Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    September 2015
    S M T W T F S
    « Aug    
  • Email Subscription

  • About Us

    Last April 7, several Israeli websites were targeted by the hacker group Anonymous. Based from reports, certain government and private Israeli websites were not accessible and were possibly victims of a DDoS attack.

    Media coverage of DDoS attacks tend to cover on whether or not the targeted site is knocked offline, and not particularly how they are carried out. This is a mistake, as this ignores the fact that many of the “attackers” are actually systems that have been infected with malware and used to carry out attacks. We will use the data gathered by the Smart Protection Network.

    On a typical day, the traffic to one of the websites targeted in this attack overwhelmingly (more than 90%) comes from within Israel itself. On the day of the attack, however, this was reversed, with only 9% of the traffic we saw coming from inside the country:

    This increase in non-Israeli traffic was well distributed, with users from 27 countries (beside Israel itself) accessing the target site. The chart below highlights the significant spike in traffic on and around the 7th:

    Examining the IP addresses that had accessed the target site, we noticed that some of these were known to be parts of various botnets under the control of cybercriminals. In addition, further investigation revealed that these IP addresses had been previously identified as victims of other attacks like FAKEAV, ransomware, and exploit kits.

    These findings highlight how major DDoS attacks are, at least in part, not just carried out by hacker groups like Anonymous but by cybercriminals as well. These attacks are not nearly as “harmless” as some would think.

    We’re trying to make the Security Intelligence Blog better. Please take this survey to tell us how.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon

    Comments are closed.


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice