Phail_Saph

Massive DDoS attack underway

21 posts in this topic

Over the weekend there was a massive DDoS attack against American and South Korean government computers and business. The federal trade commission site was knocked out. People don't know exactly who it is yet or why mostly relatively unimportant sites were hit. South Korean government just issued an alert.

It's still underway.

-----Phail_Saph-----

1

Share this post


Link to post
Share on other sites

Conficker?

Meh, North Korea probably wrote conficker.

How many people suspect it's North Korea?

1

Share this post


Link to post
Share on other sites

That was my thought too. I've been twittering the blogger that broke that story a few days ago. Nobody is clear yet on the source.

The obvious is NK because it is both US and SK but is it too obvious? The only thing that really keeps me in the North Korean camp is because the attacks are 'goofy' just like the North Korean leadership. They are attacking a strange mix of sites which could only make sense to a North Korean despot. Also, a foreign source is likely because the attacks begun on a national holiday, hoping to take advantage of reduced vigilance.

BTW...its being done by bots...typical of course for DDoS...but the numbers are greater than normal and they are using non-standard attack methods. It almost looks like a proof of concept attack rather than a coordinated assault on a particular objective. Perhaps, the russians or chinese are running a drill?

Anyway if anyone has info post...also there is a new IE flaw that a small snippet of code on a website to allow an intruder to take over your machine...no patch yet...beware. If you get your hands on that code snippet post please...

-----Phail_Saph-----

1

Share this post


Link to post
Share on other sites

Unimportant targets are for three reason.

1) as government sites, they are sending a message.

2) as unimportant sites, they have minimal protection and tracing already in place.

3) as unimportant government sites, it provides a nice baseline for what is the minimum resources put in place for government sites.

@ Phall, non-standard DDOS? Like the whole apache too many sessions thing that was recently disclosed?

0

Share this post


Link to post
Share on other sites

Unimportant targets are for three reason.

1) as government sites, they are sending a message.

2) as unimportant sites, they have minimal protection and tracing already in place.

3) as unimportant government sites, it provides a nice baseline for what is the minimum resources put in place for government sites.

@ Phall, non-standard DDOS? Like the whole apache too many sessions thing that was recently disclosed?

Good points...but it was and is sooo massive...why attack so hard for so little...a drill? Our own government testing itself and allies, knowing that they wouldn't cause real harm...I don't know...I'm back to the North Koreans...they are relatively backwards and unsophisticed they would do something this pointless attack..eh?

Could be the apache...but don't forget the very quietly disclosed and still unpatched IE vulnerability which allows a snippet of code on ANY site to allow bots to infect the machine. This happened too coincidentially...maybe? The thing about this attack is that it is sooo large estimated well beyond 60000 bots.

But as of this morning the reports are indicating major sites like Dow Jones, NYSE were attacked too so maybe it was greater and more focused then initially believed.

-----Phail_Saph-----

0

Share this post


Link to post
Share on other sites

Wikipedia started an entry on this topic.

-----Phail_Saph-----

1

Share this post


Link to post
Share on other sites

Kevin Mitnick talked about it for 10min on Coast to Coast AM last night - equating it to a script-kiddie attack. I think the N. Korean Government would be a little more advanced. I mean every country that has any nuclear capability should be able to write buffer-over-flows and the like.

2

Share this post


Link to post
Share on other sites

Kevin Mitnick talked about it for 10min on Coast to Coast AM last night - equating it to a script-kiddie attack. I think the N. Korean Government would be a little more advanced. I mean every country that has any nuclear capability should be able to write buffer-over-flows and the like.

Why though? Being a nuisance and preventing communication can be just as useful of a tool for "cyber-warfare" as more 'tactical strikes' with a much lower technical barrier. Also, exploits can be patched (in a perfect world, they would be patched) and then lose their value to the attacker, but a DDoS can be a right bitch to deal with.

North Korea my ass! They're barely building nukes.

Rockafeller's Cyber Security Act of 2009 is right around the corner from being presented in congress. Think out side the box people, it doesn't hurt every once in a while.

http://www.opencongress.org/articles/view/961-The-Cybersecurity-Act

In my opinion (and really only there), this is the most likely option. Leaving aside "the crackpot conspiracy theories", there is irrefutable evidence that the US government has, at least, planned false-flag activities in the past to get the public support behind policies it is trying to enact. Now, take this with a grain of salt as I see no real evidence to support this, but it seems as likely as most of the other theories being tossed around.

