« January 2008 · July 2008 · March 2010 »
|
|
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
- 27.05.2008: When Adobe Flash Attacks
- 23.05.2008: AUS-CERT Conference - Gold Coast, Australia
- 14.05.2008: Full list of Injected Sites
- 13.05.2008: SQL Injection: The Game
- 07.05.2008: New SQL Injection Attacks and New Malware: winzipices.cn
- 24.04.2008: Thousands of More Hacked Websites Targeting Your Passwords
- 20.04.2008: Entropy and Bot Counts
- 10.04.2008: See below.
- 28.03.2008: New Packer Statistics
- 20.03.2008: uc8010.com and 2117966.net Attacks Linked
- 13.03.2008: Recently Hacked Websites Aiming to Steal Your Passwords
- 11.03.2008: Intel Strategy Conference - Portland Oregon, United States
- 01.03.2008: New Whitepaper: RBN "Rizing"
Thursday, 10 April 2008
DSL Reports under DDoS Attack Again
It was only a few weeks ago on March 19 that Arbor Networks reported that the popular website www.dslreports.com was disabled by a distributed denial of service (DDoS) attack. During this attack the DSL Reports website was rendered unavailable for a few hours.
We're not sure who they've angered, but we have since detected a new attack that appears to have started close to 9:00 AM EDT. It seems their website is still down at this time due to the flood of web traffic they are being hit with. The current command and control (C&C) server that we are aware of that's directing this traffic to them is located in Malaysia. We have since notified MyCERT of this host for them to deal with. It's also worth noting this appears to be a different DDoS network than the one responsible for the last attack. However, it could be the same people behind it.
Update (1:12 PM EDT): It looks like DSL Reports is starting to come back online, but it's very slow and redirecting to another page.
Update (2:20 PM EDT): Seems they are now mixing in ICMP attacks against their IP address now as well.
=>Posted April 10, 2008, at 10:07 AM by Steven Adair
