- Anzeigen -


Sie sind hier: Home » Markt » World-wide News » Products & News

Launching Crippling Reflection Attacks


Prolexic Issues High Alert Threat Advisory for DNS Flooder DDoS Attack Toolkit
Speeds And Simplifies The Launch of Large Reflection Attacks

(12.03.14) - Prolexic Technologies, specialist in Distributed Denial of Service (DDoS) protection services, issued a high alert DDoS attack threat advisory on the DNS Flooder v1.1 toolkit. The toolkit makes it faster and easier for malicious actors to launch crippling reflection attacks and will likely be widely adopted in the DDoS-as-a-Service market, potentially increasing the number of attacks.

This new toolkit enables malicious actors to purchase, set up and use their own DNS servers to launch reflection attacks without the need to find open and vulnerable DNS servers on the Internet. This expedites the availability of the DNS botnet, enabling malicious actors to launch large cyber attacks without having to spend considerable time and resources building an army of bots through malware infections.

"As the DNS Flooder toolkit uses reflection and amplification techniques, attackers can anonymously launch powerful DDoS attacks with just a handful of servers," said Stuart Scholly, president of Prolexic. "Widespread usage in the DDoS-as-a-Service market is likely and the security community needs to be aware and closely monitor this emerging threat."

Prolexic has observed the DNS Flooder toolkit in multiple DDoS attack campaigns against its global client base over the last six months. In some cases, the campaigns have had amplification factors of 50 times the originating bandwidth.

The DNS Flooder toolkit uses a multi-step process to launch DDoS attacks:
>> The toolkit spoofs the IP address of the intended target and creates a DNS request, which is sent to attacker’s DNS botnet.
>> The attacker’s DNS botnet sends an extended DNS (EDNS) response back. The EDNS response includes more data than the DNS request (amplification). Because the IP address used in the request was spoofed, the response is reflected back to the attacker’s target.
>> The toolkit loops multiple times, reflecting and amplifying the response to the target with each loop.
>> Prolexic’s DNS Flooder threat advisory provides a detailed analysis of the toolkit, sample payloads, recommended DDoS protection and mitigation techniques, as well as case studies on two DNS Flooder campaigns directed against Prolexic clients.
(Prolexic Technologies: ra)

Prolexic Technologies: Kontakt und Steckbrief

Der Informationsanbieter hat seinen Kontakt leider noch nicht freigeschaltet.


Meldungen: Products & News

  • NTP amplification attacks

    Prolexic Technologies specialist in Distributed Denial of Service (DDoS) protection services, now part of Akamai, issued a high alert threat advisory on NTP amplification DDoS attacks. This attack method has surged in popularity this year, fueled by the availability of new DDoS toolkits that make it simple to generate high-bandwidth, high-volume DDoS attacks against online targets.

  • Launching Crippling Reflection Attacks

    Prolexic Technologies, specialist in Distributed Denial of Service (DDoS) protection services, issued a high alert DDoS attack threat advisory on the DNS Flooder v1.1 toolkit. The toolkit makes it faster and easier for malicious actors to launch crippling reflection attacks and will likely be widely adopted in the DDoS-as-a-Service market, potentially increasing the number of attacks.

  • 110609_wor_akt_imperva

    Imperva warns Boy-in-the-Browser (BITB) attacks are gaining force as they continue to evade traditional anti-malware software. Tomer Bitton, from the Imperva Application Defense Center, explains, "Many are familiar with Man-in-the-Browser (MitB) attacks, but most are unaware of the lesser known Boy-in-the-Browser (BitB). Not as sophisticated as MitB, BitB malware has evolved from traditional key loggers and browser session records.

  • 110621_wor_akt_trusteer

    Co-operative Financial Services (CFS) has launched a new free service that protects its customers against the threat of online attacks from fraudsters and cyber criminals. The service called "Trusteer Rapport" provides customers with additional protection for their personal information when they use their computer to access their bank account online. Rapport will also warn customers of further risks such as phishing attacks; prevent Trojans from capturing their details and inhibit any interference with online communications.

  • 110624_wor_akt_imperva