2

Share this post


Link to post
Share on other sites

Kevin Mitnick talked about it for 10min on Coast to Coast AM last night - equating it to a script-kiddie attack. I think the N. Korean Government would be a little more advanced. I mean every country that has any nuclear capability should be able to write buffer-over-flows and the like.

Why though? Being a nuisance and preventing communication can be just as useful of a tool for "cyber-warfare" as more 'tactical strikes' with a much lower technical barrier. Also, exploits can be patched (in a perfect world, they would be patched) and then lose their value to the attacker, but a DDoS can be a right bitch to deal with.

North Korea my ass! They're barely building nukes.

Rockafeller's Cyber Security Act of 2009 is right around the corner from being presented in congress. Think out side the box people, it doesn't hurt every once in a while.

http://www.opencongr...bersecurity-Act

In my opinion (and really only there), this is the most likely option. Leaving aside "the crackpot conspiracy theories", there is irrefutable evidence that the US government has, at least, planned false-flag activities in the past to get the public support behind policies it is trying to enact. Now, take this with a grain of salt as I see no real evidence to support this, but it seems as likely as most of the other theories being tossed around.

I agree, they could be trying to set an example.

2

Share this post


Link to post
Share on other sites

Kevin Mitnick talked about it for 10min on Coast to Coast AM last night - equating it to a script-kiddie attack. I think the N. Korean Government would be a little more advanced. I mean every country that has any nuclear capability should be able to write buffer-over-flows and the like.

Why though? Being a nuisance and preventing communication can be just as useful of a tool for "cyber-warfare" as more 'tactical strikes' with a much lower technical barrier. Also, exploits can be patched (in a perfect world, they would be patched) and then lose their value to the attacker, but a DDoS can be a right bitch to deal with.

I guess that is what makes you a dangerous free thinker.... It just seems like a government like N.K., if they wanted to could possibly do better... crippling some major infastructure or what-not. I've not researched it much, so my opinion is coming from what Mitnick stated about the attacks - something to the effect it was more teenage in nature than government.

Looking at the attack, something was obviously compromised though, in order to get a botnet that large.

Edited by tekio
2

Share this post


Link to post
Share on other sites

Kevin Mitnick talked about it for 10min on Coast to Coast AM last night - equating it to a script-kiddie attack. I think the N. Korean Government would be a little more advanced. I mean every country that has any nuclear capability should be able to write buffer-over-flows and the like.

Why though? Being a nuisance and preventing communication can be just as useful of a tool for "cyber-warfare" as more 'tactical strikes' with a much lower technical barrier. Also, exploits can be patched (in a perfect world, they would be patched) and then lose their value to the attacker, but a DDoS can be a right bitch to deal with.

I guess that is what makes you a dangerous free thinker.... It just seems like a government like N.K., if they wanted to could possibly do better... crippling some major infastructure or what-not. I've not researched it much, so my opinion is coming from what Mitnick stated about the attacks - something to the effect it was more teenage in nature than government.

Looking at the attack, something was obviously compromised though, in order to get a botnet that large.

I'm not saying N.Korea did this, but I wouldn't be surprised, because they've done alot of childish things lately.

Edited by R4p1d
2

Share this post


Link to post
Share on other sites

Kevin Mitnick talked about it for 10min on Coast to Coast AM last night - equating it to a script-kiddie attack. I think the N. Korean Government would be a little more advanced. I mean every country that has any nuclear capability should be able to write buffer-over-flows and the like.

Why though? Being a nuisance and preventing communication can be just as useful of a tool for "cyber-warfare" as more 'tactical strikes' with a much lower technical barrier. Also, exploits can be patched (in a perfect world, they would be patched) and then lose their value to the attacker, but a DDoS can be a right bitch to deal with.

I guess that is what makes you a dangerous free thinker.... It just seems like a government like N.K., if they wanted to could possibly do better... crippling some major infastructure or what-not. I've not researched it much, so my opinion is coming from what Mitnick stated about the attacks - something to the effect it was more teenage in nature than government.

Looking at the attack, something was obviously compromised though, in order to get a botnet that large.

I'm not saying N.Korea did this, but I wouldn't be surprised, because they've done alot of childish things lately.

True dat. Not binge on another topic, but N.K. is scary: they want nukes to protect what? Who wants North Korea? I'd like to say it was North Korean Teenagers, but I don't think teenagers in that country can go on the Internet.

