Akamai Says Powerful DDoS Attacks Are Becoming the Norm

According to Akamai’s calculations, powerful ransomware DDoS attacks are becoming the norm. Although they fall short of past records (recall last year’s 2.54 TB/sec attack or 1.35 TB/sec attack in 2018), it’s still a big problem. he fact is that three recent attacks are among the six largest DDoS attacks ever detected by Akamai. Experts explain that so many powerful DDoS attacks are actually becoming the new norm. For example, for three months in 2021, the company has already recorded more attacks with a capacity of over 50 Gbps than in all 2019. The most notable attacks were at 800+ Gbps, 824 Gbps, and 812 Gbps. The last two occurred on the same day – February 24, and the company …

Akamai Says Powerful DDoS Attacks Are Becoming the Norm Read More »

DDoS attacks becoming the norm

Attackers using DCCP protocol for DDoS attacks

Akamai has noticed that attackers are using the little-known DCCP network protocol (Datagram Congestion Control Protocol) for DDoS attacks. his internet standard was approved in 2007 and helps monitoring network congestion for UDP-based communications. DCCP is especially effective for applications where data arriving at the wrong time becomes useless. For example, streaming, online gaming, and Internet telephony. Although the protocol includes many features, Akamai reports that hackers abuse the three-way handshake that occurs at the start of a DCCP + UDP connection. Thus, attackers can send a stream of DCCP-Request packets to port 33 of the server (where the DCCP protocol works), thereby forcing the server to spend important resources on initiating multi-way three-way handshakes that will not complete, and …

Attackers using DCCP protocol for DDoS attacks Read More »

Attackers using DCCP protocol

Hackers create scam e-commerce sites over hacked WordPress sites

Akamai specialist Larry Cashdollar discovered a hacker group that uses hacked WordPress sites in an interesting way. First, hackers run fraudulent online stores over WordPress sites. Second, they poison XML maps to influence search results. ttackers use brute force attacks to gain access to the site administrator account, next they overwrite the main index file of the WordPress site and add malicious code to it. Although this code was heavily obfuscated, Cashdollar writes that the main role of this malware was to act as a proxy and redirect all incoming traffic from compromised sites to a remote server of the criminals. On this server happened the most interesting things. A typical attack looked like this: the user visits the hacked …

Hackers create scam e-commerce sites over hacked WordPress sites Read More »

e-commerce sites over WordPress sites
Scroll to Top