Distributed denial of service attacks (DDoS) attacks in general are on the rise. One reason may be due to the availability of software tools like LOIC, Slow Loris and BE botnet, which allow anybody to participate in a distributed attack.
Gaming sites in particular have come under attack by multiple hacking groups. Open source of intelligence indicates that some of the attacks are supposedly in response to the company itself, while other attacks are in response to group rivalries.
It appears that social engineering of followers of some of these media-driven hacking groups have influenced others in participating in the attacks thus adding to the intensity of these DDoS attempts.
It is also worthy to note that some DDoS attacks have been used to distract the organization from other criminal activity. One group will cause the traffic disruption, while the others attempt to compromise servers and exfiltrate data.
The IC3 continues to receive complaints reporting DDoS attacks, often to smaller e-commerce based businesses. One reported attack was DNS based. The company reportedly had 165 million hits over a three-day period, which overloaded their network and crashed their site. They stated their web hosting company attempted multiple solutions over the course of the attack, which lasted approximately ten days.
Another reportedly exhausted every avenue available to combat an attack to their site, but was unable to stop it because of the overwhelming intensity. They reported the attack mainly concentrated on the Internet banking services segment of the site, and the attackers were not successful in penetrating the network, gaining access to any internal function. However, the attackers inundated the incoming communication lines with more than 8,000 hits per second to the bank’s login screen, eliminating access to the bank by its clients.
The following are more examples of DDoS attacks reported to IC3:
• Subjects orchestrated a DDoS attack on a server used by a company to host servers for online games. Once the company addressed the attack, the fraudsters then hosted another attack on a different IP.
• Three DDoS attacks in one week targeted a company, hitting them with high volume of traffic, which saturated the uplinks of one of their Internet Service Providers.
• For more than 20 days in May 2011, a business’s network and video game had been under DDoS attacks. The attacks targeted their master servers controlling access to all game servers and player logins. Through research, the company believed the attacker was in the United Kingdom and had also been extorting and threatening other individuals and committing credit card fraud. The company reported that their loss of revenue was approximately $50,000.
• Since March 2011, one company has filed six IC3 complaints, reporting multiple attacks. The most recent were two brute force attacks in May 2011 to their File Transfer Protocol (FTP) server using a non-existent user name and various passwords.
• Another company’s site was recently attacked on two occasions. The attacker reportedly used at least 1,000 unique IPs to crash it.
Volunteer With COVE!
Donate to COVE: