Prolexic Believes Multiple Groups and Tactics Behind Recent High Profile DDoS Attacks


HOLLYWOOD, Fla., Oct. 11, 2012 (GLOBE NEWSWIRE) -- Prolexic Technologies, the global leader in Distributed Denial of Service (DDoS) protection services, today announced that it believes the recent spate of DDoS attacks should not be attributed to just one group/individual or toolkit, as has been widely assumed.

The bot toolkit discovered to be responsible for the majority of these attacks is a PHP-based suite known as itsoknoproblembro; the infected hosts are known as brobots. However, post forensic attack analysis of a number of infected hosts conducted by the Prolexic Security Engineering & Response Team (PLXsert) point to multiple malicious actors participating in the crippling DDoS attacks using individualized toolkits and tactics. The PLXsert team found:
 

  • Techniques of exploitation and defacements varied. In some instances hosts were taken over and defaced. In others, files were dropped and scans were setup to identify additional targets. This leads PLXsert to believe that the initial infections were performed by multiple groups (or multiple individuals).
  • Forensics showed that different toolkits were used to maintain or gain access to infected hosts.
  • A blend of attack scripts and different techniques during each observed campaign points to the possibility of multiple, well-organized groups.
  • PLXsert was able to gain visibility into some machines and was able to prove persistence of infection going back to May 2012. The difficulty of cleanup is directly related to the number of different toolkits used and the high number of back doors installed. This supports PLXsert's hypothesis that multiple groups/individuals used different tactics.

"A blend of attack scripts and different techniques used in each campaign is another pointer to the likelihood that multiple, well-organized groups or individuals were behind these attacks," said Stuart Scholly, president at Prolexic. "As we approach the critical online holiday shopping period, there is no doubt that attackers have armed themselves with advanced toolkits capable of generating amplified and sophisticated DDoS floods."

Prolexic will issue its Q3 2012 Global DDoS Attack Report in mid-October. The report will include a detailed case study on the itsoknoproblembro toolkit as well as data from the recent high profile DDoS attacks. A complimentary copy of the report will be available for download at www.prolexic.com/attackreports.

About Prolexic

Prolexic Technologies is the world's largest, most trusted Distributed Denial of Service (DDoS) protection and mitigation service provider. Able to absorb the largest and most complex DDoS attacks ever launched, Prolexic protects and restores within minutes mission-critical Internet-facing infrastructures for global enterprises and government agencies. Ten of the world's largest banks and the leading companies in e-Commerce, SaaS, payment processing, travel, hospitality, gaming and other industries at risk for DDoS attacks rely on Prolexic for DDoS protection. Founded in 2003 as the world's first in-the-cloud DDoS mitigation platform, Prolexic is headquartered in Hollywood, Florida, and has DDoS scrubbing centers located in the Americas, Europe and Asia. To learn more about how Prolexic can stop DDoS attacks and protect your business, please visit prolexic.com, and follow us on LinkedIn, Facebook, Google+ and @Prolexic on Twitter.

The Prolexic Technologies logo is available at http://www.globenewswire.com/newsroom/prs/?pkgid=14649



            

Kontaktdaten