Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
page 1 / 5
93 résultats taggé DDoS  ✕
New Hpingbot Exploits Pastebin for Payload Delivery and Uses Hping3 for DDoS Attacks https://gbhackers.com/new-hpingbot-exploits-pastebin-for-payload-delivery/
08/07/2025 09:32:39
QRCode
archive.org
thumbnail

NSFOCUS Fuying Lab's Global Threat Hunting System has discovered a new botnet family called "hpingbot" that has been quickly expanding.
This cross-platform botnet, built from scratch using the Go programming language, targets both Windows and Linux/IoT environments and supports multiple processor architectures including amd64, mips, arm, and 80386.

Unlike derivatives of well-known botnets like Mirai or Gafgyt, hpingbot showcases remarkable innovation by leveraging unconventional resources for stealth and efficiency, such as using the online text storage platform Pastebin for payload distribution and the network testing tool hping3 to execute Distributed Denial of Service (DDoS) attacks.

According to the Report, this approach not only enhances its ability to evade detection but also significantly reduces the costs associated with development and operation, making hpingbot a formidable and evolving threat in the digital realm.

Hpingbot’s operational strategy is notably distinct, as it employs Pastebin to host and dynamically update malicious payloads, allowing attackers to adjust their load distribution frequently.

DDoS Attacks
Attack method
Monitoring data from Fuying Lab indicates that Pastebin links embedded in the botnet have shifted content multiple times since mid-June 2025, from hosting IP addresses to providing scripts for downloading additional components.

This flexibility is paired with the botnet’s reliance on hping3, a versatile command-line tool typically used for network diagnostics, to launch a variety of DDoS attacks such as SYN, UDP, and mixed-mode floods.

Interestingly, while the Windows version of hpingbot cannot utilize hping3 for DDoS attacks due to environmental limitations, its persistent activity underscores a broader focus on downloading and executing arbitrary payloads, hinting at intentions beyond mere network disruption.

gbhackers EN 2025 Hpingbot Pastebin Hping3 DDoS
Hacktivists Launch DDoS Attacks at U.S. Following Iran Bombings https://cyble.com/blog/hacktivists-launch-ddos-attacks-at-us-iran-bombings/
24/06/2025 13:42:23
QRCode
archive.org
thumbnail

Hacktivist attacks surge on U.S. targets after Iran bombings, with groups claiming DDoS hits on military, defense, and financial sectors amid rising tensions.
The U.S. has become a target in the hacktivist attacks that have embroiled several Middle Eastern countries since the start of the Israel-Iran conflict.

Several hacktivist groups have claimed DDoS attacks against U.S. targets in the wake of U.S. airstrikes on Iranian nuclear sites on June 21.

The attacks—most notably from hacktivist groups Mr Hamza, Team 313, Cyber Jihad, and Keymous+—targeted U.S. Air Force domains, major U.S. Aerospace and defense companies, and several banks and financial services companies.

The cyberattacks follow a broader campaign against Israeli targets that began after Israel launched attacks on Iranian nuclear and military targets on June 13. Israel and Iran have exchanged missile and drone strikes since the conflict began, and Iran also launched missiles at a U.S. military base in Qatar on June 23.

The accompanying cyber warfare has included DDoS attacks, data and credential leaks, website defacements, unauthorized access, and significant breaches of Iranian banking and cryptocurrency targets by Israel-linked Predatory Sparrow. Electronic interference with commercial ship navigation systems has also been reported in the Strait of Hormuz and the Persian Gulf.

cyble EN 2025 DDoS Attacks US Iran
Record DDoS pummels site with once-unimaginable 7.3Tbps of junk traffic https://arstechnica.com/security/2025/06/record-ddos-pummels-site-with-once-unimaginable-7-3tbps-of-junk-traffic/
20/06/2025 21:51:41
QRCode
archive.org
thumbnail

Attacker rained down the equivalent of 9,300 full-length HD movies in just 45 seconds.

Large-scale attacks designed to bring down Internet services by sending them more traffic than they can process keep getting bigger, with the largest one yet, measured at 7.3 terabits per second, being reported Friday by Internet security and performance provider Cloudflare.

The 7.3Tbps attack amounted to 37.4 terabytes of junk traffic that hit the target in just 45 seconds. That's an almost incomprehensible amount of data, equivalent to more than 9,300 full-length HD movies or 7,500 hours of HD streaming content in well under a minute.

Indiscriminate target bombing
Cloudflare said the attackers “carpet bombed” an average of nearly 22,000 destination ports of a single IP address belonging to the target, identified only as a Cloudflare customer. A total of 34,500 ports were targeted, indicating the thoroughness and well-engineered nature of the attack.

The vast majority of the attack was delivered in the form of User Datagram Protocol packets. Legitimate UDP-based transmissions are used in especially time-sensitive communications, such as those for video playback, gaming applications, and DNS lookups. It speeds up communications by not formally establishing a connection before data is transferred. Unlike the more common Transmission Control Protocol, UDP doesn't wait for a connection between two computers to be established through a handshake and doesn't check whether data is properly received by the other party. Instead, it immediately sends data from one machine to another.

arstechnica EN 2025 record DDoS Cloudflare
Sweden under cyberattack: Prime minister sounds the alarm - Euractiv https://www.euractiv.com/section/tech/news/sweden-under-cyberattack-prime-minister-sounds-the-alarm/
13/06/2025 15:26:41
QRCode
archive.org
thumbnail

No longer a neutral state, Sweden is now facing a wave of cyberattacks targeting key institutions.
Sweden is under attack, Prime Minister Ulf Kristersson said on Wednesday, following three days of disruptions targeting public broadcaster SVT and other key institutions.

