Tag : DDoS

DDOS Attack: Mirai botnet hacks devices with default passwords

miraiWeak default usernames and passwords spawned the massive DDOS attack against internet connected cameras and DVRs. Most botnets use infected PCs to generate an attack. This botnet, Mirai, was of a different breed, specifically programmed to scan the internet searching for poorly secured products, and proceeding to try redundantly obvious and easily guessed passwords. When a poorly secured device was found the botnet attempted to log into the product with a login similar to “admin” and a password with some derivative of “12345”.

The botnet’s maker released the source code, which is programmed to try a list of over 60 password and username combinations. This list gained the botnet access to over 380,000 devices. Mirai also took down the website of security researcher Brian Krebs last month in a DDOS attack.

Unfortunately this could become a bigger problem, as devices connected to the internet, such as cameras and DVRs are not created with security in mind. Passwords are not required to be changed once installed, and on a hunch I can assume that most users are not using their strongest password for their DVR. Security researchers have noticed an upward trend in DDOS attacks, as botnets continue to attack poorly secured devices and infect the devices with malware.

Krebs went online and looked up default usernames and passwords and matched them to devices, creating a list of possibly susceptible devices to the Mirai botnet. Check it out and change your passwords.


If you would like to educate yourself in more detail about the information presented in this blog post please visit: www.techconnect.com 

 

 

DDoS Attacks are Making Cybercriminals Very, Very, Rich

Actually, $100,000 richer to be exact.

By sending just an email, the group called Armada Collective is easily shaking down companies and pulling in the cash. Distributed denial-of-service, better know as DDoS attacks, consist of little technical experience other than causing a website to crash by flooding it with traffic. Usually the threatening email alone is enough to get companies to pay up in Bitcoin.

This is not the first time we have heard of the Armada Collective group. Back in 2015 they became nonactive, and in 2016 alleged members were arrested. It is believed that a separate group has decided to use the Armada name in order to capitalize on previous DDoS presence.

The email looks something like this:

Capture

Over 100 businesses have received the email threats according to CloudFlare CEO Matthew Price. However, not one case of Armada actually launching a DDoS attack has been reported. Price weighs in by saying, ” In fact, because the extortion emails reuse Bitcoin addresses, there’s no way the Armada Collective can tell who has paid and who has not. In spite of that, the cybercrooks have collected hundred of thousands of dollars in extortion payments. ”

The Bitcoin fee ranges between 10-50 Bitcoin which is about $4,600-$23,000. There seems to be no rhyme or reason to how the collective determines Bitcoin amounts per company.


If you would like to educate yourself in more detail about the information presented in this blog post please visit: How cybercriminals earned $100,000 just by sending a DDoS threat email