Flashpoint: Friday’s DDoS attacks were likely conducted by amateur hackers

flashpoint ddos friday hacking attack hackforums hacker shutterstock
Security firm Flashpoint has provided an “after-action” analysis of the DDoS attacks perpetrated on October 21, and concludes that they were likely carried out by amateur hackers rather than “professionals.” The reasoning is that the latter group would be more likely to seek political or financial gain rather than go after servers hosting the internet addresses of RuneScape and Netflix.

Good point.

The attacks began at roughly 7 a.m. ET last Friday, and focused on data centers owned by Dyn that are located generally in the northeastern portion of the United States. This company provides internet-based domain names to websites. When tons of junk data began to flood those DNS servers, web surfers were unable to access website addresses assigned to services and sites by Dyn.

The flood of junk data was distributed by millions of internet-connected devices, assisted in part by the Mirai malware. This tool trolls the internet for devices with default usernames and passwords still intact, infects these devices, and then opens a doorway for hackers to gain access and use them to send junk data to a specific target.

Websites that faced a virtual outage included PayPal, Twitter, Reddit, GitHub, Amazon, Spotify, and more. The DDoS attacks were carried out in three waves, the latter two of which were reduced in effect because Dyn had beefed up defenses in response to the initial wave. Friday’s attack followed one that recently hit the Krebs on Security site and French internet service provider OVH, which Flashpoint believes has nothing to do with Friday’s attack on Dyn.

It’s worth noting that the websites that were affected by the DDoS attacks were mostly related to entertainment and social media. Flashpoint’s investigation discovered that the underlying foundation used to attack Dyn also targeted a “well-known” video game company. Add all this up, and there’s good reason to believe that Friday’s attacks were carried out by “script kiddies,” a nickname for hackers who frequent online hacking forums.

“These hackers exist in their own tier and are separate and distinct from hacktivists, organized crime, state-actors, and terrorist groups,” the firm reports. “They can be motivated by financial gain, but just as often will execute attacks such as these to show off, or to cause disruption and chaos for sport.”

Flashpoint indicated in its report that it is confident the attacks stem from the English-language hacking forum community. Even more, the firm points to readers and users of the hackforums-dot-net site that play host to “personalities” who use commercial DDoS tools for paid DDoS-for-hire jobs. There’s even one frequent hackforums visitor who is widely known for using Mirai malware and botnets.

“A hacker operating under the handle ‘Anna-Senpai’ released the source code for Mirai in early October, and is believed to have operated the original Mirai botnet that was used in the attack against ‘Krebs on Security’ and hosting provider OVH earlier this month,” the report adds. “The hackers that frequent this forum have been previously known to launch these types of attacks, though at a much smaller scale.”

Had the attacks been powered by monetary or political motives, hackers would have targeted online gambling sites, Bitcoin exchanges, businesses, and so on. Take Anonymous for instance: the group makes political statements by blocking access to a specific entity, such as a government-affiliated website. Additionally, “pro” DDoS attacks can be used to squeeze money out of companies by holding their websites at ransom via blocked traffic. That doesn’t seem to be the case with Dyn and the affected websites.

“The technical and social indicators of this attack align more closely with attacks from the Hackforums community than the other type of actors that may be involved, such as higher-tier criminal actors, hacktivists, nation-states, and terrorist groups,” the security firm concludes.

Mobile

HMD Global admits Nokia 7 Plus handsets sent user data to China

Nokia could be in some hot water. According to recent reports, Nokia 7 models may be secretly sending data to China without the user knowing about it. Nokia says that the issue was a software bug and that it has been fixed.
Home Theater

Tipping point? Streaming subscribers outnumbered cable in 2018 for first time

2018 was a very good year for the entertainment business as a whole, but it was especially good for streaming companies like Netflix and Amazon, says a new report by the Motion Picture Association of America.
Smart Home

Protect yourself: Here are some of the best home security systems

Looking for the best home security systems for your house? These systems offer the best mix of devices, smart features, monitoring services, and fees that you can afford (plus good customer service reports).
Computing

After fourth attack, hacker puts personal records of 26M people up for sale

A serial hacker going by the name of Gnosticplayers is selling the personal data of 26 million people who have been using the services of six different companies from across the world.
Deals

Here are the best Chromebook deals available in March 2019

Whether you want a compact laptop to enjoy some entertainment on the go, or you need a no-nonsense machine for school or work, we've smoked out the best cheap Chromebook deals -- from full-sized laptops to 2-in-1 convertibles -- that won't…
Deals

From Chromebooks to MacBooks, here are the best laptop deals for March 2019

Whether you need a new laptop for school or work or you're just doing some post-holiday shopping, we've got you covered: These are the best laptop deals going right now, from discounted MacBooks to on-the-go gaming PCs.
Deals

Looking for a Chromebook? The Google PixelBook just got a $200 price cut

Once relatively obscure, Chromebooks have come into their own in a big way in recent years. One of our favorites is the super-sleek Google Pixelbook, and it's on sale right now from Amazon for $200 off, letting you score this premium laptop…
Computing

Still miss Windows 7? Here's how to make Windows 10 look more like it

There's no simple way of switching on a Windows 7 mode in Windows 10. Instead, you can install third-party software, manually tweak settings, and edit the registry. We provide instructions for using these tweaks and tools.
Computing

Go hands-free in Windows 10 with speech-to-text support

Looking for the dictation, speech-to-text, and voice control options in Windows 10? Here's how to set up Speech Recognition in Windows 10 and use it to go hands-free in a variety of different tasks and applications within Windows.
Computing

Get the most out of your high-resolution display by tweaking its DPI scaling

Windows 10 has gotten much better than earlier versions at supporting today's high-resolution displays. If you want to get the best out of your monitor, then check out our guide on how to adjust high-DPI scaling in Windows 10.
Mobile

Got gadgets galore? Keep them charged up with the 10 best USB-C cables

We're glad to see that USB-C is quickly becoming the norm. That's why we've rounded up some of the better USB-C cables on the market, whether you're looking to charge or sync your smartphone. We've got USB-C to USB-C and USB-C to USB-A.
Computing

Nvidia’s GTX 1650 graphics card could be just a slight upgrade over the 1050 Ti

Rumors suggest Nvidia might soon launch the GTX 1650, and a leaked benchmark listing from Final Fantasy XV suggests that the new graphics card could be just a slight upgrade over last generation's GTX 1050 Ti. 
Computing

Get ready to say goodbye to some IFTTT support in Gmail by March 31

If This Then That, the popular automation service, will drop some of its support for Gmail by March 31. The decision comes as a response to security concerns and is aimed to protect user data.
Computing

Get the new Dell XPS 13 for $750 with this limited-time deal

Dell is currently running a limited time deal lasting through Thursday, March 28, where you can bring home a version of this year's new XPS 13 for around $750 with the use of a special coupon code.