On September 24th World's 3rd Largest Bitcoin exchange BTC China, a platform where both Bitcoin and Chinese yuan are traded faced massive DDoS attack for continued nine hours, where no amplification techniques were used.
Incapsula, Cloud-based security service provider helped the Chinese Bitcoin trader to protect them from such massive denial-of-service attack and successfully mitigated the threats.
The attack against BTC China, a platform where both Bitcoin and Chinese yuan are traded, lasted nine hours and is one of the fiercest on record. But unlike the even bigger 300Gbps attack against Spamhaus back in March no amplification techniques were used in the assault against BTCChina.
Incapsula has announced the news on their twitter account
The attack against BTC China took the form of a SYN flood rather than the DNS amplification-style attack thrown against Spamhaus or more modern application-layer attacks. The attacker balanced the assault between small, high frequency SYN packets, and large, low-frequency SYN packets.
DNS reflection attacks involve sending a request for a large DNS zone file to a DNS server, with the details of the request forged so that they appear to come from the IP addresses of the intended victim. Only open public-facing DNS servers respond to spoofed requests but there's more than enough of them around to make the tactic viable. Attackers' requests are only a fraction of the size of the responses.
Incapsula co-founder Marc Gaffan told El Reg that the attack was most likely powered by network of compromised servers rather than zombie PCs drones. Commandeering insecure WordPress server installations and the like as a resource for DDoS attacks has become a fairly widespread hacker tactic over recent months.
Geffen added that the BTC China attack was "fairly sophisticated" at least by the standards of old school SYN Flood attacks, and he said "The attackers didn't just use one big cannon".
The China’s largest search engine Baidu has become the first service of its kind to accept payments in the Bitcoin for one of their DDoS protection services.
Incapsula, Cloud-based security service provider helped the Chinese Bitcoin trader to protect them from such massive denial-of-service attack and successfully mitigated the threats.The attack against BTC China, a platform where both Bitcoin and Chinese yuan are traded, lasted nine hours and is one of the fiercest on record. But unlike the even bigger 300Gbps attack against Spamhaus back in March no amplification techniques were used in the assault against BTCChina.
Incapsula has announced the news on their twitter account
The attack against BTC China took the form of a SYN flood rather than the DNS amplification-style attack thrown against Spamhaus or more modern application-layer attacks. The attacker balanced the assault between small, high frequency SYN packets, and large, low-frequency SYN packets.
DNS reflection attacks involve sending a request for a large DNS zone file to a DNS server, with the details of the request forged so that they appear to come from the IP addresses of the intended victim. Only open public-facing DNS servers respond to spoofed requests but there's more than enough of them around to make the tactic viable. Attackers' requests are only a fraction of the size of the responses.
Incapsula co-founder Marc Gaffan told El Reg that the attack was most likely powered by network of compromised servers rather than zombie PCs drones. Commandeering insecure WordPress server installations and the like as a resource for DDoS attacks has become a fairly widespread hacker tactic over recent months.
Geffen added that the BTC China attack was "fairly sophisticated" at least by the standards of old school SYN Flood attacks, and he said "The attackers didn't just use one big cannon".
The China’s largest search engine Baidu has become the first service of its kind to accept payments in the Bitcoin for one of their DDoS protection services.
No comments:
Post a Comment