Flashpoint: Friday’s DDoS attacks were likely conducted by amateur hackers

flashpoint ddos friday hacking attack hackforums hacker shutterstock
Security firm Flashpoint has provided an “after-action” analysis of the DDoS attacks perpetrated on October 21, and concludes that they were likely carried out by amateur hackers rather than “professionals.” The reasoning is that the latter group would be more likely to seek political or financial gain rather than go after servers hosting the internet addresses of RuneScape and Netflix.

Good point.

The attacks began at roughly 7 a.m. ET last Friday, and focused on data centers owned by Dyn that are located generally in the northeastern portion of the United States. This company provides internet-based domain names to websites. When tons of junk data began to flood those DNS servers, web surfers were unable to access website addresses assigned to services and sites by Dyn.

The flood of junk data was distributed by millions of internet-connected devices, assisted in part by the Mirai malware. This tool trolls the internet for devices with default usernames and passwords still intact, infects these devices, and then opens a doorway for hackers to gain access and use them to send junk data to a specific target.

Websites that faced a virtual outage included PayPal, Twitter, Reddit, GitHub, Amazon, Spotify, and more. The DDoS attacks were carried out in three waves, the latter two of which were reduced in effect because Dyn had beefed up defenses in response to the initial wave. Friday’s attack followed one that recently hit the Krebs on Security site and French internet service provider OVH, which Flashpoint believes has nothing to do with Friday’s attack on Dyn.

It’s worth noting that the websites that were affected by the DDoS attacks were mostly related to entertainment and social media. Flashpoint’s investigation discovered that the underlying foundation used to attack Dyn also targeted a “well-known” video game company. Add all this up, and there’s good reason to believe that Friday’s attacks were carried out by “script kiddies,” a nickname for hackers who frequent online hacking forums.

“These hackers exist in their own tier and are separate and distinct from hacktivists, organized crime, state-actors, and terrorist groups,” the firm reports. “They can be motivated by financial gain, but just as often will execute attacks such as these to show off, or to cause disruption and chaos for sport.”

Flashpoint indicated in its report that it is confident the attacks stem from the English-language hacking forum community. Even more, the firm points to readers and users of the hackforums-dot-net site that play host to “personalities” who use commercial DDoS tools for paid DDoS-for-hire jobs. There’s even one frequent hackforums visitor who is widely known for using Mirai malware and botnets.

“A hacker operating under the handle ‘Anna-Senpai’ released the source code for Mirai in early October, and is believed to have operated the original Mirai botnet that was used in the attack against ‘Krebs on Security’ and hosting provider OVH earlier this month,” the report adds. “The hackers that frequent this forum have been previously known to launch these types of attacks, though at a much smaller scale.”

Had the attacks been powered by monetary or political motives, hackers would have targeted online gambling sites, Bitcoin exchanges, businesses, and so on. Take Anonymous for instance: the group makes political statements by blocking access to a specific entity, such as a government-affiliated website. Additionally, “pro” DDoS attacks can be used to squeeze money out of companies by holding their websites at ransom via blocked traffic. That doesn’t seem to be the case with Dyn and the affected websites.

“The technical and social indicators of this attack align more closely with attacks from the Hackforums community than the other type of actors that may be involved, such as higher-tier criminal actors, hacktivists, nation-states, and terrorist groups,” the security firm concludes.

Movies & TV

From Ted to John Wick, these are Keanu Reeves’ best roles

From assassins to computer hackers, football players, and metalhead teens, here's a ranking of Keanu Reeves' best film roles throughout his illustrious, decades-long career in Hollywood.
Cars

Weighing the risks: The most dangerous cars, trucks, and SUVs in the U.S.

Larger passenger cars are safer than smaller cars, reports iSeeCars. In its analysis of the NHTSA Fatality Analysis Reporting System (FARS) annual report, the fatal accident rate for passenger cars decreases as their size increases.
Cars

Many Uber and Lyft vehicles have open safety recalls, report says

A Consumer Reports survey of roughly 94,000 cars registered with Uber and Lyft in New York City and Seattle found that many had open safety recalls. The rate of open recalls was similar to that of personal cars, however.
Mobile

Here are some common Kindle Fire problems, and how to fix them

Is your Amazon tablet giving you grief? Is it refusing to behave the way you expect? Take a deep breath -- everything will be fine. Here are some widely reported Kindle Fire problems and a few possible solutions to go with them.
Computing

Here’s how to watch AMD reveal its new Ryzen chips at Computex

AMD will hold a pre-Computex keynote May 27 to announce its new line of 3rd-generation Ryzen processors and accompanying Radeon Navi graphics cards. Here's how to watch the keynote live wherever you are in the world.
Computing

Should you buy a MacBook Pro or a Razer Blade Stealth? We'll help you decide

Laptop head to heads are a great way to see which one might be the right one for you. Our latest sees the Razer Blade Stealth (2019) vs. MacBook Pro in a fight to see which one deserves to be your next laptop.
Computing

Microsoft might finally embrace USB-C on next-gen Surface Pro 7

USB-C could finally come to Microsoft's Surface Pro tablet. According to a Microsoft patent filing, the port was shown in an illustration, suggesting that the company is working to support this feature in the future.
Computing

AMD's latest Navi graphics cards are incoming. Here's what to expect

AMD's Navi graphics cards could be available as soon as July 2019 — as long as it's not delayed by stock problems. Billed as a successor to Polaris, Navi promises to deliver better performance to consoles like Sony's PlayStation 5.
Computing

Ryzen 3000 chips will pack a punch, and could launch as early as July

AMD's upcoming Ryzen 3000 generation of CPUs could be the most powerful processors we've ever seen, with higher core counts, greater clock speeds, and competitive pricing. Here's what we know so far.
Mobile

Want to watch Netflix in bed or browse the web? We have a tablet for everyone

There’s so much choice when shopping for a new tablet that it can be hard to pick the right one. From iPads to Android, these are our picks for the best tablets you can buy right now whatever your budget.
Deals

The best Amazon Prime Day 2019 deals: Everything you need to know

Amazon Prime Day 2019 is still a few months off, but it's never too early to start preparing. We've been taking a look at the best discounts from previous Prime Days to give you our predictions of what to expect this year.
Computing

Here’s how to watch the Nvidia Computex 2019 press conference

Here’s everything you need to know about Nvidia’s upcoming press conference at Computex 2019 in Taipei, Taiwan; including what to expect during the press conference and how and when to watch it.
Deals

Best Memorial Day sales 2019: Amazon, Best Buy, and Walmart deals

If you're looking to save big on some shiny new stuff for Memorial Day 2019, we've gathered everything you need to know into one place. Find out where to save the most money before the summer hits its stride.
Emerging Tech

Awesome Tech You Can’t Buy Yet: Tricked-out e-scooters and bike lights that lock

Check out our roundup of the best new crowdfunding projects and product announcements that hit the web this week. You may not be able to buy this stuff yet, but it's fun to gawk!