1

Share this post


Link to post
Share on other sites

Kevin Mitnick talked about it for 10min on Coast to Coast AM last night - equating it to a script-kiddie attack. I think the N. Korean Government would be a little more advanced. I mean every country that has any nuclear capability should be able to write buffer-over-flows and the like.

Why though? Being a nuisance and preventing communication can be just as useful of a tool for "cyber-warfare" as more 'tactical strikes' with a much lower technical barrier. Also, exploits can be patched (in a perfect world, they would be patched) and then lose their value to the attacker, but a DDoS can be a right bitch to deal with.

I guess that is what makes you a dangerous free thinker.... It just seems like a government like N.K., if they wanted to could possibly do better... crippling some major infastructure or what-not. I've not researched it much, so my opinion is coming from what Mitnick stated about the attacks - something to the effect it was more teenage in nature than government.

Looking at the attack, something was obviously compromised though, in order to get a botnet that large.

I'm not saying N.Korea did this, but I wouldn't be surprised, because they've done alot of childish things lately.

True dat. Not binge on another topic, but N.K. is scary: they want nukes to protect what? Who wants North Korea? I'd like to say it was North Korean Teenagers, but I don't think teenagers in that country can go on the Internet.

The speculation I have is..

Kim Jong il is planning on retiring.

I think he is simply just preparing his son to take leadership.

I just hope I'm right. :ninja:

1

Share this post


Link to post
Share on other sites

Not binge on another topic, but N.K. is scary: they want nukes to protect what? Who wants North Korea?

Well, not to be pedantic, but the Korean Conflict never officially ended, so the United Nations (*cough*US*cough*) is technically in the middle of a "police action" against North Korea, it has just been in an extended cease fire agreement since 1953 (although both sides still man the border, and NK recently made actions at pulling out of the armistice agreement).

The speculation I have is..

Kim Jong il is planning on retiring.

I think he is simply just preparing his son to take leadership.

I just hope I'm right. :ninja:

Aww, it'll be sad to see ole Kimmy go.

I thank him for keeping America together, because no matter who you are: Republican or Democrat, Libertarian or Socialist, AnCap or AnCom - We can all agree that Kim Jong Il is one crazy motherfucker who makes Austin Powers villains seem plausible.

Oh and an update on this MyDoom variant bot. The hosts are set to self destruct by overwriting the hard drives. Hmm, this sounds like it can only lead to fun, fun, fun... not.

Edited by n3xg3n
1

Share this post


Link to post
Share on other sites

Kevin Mitnick talked about it for 10min on Coast to Coast AM last night - equating it to a script-kiddie attack. I think the N. Korean Government would be a little more advanced. I mean every country that has any nuclear capability should be able to write buffer-over-flows and the like.

Fellow Coast to Coast lover...remember the good old days with Art Bell? Anyway do you have the audio to that interview...Coast to Coast doesn't provide free audio on their website anymore.

-----Phail_Saph-----

1

Share this post


Link to post
Share on other sites

Kevin Mitnick talked about it for 10min on Coast to Coast AM last night - equating it to a script-kiddie attack. I think the N. Korean Government would be a little more advanced. I mean every country that has any nuclear capability should be able to write buffer-over-flows and the like.

I read about the bullshit attack on Yahoo. The FEDZ play every DoS attack like no tomorrow. Average people don't understand that a DoS attack should really be taken with a grain of salt now a days because they happen every day. Any major corporation or government body worth its salt probably has the staff or bandwidth to fend off a botnet now a days, and to label DoS'ing as an "attack" is over zealous, I think. Further more, for the U.S. Government to say that some kid in Russia has the capability to take down entire networks is down right bullshit. Where are the people who question the capability of the U.S. Gov if their supporting propaganda like that? This CyberSecurity Act is the first foot in the coffin for the internet here in the US because knowing the Gov if someone and their buddies decide to PING the pentagon non-stop it will hit news papers tomorrow. But the real concern is if the Act is passed, any one including our very own government can literally DOS networks causing our government to shutdown the net in the name of SECURITY, catch my drift? Where are the checks and balances?

-1

Share this post


Link to post
Share on other sites

Kevin Mitnick talked about it for 10min on Coast to Coast AM last night - equating it to a script-kiddie attack. I think the N. Korean Government would be a little more advanced. I mean every country that has any nuclear capability should be able to write buffer-over-flows and the like.

