GitHub Again Hit by DDoS Cyberattack

Github – the popular code sharing website used by programmers to collaborate on software development – again became a victim of a distributed-denial-of-service (DDoS) attack on Tuesday morning.



The attack came just a few months after the popular code repository website GitHub suffered a massive DDoS attack, which was linked to China.



Also Read: China Using A Powerful 'Great Cannon'

Beebone Botnet Taken Down By International Cybercrime Taskforce

U.S. and European law enforcement agencies have shut down a highly sophisticated piece of the botnet that had infected more than 12,000 computers worldwide, allowing hackers to steal victims’ banking information and other sensitive data.



The law enforcement agencies from the United States, United Kingdom and the European Union conducted a joint operation to get rid of the botnet across the

Giant DDoS Kicks Of North Korea Off The Internet

North Korea was unceremoniously knocked off the internet by DDoS (distributed denial of service) attack. This attack has come into limelight soon after the “proportional response” to the Sony Pictures hack promised by the government of the United States of America. According to the rumors, the attack was supposedly carried out by North Korea and this is what even the FBI believes. On one side if this attack was carried out by the US government, it will become too obvious, so it is safe to believe that this attack would have been carried out by some disgruntled hack-activists such as Lizard Squad or Anonymous. At present, internet has been restored in North Korea but the outage lasted for about 9 hours and 31 minutes.

Distributed Denial of Service (DDoS): 

While there might be some people who are not aware about DDoS, but is no longer unusual for a service to get knocked off by the same. In the last couple of months, both PlayStation Network and Xbox Live have encountered outage issues. But it is quite surprising for an entire country to get knocked off like this. But all this makes sense given to the poor internet connectivity in North Korea.

As far as North Korea is concerned, the state owns the newspapers and TV stations making sure that there is no freedom of information. This clearly indicates the presence of dictatorship and absence of any dealings with democracy. The country has a very tight control over the flow of information.

History has proven that country is easily controllable when all the information/knowledge/dogma generates from a single known point. When it comes to regime of the country, even though internet has all possible required knowledge for humans, it still does not jibe well with the country. Most of the citizens of the country only use intranet and internet is left for higher ups. The country does not depend much on internet but whatever is available is provided by telecommunications giant China Unicom.

Quite frankly, it is very easy to DDoS North Korea. They have a single cable, which connects to the rest of internet. For DDoS a single, low-bandwidth link is trivial but as most of the people in North Korea do not have access to internet, DDoS was not able to achieve what it was meant for.

There are enough speculations doing around about the people or the organization behind the attack. Lizard Squad, seems to have taken the responsibility for the attack on North Korea as they have tweeted, both Xbox Live & other targets have a lot of capacity. They had previously DDoSed the PlayStation Network and Xbox Live services.

The company’s Twitter account has been suspended. Anonymous also has a history of DDoSes but they have openly condemned the whole Sony Pictures/North Korea/The Interview debacle. While we can remember the cyber attack on Sony and the retaliation, which was promised by the US government, such DDoS on North Korea doesn’t make any sense from their side as it hardly makes any impact. While on one side a small period of DDoS will not have any major impact but if it continues for a few weeks or month, it can create serious problems for the country.

Cloudflare Announces Massive DDoS Attack

The network security provider Cloudflare has reported last night about a massive DDoS attack on one of its customers. That was a NTP Reflection attack, which should be greater than the attack happened in 2013. It was tweeted By Cloudflare CEO Matthew Prince. The attack on one of its customers was carried out with up to 400 gigabits per second on 11th Feb 2014, tweeted Cloudflare CEO Matthew Prince on the night of 11 February 2014.

He was thus greater than that on the Swiss company Spamhaus in March 2013, the Cloudflare, estimated this attack and described this as the most recent attack on the Internet. This time, the attackers did not use a DNS server, but used a so called NTP Reflection attack, which is done via the timer log. Cloudflare is known for its rigid formulations. Prince compared the DDoS attack on Spamhaus with a nuclear attack in his blog, which affected the whole Internet.

At peak times it was run around 2.5 terabits of data through the Internet nodes. The security company Cloudflare does not tell so far which customer is affected by the current attack . However, reported at least one major French provider was the victim of this DDoS attack. OVH - founder and owner Oles tweeted that the attack was carried out with up to 350 Gbps.

The reason behind the DDoS attack is not ascertain so far. A Reflective attack on NTP is a fairly new procedure to bog down networks. Instead of DNS server now a days NTP server is used on the Internet for such attacks. These servers provide detailed time information worldwide. The attackers use fake data packets and put it in the IP address of the victim as a source.

The NTP servers in turn respond automatically and send data back to the real IP address. First, the attacker can successfully hide. Attackers can also send small fake data packets to the server and get them to respond with large packets. This can be achieved with a small bandwidth and in turn the attack use wide bandwidth of the victim.

Cross-Platform Java Bot Used for DDoS Attacks

The java platform is used in DDOS attacks by bot. The malicious Java application can be run on Windows, OS X and Linux machines. Kaspersky Lab researchers analyzed a malware that infects computers to form a botnet - a network of zombie computers - and use it in attacks distributed denial of service.

This botnet is controlled via IRC protocol to conduct targeted attacks on IP addresses. Attackers can adjust the intensity of the attack and its duration. It uses a data stream via HTTP or UDP. At least one target of this botnet was an email service.

The malware behind the botnet is written entirely in Java. Through this platform, it can be run on Windows, OS X and Linux. Still, it runs a Java vulnerability for which a patch exists since June 2013.

This vulnerability is present in the Java Runtime Environment with Oracle Java SE 7 Update 21 and earlier, and Java 6 Update 45 and earlier. This is not the first time a botnet infects the three most popular operating systems.