Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

PUSHDO: The New SSL DDoS

leave a comment »

The Central Intelligence Agency, PayPal, and hundreds of other organizations are under an unexplained assault that’s bombarding their websites with millions of compute-intensive requests.

The “massive” flood of requests is made over the websites’ SSL, or secure-sockets layer, port, causing them to consume more resources than normal connections, according to researchers at Shadowserver Foundation, a volunteer security collective. The torrent started about a week ago and appears to be caused by recent changes made to a botnet known as Pushdo

Full Article

Due to recent events in my personal history, the whole issue of the return of the DDoS kinda has new meaning for me. This particular attack is an interesting one as well are the choices of targets here. Why choose the CIA and Ebay? Seems somewhat random to me, could they be part of a bigger picture or just a randomized set of attacks to test something?

Have we reached a point where the best recourse for these kiddies is to just DoS things offline here and there for kicks? Could a concerted effort of DoS actually effect change or damage to a company enough to make them change? I really wonder just what the hell the fascination with DDoS is other than just a juvenile one.

Of course a DDoS could be used as a precursor to actual warfare or in tandem with it, but really, this does not seem the type of thing that is happening here. Now, were the attackers looking to cause mass outages on infrastructure or commerce sites as a method of attack on the economy..  Well that might be  an interesting scenario.

What is different with this attack is the SSL angle. This one is a new one and could really hork up a site pretty well for some time. Passing junk data and locking sessions could really bring a big boy down. Even with load balancing I think this could likely cause some real down time.

I will keep up with Shadow Org on this one..

Written by Krypt3ia

2010/02/01 at 02:36

Posted in DD0S

Tagged with

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: