Millions of dollars have been lost to a new tactic being used by cybercriminals call DDoS. DDoS attacks or distributed denial-of-service attack is an attempt to make a machine or network service unavailable. These attacks typically target high-profile web servers, banks, credit card companies, and even root nameservers.
DDoS attacks are more frequently hitting banking systems, by defrauding their system and diverting their security staffs attention while the account is being taken over.
These distributed denial of service attacks have been used to divert security personnel attention when there are millions of dollars stolen from accounts. At least three US banks in recent months have been ransacked by fraudulent wire transfers while hackers set up a “low powered” DDoS attack. Many websites including JP Morgan, Wells Fargo, Bank of America, Chase, and Citigroup have been hit.
Attack on your website
Extortion threats are being made against numerous websites, including Cryptome which just released an “Opsecure DDoS Extortion” letter. The letter stated that unless funds were transferred to the Bitcoin address, the Cryptome website “will be undergoing a distributed denial of service’ attack conducted by ’1 & 0 Logic Security Group.’” The criminal demanded 1Bitcoin as payment, which is around $102.
DDoS attacks are illegal in many countries including the United States, they sustain because they are free. With enough infected malware and control over their PCs or servers, these attackers can defeat almost any unprotected website.
Criminal operations are behind many of these DDoS disruptions. BetaBot’s are a relatively new and economical piece of malware that’s built to deactivate information security software. Smoke Loader is malware that is used to load addition malware such as crimeware toolkits. These both remotely control DDoS tools – onto infected systems.
DDoS attack tools, have been a favorite of hacktivist. In the run-up to the Anonymous backed attacks against North Korea, hacktivist recommended participants to get into one of the DDoS attack tools like Loris for Pythin and Windows.
Izz ad-Din al-Qassam Cyber Fighters, launched the Operation Ababil attacks against U.S. banks last year, favored the “itsoknoproblembro” toolkit, which is also known as Brobot. These have entered into thousands of legitimate sites due to exploitation of a vulnerability in a WordPress plug-in.
In South Korea in October 2011, the DDoS attack was used to Disrupt the country’s Nation Election Commission website on teh day of a Seoul mayoral by-election. “inofrmation on polling stations was made unavailable during morning hours when a large proportion of young, liberal-leaning constituents were expected to vote en route to work,” according to a Freedom House report.
Security researchers have recognized the trend of using DDoS attacks. The Dell SecureWorks Center Threat Unit issued a report in April to warn about the toolkit. Wire transfers of up to $2.1million have been spotted. A layered fraud prevention and security approach is now assured.
Cybercriminals use DDoS attacks as “smokescreens” for major cyber thefts – WeLiveSecurity
August 22, 2013
Cybercriminals Expand DDOS Extortion Demands – Information Week
June 26, 2013
Cybercrooks use DDoS attacks to mask theft of banks’ millions – CNet