I read about the bullshit attack on Yahoo. The FEDZ play every DoS attack like no tomorrow. Average people don't understand that a DoS attack should really be taken with a grain of salt now a days because they happen every day. Any major corporation or government body worth its salt probably has the staff or bandwidth to fend off a botnet now a days, and to label DoS'ing as an "attack" is over zealous, I think. Further more, for the U.S. Government to say that some kid in Russia has the capability to take down entire networks is down right bullshit. Where are the people who question the capability of the U.S. Gov if their supporting propaganda like that? This CyberSecurity Act is the first foot in the coffin for the internet here in the US because knowing the Gov if someone and their buddies decide to PING the pentagon non-stop it will hit news papers tomorrow. But the real concern is if the Act is passed, any one including our very own government can literally DOS networks causing our government to shutdown the net in the name of SECURITY, catch my drift? Where are the checks and balances?

as much as this sounds like a conspiracy theory, it's just as good as any of the others. I wouldn't be surprised if this was used to drum up support for a bill, although it isn't necessary that an internal entity is making this happen.

0

Share this post


Link to post
Share on other sites

Kevin Mitnick talked about it for 10min on Coast to Coast AM last night - equating it to a script-kiddie attack. I think the N. Korean Government would be a little more advanced. I mean every country that has any nuclear capability should be able to write buffer-over-flows and the like.

Why though? Being a nuisance and preventing communication can be just as useful of a tool for "cyber-warfare" as more 'tactical strikes' with a much lower technical barrier. Also, exploits can be patched (in a perfect world, they would be patched) and then lose their value to the attacker, but a DDoS can be a right bitch to deal with.

I guess that is what makes you a dangerous free thinker.... It just seems like a government like N.K., if they wanted to could possibly do better... crippling some major infastructure or what-not. I've not researched it much, so my opinion is coming from what Mitnick stated about the attacks - something to the effect it was more teenage in nature than government.

Looking at the attack, something was obviously compromised though, in order to get a botnet that large.

I'm not saying N.Korea did this, but I wouldn't be surprised, because they've done alot of childish things lately.

True dat. Not binge on another topic, but N.K. is scary: they want nukes to protect what? Who wants North Korea? I'd like to say it was North Korean Teenagers, but I don't think teenagers in that country can go on the Internet.

The speculation I have is..

Kim Jong il is planning on retiring.

I think he is simply just preparing his son to take leadership.

I just hope I'm right. :ninja:

Just as I thought.

http://news.yahoo.com/s/ap/ap_on_re_as/as_nkorea_kim_jong_il

0

Share this post


Link to post
Share on other sites

Latest summary on the attack...includes sites attacked and locations that the bots called out to for instructions. Well written.

0

Share this post


Link to post
Share on other sites

Kevin Mitnick talked about it for 10min on Coast to Coast AM last night - equating it to a script-kiddie attack. I think the N. Korean Government would be a little more advanced. I mean every country that has any nuclear capability should be able to write buffer-over-flows and the like.

Why though? Being a nuisance and preventing communication can be just as useful of a tool for "cyber-warfare" as more 'tactical strikes' with a much lower technical barrier. Also, exploits can be patched (in a perfect world, they would be patched) and then lose their value to the attacker, but a DDoS can be a right bitch to deal with.

I guess that is what makes you a dangerous free thinker.... It just seems like a government like N.K., if they wanted to could possibly do better... crippling some major infastructure or what-not. I've not researched it much, so my opinion is coming from what Mitnick stated about the attacks - something to the effect it was more teenage in nature than government.

Looking at the attack, something was obviously compromised though, in order to get a botnet that large.

I'm not saying N.Korea did this, but I wouldn't be surprised, because they've done alot of childish things lately.

True dat. Not binge on another topic, but N.K. is scary: they want nukes to protect what? Who wants North Korea? I'd like to say it was North Korean Teenagers, but I don't think teenagers in that country can go on the Internet.

The speculation I have is..

Kim Jong il is planning on retiring.

I think he is simply just preparing his son to take leadership.

I just hope I'm right. :ninja:

Just as I thought.

http://news.yahoo.com/s/ap/ap_on_re_as/as_nkorea_kim_jong_il

Looks like we won't have to "IRAQ" North Korea after all. I guess we will have to wait and see who takes the throne.

Also:

http://blog.bkis.com/?p=718

http://minnesota.publicradio.org/display/web/2009/07/10/schneier/

Apparently someone or thing in the UK could be responsible, according to the article.

Edited by SUB-S0NIX
0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now