[10/21/16] Massive DDOS Attack Knocks Huge Websites Offline - The Russians, probably.

Internet users around the world, but mostly in the US, reported that some top websites were not loading on Friday morning.

The affected sites included Amazon, Twitter, Etsy, Github, and Spotify.

The issue was mostly resolved at 9:20 a.m. ET, but at 12:07 p.m. ET, the issue started to crop up again, according to one of the companies at the center of the apparent cyber attack.

The issue appears to have something to do with DNS hosts — in particular, Dyn, one of the biggest DNS companies.

Domain Name Servers are a core part of the internet's backbone. They translate what you type into your browser —www.businessinsider.com, for example — into IP addresses that computers can understand.

Dyn said on Friday that it suffering a DDoS attack, or a distributed denial of service. That basically means hackers are overwhelming Dyn's servers with useless data and repeated load requests, preventing useful data — the Twitter IP address, for example — from getting through.

No group has taken credit for the DDoS attack yet. The Department of Homeland Security is monitoring the attack, Politico's Eric Geller reports.

http://www.businessinsider.com/amaz...-and-etsy-down-in-apparent-dns-attack-2016-10

Who did it? Even posting this, Twitter is running like shit for me.
 
Could this be related to the Yahoo attack 2 years ago (which Yahoo didn't report until this year)?

I doubt it, anyone could hack into Yahoo. Their firewalls and protection are as bad as PSNs.

Anyways, I think this attack is by some bored asshole. Could be a European, or could be American. I don't think either Russia or China are involved with this, too small of a scale to be them. It is pretty huge though, they really need a countermeasure for this type of attack.
 
:powerlevel: A few weeks ago, some people from Polska and another from Berlin tried to log into my Twitter, and eventually within a few hours managed to. I changed my password right away on both my mail and my twitter account, but I wonder if it's somehow related to this incident? It seems twitter account hijacking has gone up recently from what acquaintances and co-workers have told me...
 
I don't think this was a bored person. If I had this much firepower, I wouldn't waste it on shutting down Twitter, I'd rent bits and pieces of it out to skiddies or have them mine crypto currency for me. There had to be a good reason for this.
 
Russians are good at exploits. They're not amazing programmers though. Aside from the occasional rainman, they just produce a lot of mediocre PHP.

Like even people's work I respected, the interesting ideas were still clogged behind a fog of mediocre PHP. This is because PHP is old, and by this point, well documented enough for Russians to understand. But they're forever going to be lagging behind, technology wise, because the cutting edge is always in English.

I was talking programming. Not PHP and they can write some decent code. I'm not saying they are the end all to be all, but the Chinese ain't got nothing on them.
 
I don't think this was a bored person. If I had this much firepower, I wouldn't waste it on shutting down Twitter, I'd rent bits and pieces of it out to skiddies or have them mine crypto currency for me. There had to be a good reason for this.
I'd like to think it was someone who just got shitposted at really hard on twitter and reddit and is bitter about it.
 
I was talking programming. Not PHP and they can write some decent code. I'm not saying they are the end all to be all, but the Chinese ain't got nothing on them.
Well php is programming. But yeah, point taken.
 
it's just a bunch of people being assholes for the sake of it
Should had wrote that post some minutes later so I could add this one:

Wikileaks supporters 'are behind massive cyber attack on US': Website urges its supporters to stop 'taking down the US internet' because 'Mr Assange is still alive' amid massive ongoing cyber attacks

http://www.dailymail.co.uk/sciencetech/article-3859500/Widespread-internet-havoc-major-attack-takes-websites-offline-Spotify-Twitter-sites-suffer-outages.html
 
Could this be related to the Yahoo attack 2 years ago (which Yahoo didn't report until this year)?

The Russian group known as "Fancy Bear" (or "Fancy Bears' if the website claiming to represent the group is them) got in using phishing mails to specific targets (high ranking campaign idiots) of the "your password has been compromised log in here to change it" variety which redirected to servers controlled by the group and simulated Gmail's normal login procedure. This doesn't account for all the leaks, though.

Obviously you're an idiot if you ever click a link in any email like this and then enter information into it but this kind of spear fishing attack is usually successful.
 
Russians are good at exploits. They're not amazing programmers though. Aside from the occasional rainman, they just produce a lot of mediocre PHP.

Like even people's work I respected, the interesting ideas were still clogged behind a fog of mediocre PHP. This is because PHP is old, and by this point, well documented enough for Russians to understand. But they're forever going to be lagging behind, technology wise, because the cutting edge is always in English.

As far as the Chinese go (and to a smaller extent, Russia): my pet theory is that the language barrier is going to be a long term hindrance for non-English speakers. Technical documentation is in English first and foremost. Translations take time, but more importantly, they suck. Programmers use all sorts of ordinary terms, but in goofy contexts that are really difficult to translate. Programmers are very euphemistic.

Almost all foreign programmers just learn English. And if your language isn't alphabet-based, like Chinese, you're going to have long running problems in basically everything you do. (Or, I guess the flipside of that is that Chinese programmers are probably experts at handling unicode issues?) Foreign programmers even still comment their programs / pick variable names in English.

Heh, a notable exception is the missing T_PAAMAYIM_NEKUDOTAYIM error in PHP, which is hebrew for double colon.

Like, I'll run into code that's written in a foreign language once in awhile, but it's always of low quality. The reason is because of the lack of peer review. You don't want to just have a brilliant programmer write a brilliant program, you want to have a brilliant program checked over by many other brilliant programmers.
I kinda disagree as the Chinese have actually pulled off some successful attacks. Plus they do have their own version of BASIC, while yes it is a simple language ILOVEYOU proved that even shit like BASIC can be deadly. What really gets me is how the US just seems to take it. You could argue it could be to prevent escalation but I think it would be rational to fight back. Plus it lets them learn at their own which could be really fast. I could be an idiot about this though.
 
If we ever track a particularly destructive attack to a state actor we should just EMP a bunch of their shit and fry it and just completely deny it if accused of it. Just make sure they know it'll be a lot worse for them than us if they keep it up.
 
If we ever track a particularly destructive attack to a state actor we should just EMP a bunch of their shit and fry it and just completely deny it if accused of it. Just make sure they know it'll be a lot worse for them than us if they keep it up.
All of this but instead make it look like Russia, N. Korea, or some middle east country did it.
 
Looks like it's an "Internet of things" attack.

Cameras and DVRs.

Oh goody. They're all from one company, some bunch of Chinese idiots called XiongMai, open to fucking TELNET of all things, and the username and password can't be changed, so all these devices can still basically be botnetted by anyone at any time until people stop using them entirely.

“The issue with these particular devices is that a user cannot feasibly change this password,” Flashpoint’s Zach Wikholm told KrebsOnSecurity. “The password is hardcoded into the firmware, and the tools necessary to disable it are not present. Even worse, the web interface is not aware that these credentials even exist.”
 
Última edición:
Atrás
Top Abajo