Flashpoint: Friday’s DDoS attacks were likely conducted by amateur hackers

flashpoint ddos friday hacking attack hackforums hacker shutterstock
Security firm Flashpoint has provided an “after-action” analysis of the DDoS attacks perpetrated on October 21, and concludes that they were likely carried out by amateur hackers rather than “professionals.” The reasoning is that the latter group would be more likely to seek political or financial gain rather than go after servers hosting the internet addresses of RuneScape and Netflix.

Good point.

The attacks began at roughly 7 a.m. ET last Friday, and focused on data centers owned by Dyn that are located generally in the northeastern portion of the United States. This company provides internet-based domain names to websites. When tons of junk data began to flood those DNS servers, web surfers were unable to access website addresses assigned to services and sites by Dyn.

The flood of junk data was distributed by millions of internet-connected devices, assisted in part by the Mirai malware. This tool trolls the internet for devices with default usernames and passwords still intact, infects these devices, and then opens a doorway for hackers to gain access and use them to send junk data to a specific target.

Websites that faced a virtual outage included PayPal, Twitter, Reddit, GitHub, Amazon, Spotify, and more. The DDoS attacks were carried out in three waves, the latter two of which were reduced in effect because Dyn had beefed up defenses in response to the initial wave. Friday’s attack followed one that recently hit the Krebs on Security site and French internet service provider OVH, which Flashpoint believes has nothing to do with Friday’s attack on Dyn.

It’s worth noting that the websites that were affected by the DDoS attacks were mostly related to entertainment and social media. Flashpoint’s investigation discovered that the underlying foundation used to attack Dyn also targeted a “well-known” video game company. Add all this up, and there’s good reason to believe that Friday’s attacks were carried out by “script kiddies,” a nickname for hackers who frequent online hacking forums.

“These hackers exist in their own tier and are separate and distinct from hacktivists, organized crime, state-actors, and terrorist groups,” the firm reports. “They can be motivated by financial gain, but just as often will execute attacks such as these to show off, or to cause disruption and chaos for sport.”

Flashpoint indicated in its report that it is confident the attacks stem from the English-language hacking forum community. Even more, the firm points to readers and users of the hackforums-dot-net site that play host to “personalities” who use commercial DDoS tools for paid DDoS-for-hire jobs. There’s even one frequent hackforums visitor who is widely known for using Mirai malware and botnets.

“A hacker operating under the handle ‘Anna-Senpai’ released the source code for Mirai in early October, and is believed to have operated the original Mirai botnet that was used in the attack against ‘Krebs on Security’ and hosting provider OVH earlier this month,” the report adds. “The hackers that frequent this forum have been previously known to launch these types of attacks, though at a much smaller scale.”

Had the attacks been powered by monetary or political motives, hackers would have targeted online gambling sites, Bitcoin exchanges, businesses, and so on. Take Anonymous for instance: the group makes political statements by blocking access to a specific entity, such as a government-affiliated website. Additionally, “pro” DDoS attacks can be used to squeeze money out of companies by holding their websites at ransom via blocked traffic. That doesn’t seem to be the case with Dyn and the affected websites.

“The technical and social indicators of this attack align more closely with attacks from the Hackforums community than the other type of actors that may be involved, such as higher-tier criminal actors, hacktivists, nation-states, and terrorist groups,” the security firm concludes.


Hackers are scoring with ransomware that attacks its previous victims

Computer viruses are always evolving. In a new one, dubbed "Ryuk," hackers are targeting PCs with ransomware that scours an infected network in order to pinpoint and attack and enterprises with big money.

Is AMD's Navi back on track for 2019? Here's everything you need to know

With a reported launch in 2019, AMD is focusing on the mid-range market with its next-generation Navi GPU. Billed as a successor to Polaris, Navi promises to deliver better performance to consoles, like Sony's PlayStation 5.

‘Fortnite’ security flaw let hackers spy on players through microphones

A security vulnerability found in Fortnite allowed hackers to gain access to other players' accounts, potentially letting them spy on conversations using the in-game microphone. It has been addressed.
Emerging Tech

SpaceX nails its first launch and landing of 2019, but job cuts loom

SpaceX has nailed its first launch and landing of 2019 with a mission that deployed more satellites for Virginia-based Iridium Communications. But the success was soured somewhat by reports of upcoming job losses at the company.

Watch out for these top-10 mistakes people make when buying a laptop

Buying a new laptop is exciting, but you need to watch your footing. There are a number of pitfalls you need to avoid and we're here to help. Check out these top-10 laptop buying mistakes and how to avoid them.

Don't spend a fortune on a PC. These are the best laptops under $300

Buying a laptop needn't mean spending a fortune. If you're just looking to browse the internet, answer emails, and watch Netflix, you can pick up a great laptop at a great price. These are the best laptops under $300.
Product Review

LG Gram 14 proves 2-in-1 laptops don’t need to sacrifice battery for light weight

The LG Gram 14 2-in-1 aims to be very light for a laptop that converts to a tablet. And it is. But it doesn’t skimp on the battery, and so it lasts a very long time on a charge.

Dell XPS 13 vs. Asus Zenbook 13: In battle of champions, who will be the victor?

The ZenBook 13 UX333 continues Asus's tradition of offering great budget-oriented 13-inch laptop offerings. Does this affordable machine offer enough value to compete with the excellent Dell XPS 13?

Take a trip to a new virtual world with one of these awesome HTC Vive games

So you’re considering an HTC Vive, but don't know which games to get? Our list of 25 of the best HTC Vive games will help you out, whether you're into rhythm-based gaming, interstellar dogfights, or something else entirely.

The Asus ZenBook 13 offers more value and performance than Apple's MacBook Air

The Asus ZenBook 13 UX333 is the latest in that company's excellent "budget" laptop line, and it looks and feels better than ever. How does it compare to Apple's latest MacBook Air?

AMD Radeon VII will support DLSS-like upscaling developed by Microsoft

AMD's Radeon VII has shown promise with early tests of an open DLSS-like technology developed by Microsoft called DirectML. It would provide similar upscale features, but none of the locks on hardware choice.

You could be gaming on AMD’s Navi graphics card before the end of the summer

If you're waiting for a new graphics card from AMD that doesn't cost $700, you may have to wait for Navi. But that card may not be far away, with new rumors suggesting we could see a July launch.

Cortana wants to be friends with Alexa and Google Assistant

Microsoft no longer wants to compete against Amazon's Alexa and Google's Assistant in the digital assistant space. Instead, it wants to transform Cortana into a skill that can be integrated into other digital assistants.

Microsoft leans on A.I. to resume safe delivery of Windows 10 Update

Microsoft is leaning on artificial intelligence as it resumes the automatic rollout of the Windows 10 October 2018 Update. You should start seeing the update soon now that Microsoft has resolved problems with the initial software.