company said.

According to a performance report from Apica, a technology performance testing firm, Twitter’s service was first disrupted at 8:03am PDT (3:03am GMT). The service was later restored around 10:08am PDT (5:08am GMT) but went down again for roughly twenty minutes starting at 10:48am PDT (5:48am GMT).

A service called “Down Right Now”  monitored the outage in real time to indicate when the temporary glitch would be resolved.

The outage comes after Twitter Inc. chief executive Dick Costolo proposed plans of expanding service for ad product across 50 countries this year, Bloomberg reported. The company is predicting $1bn in advertising revenue by 2014.

Source: http://www.ibtimes.co.uk/articles/355275/20120622/twitter-blames-bug-outage-dos-attack-hacker.htm

Québec government sites hit with Distributed denial of service ‘DDoS’ Attack

Six alleged hacktivists have been arrested in Canada following a series of attacks on Quebec government websites.

Neither the identity of the suspect nor information on the site they targeted or why have been released by tight-lipped Canadian authorities.

Five police forces – including the Royal Canadian Mounted Police, the Sûreté du Québec, and three municipal forces – carried out a series of raids that led to the arrests. Three of those arrested were minors. Police declined to say whether the suspects were part of Anonymous, citing the need to preserve the integrity of an ongoing investigation, Canadian Press news agency reports.

The Québec government has earned the ire of Anonymous over recently enacted anti-protest laws. The province’s education and Montreal police department websites were hacked in a series of attacks last month. The website of the provincial Liberal party also became a target in the same set of denial of service assaults.

Hacktivists also managed to get their hands on the personal details of spectators attending the Formula One car-race in Montreal before sending somewhat threateningly worded emails warning motor racing fans of possible trouble.

“If you intend to use a car, know that your road may be barricaded,” the ‘Notice to Grand Prix Visitors’ emailed by Anonymous warned.

“If you want to stay in a hotel, know that we may enter it. If you seek to withdraw money from a bank, know that the shattering glass may sting. If you plan on watching a race, know that your view may be obscured, not by exhaust fumes but by the smoke of the fires we set. Know that the evacuation order may not come fast enough.”

Police created barriers blocking access to certain public places or detained people suspected of planning to disrupt the 10 June Grand Prix, allowing the event to proceed normality while sparking some criticism from civil liberties activists over an allegedly heavy-handed approach towards dealing with dissent.

Source: http://www.theregister.co.uk/2012/06/20/quebec_hacktivist_arrests/

Alleged Lulzsec member, Ryan Cleary, indicted in U.S.

A U.S. federal grand jury has indicted Ryan Cleary, a British citizen, accusing him of orchestrating a hacking rampage last year that victimized Sony Pictures Entertainment, Fox Entertainment Group and others.

The indictment, filed on Tuesday in Los Angeles district court, alleges Cleary ran a powerful botnet used to execute distributed denial-of-service (DDOS) attacks, vandalize websites and steal sensitive data as part of the hacking group Lulz Security, or LulzSec.

LulzSec, an offshoot of Anonymous, fell under heavy scrutiny from law enforcement worldwide for its successful attacks and relentless bravado, often publicized through its Twitter account.

Cleary, 20, was arrested in June 2011 at his home in Wickford, England, for allegedly taking part in the DDOS attacks against Britain’s Serious Organised Crime Agency. He is charged in the U.K. with five computer-related offenses and is accused of distributing botnet programs to attack SOCA as well as websites of the International Federation of the Phonographic Industry and the British Phonographic Industry.

An FBI spokeswoman said the U.S. will evaluate after Cleary’s legal proceedings have finished in the U.K. whether to request his extradition.

Cleary, who has been diagnosed with a type of high-functioning autism called Aspergers Syndrome, is in jail awaiting trial. He was arrested again in March for breaching his bail conditions by using the Internet and contacting former LulzSec leader Hector Xavier Monsegur, The Guardian reported.

Monsegur, who was known as “Sabu,” was arrested in secret by the FBI and provided information that led to another spate of LulzSec arrests, including of one American man and four in the U.K. in March. Monsegur pleaded guilty in August 2011 to various hacking charges, including attacks against HBGary Federal, the Public Broadcasting System, Sony Pictures and Fox.

Cleary is also accused of either attacking or stealing data from Fox, PBS, Sony, Riot Games and SOCA. He is charged with one count of conspiracy and two counts of unauthorized impairment of a protected computer. If convicted, he could face a maximum of 25 years in prison.

Cleary, already charged in the U.K., is accused of attacking Sony Pictures and Fox Entertainment

The indictment alleges Cleary controlled a botnet that may have been composed of hundreds of thousands of computers. Botnets are networked of hacked computers that can be remotely controlled.

He is also accused of identifying security vulnerabilities on computer networks, obtaining sensitive information and coordinating the publishing of the information taken from LulzSec’s victims. Prosecutors allege in one instance Cleary stole the personal data of people registered to receive information on auditions for Fox’s “The X-Factor” talent show.

Source: http://www.computerworld.com/s/article/9228096/Alleged_Lulzsec_member_Ryan_Cleary_indicted_in_U.S.

London Internet Exchange hit by suspected DDoS attack

The London Internet Exchange (LINX) has been hit by a large scale outage that many observers are blaming on a possible distributed denial of service (DDoS) attack.

The non-profit exchange provides the majority of UK ISPs with a peering platform for their connections and the outage hit both the companies and their customers all in one go.

The LINX Network Community confirmed the outage on Twitter, despite the organisation’s press office being unable to provide Computer Weekly with a statement.

The tweet said LINX was “aware of issues on its network” and had “engineers currently working to rectify this,” but fell short of giving an explanation for the problem.

However, customers operating over LINX also took to the social network to explain their own experiences, with a number suggesting a DDoS attack was responsible.

Worthers Creative Media Solutions released a statement to its customers saying: “We are told [the outage] was due to a 200GB denial of service attack but are unsure of exact details at this point. The result of this was that 60% of traffic for about 40 minutes got lost to some of our servers and therefore may have affected some people accessing sites.

“Just to clarify, this wasn’t an issue with the servers themselves or the datacentre but was more widespread and outside of our control.”

Voice over IP provider Orbtalk, internet telephony firm Voxhub, and telecoms company VoiceHost also reported being taken down by the outage.

Others are also citing Juniper Networks’ PTX packet switches, which the LINX network is based on, which only went live earlier today. However, with no formal statement from the organisation, the exact cause remains open to speculation.

At the time of publishing this article, the network community said the LINX local area network was now stable, but the huge number of services hit will take time to resume after the failure.

Source: http://www.computerweekly.com/news/2240151068/London-Internet-Exchange-hit-by-DDoS-attack

Copyright © 2014. DoS Protection UK. All Rights Reserved. Website Developed by: 6folds Marketing Inc. | Demo Test