"We are exposed to enormous cyberattacks. Those on SVT have now been recognised, but banks and Bank-id have also been affected," Kristersson told journalists in parliament.

The attacks have been identified as Distributed Denial-of-Service (DDoS) events and disrupted services, raising concerns about the resilience of Sweden’s digital infrastructure.

While Kristersson did not name a specific perpetrator, he referred to earlier reports by the Swedish Security Service, which has identified Russia, China, and Iran as frequent actors behind such cyber operations.

The incidents have heightened concerns about vulnerabilities in Sweden’s cybersecurity systems and underscored the growing threat to critical infrastructure in one of the world’s most connected nations, where over 93% of households have internet access.

Cybersecurity experts have warned that such breaches could escalate, impacting not just digital services, but also public trust.

The attacks come amid heightened geopolitical tensions. Sweden's recent accession to NATO and its support for Ukraine have likely made it a more prominent target for cyberattacks, including those originating from hostile states.

Previously known for its military neutrality, Sweden now faces what Kristersson described earlier this year as a "new and more dangerous reality" since joining NATO in 2024.

As part of its pledge to meeting NATO's 2% of GDP defence spending target, the Swedish government has committed to invest heavily in cybersecurity and military capabilities.

euractiv EN 2025 Sweden DDoS NATO
KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS – https://krebsonsecurity.com/2025/05/krebsonsecurity-hit-with-near-record-6-3-tbps-ddos/
21/05/2025 08:31:22
QRCode
archive.org

KrebsOnSecurity last week was hit by a near record distributed denial-of-service (DDoS) attack that clocked in at more than 6.3 terabits of data per second (a terabit is one trillion bits of data). The brief attack appears to have been…
For reference, the 6.3 Tbps attack last week was ten times the size of the assault launched against this site in 2016 by the Mirai IoT botnet, which held KrebsOnSecurity offline for nearly four days. The 2016 assault was so large that Akamai – which was providing pro-bono DDoS protection for KrebsOnSecurity at the time — asked me to leave their service because the attack was causing problems for their paying customers.

Since the Mirai attack, KrebsOnSecurity.com has been behind the protection of Project Shield, a free DDoS defense service that Google provides to websites offering news, human rights, and election-related content. Google Security Engineer Damian Menscher told KrebsOnSecurity the May 12 attack was the largest Google has ever handled. In terms of sheer size, it is second only to a very similar attack that Cloudflare mitigated and wrote about in April.

After comparing notes with Cloudflare, Menscher said the botnet that launched both attacks bears the fingerprints of Aisuru, a digital siege machine that first surfaced less than a year ago. Menscher said the attack on KrebsOnSecurity lasted less than a minute, hurling large UDP data packets at random ports at a rate of approximately 585 million data packets per second.

“It was the type of attack normally designed to overwhelm network links,” Menscher said, referring to the throughput connections between and among various Internet service providers (ISPs). “For most companies, this size of attack would kill them.”

krebsonsecurity EN 2025 Hit DDoS Mirai Cloudflare Aisuru botnet
High Risk Warning for Windows Ecosystem: New Botnet Family HTTPBot is Expanding https://nsfocusglobal.com/high-risk-warning-for-windows-ecosystem-new-botnet-family-httpbot-is-expanding/
20/05/2025 09:45:58
QRCode
archive.org

In April 2025, the Global Threat Hunting system of NSFOCUS Fuying Lab detected a significant increase in the activity of a new Botnet Trojan developed based on Go language. Given that many of its built-in DDoS attack methods are HTTP-based, Fuying Lab named it HTTPBot. The HTTPBot Botnet family first came into our monitoring scope in August 2024. Over the past few months, it has expanded aggressively, continuously leveraging infected devices to launch external attacks. Monitoring data indicates that its attack targets are primarily concentrated in the domestic gaming industry. Additionally, some technology companies and educational institutions have also been affected. The attack of this Botnet family is highly targeted, with attackers employing a periodical and multi-stage attack strategy to conduct continuous saturation attacks on selected targets.

In terms of technical implementation, the HTTPBot Botnet Trojan uses an “attack ID” to precisely initiate and terminate the attack process. It also incorporates a variety of innovative DDoS attack methods. By employing highly simulated HTTP Flood attacks and dynamic feature obfuscation techniques, it circumvents traditional rule-based detection mechanisms, including but not limited to the following detection bypass mechanisms:

  • Cookie replenishment mechanism
  • Randomize the UA and header of http requests
  • Real browser calling
  • Randomize URL path
  • Dynamic rate control
  • Status code retry mechanism
    In recent years, most emerging Botnet families have primarily focused on developing communication methods and network control. This includes creating specialized communication tools, separating vulnerabilities from Trojans to protect key information, and enhancing communication anonymity through techniques like DGA (Domain Generation Algorithm), DOH (DNS over HTTPS), and OpenNIC. These Botnets typically emphasize traffic-based attacks aimed at bandwidth consumption. However, HTTPBot has taken a different approach by developing a range of HTTP-based attack methods to conduct transactional (business) DDoS attacks. Attackers can use these methods to precisely target high-value business interfaces and launch targeted saturation attacks on critical interfaces, such as game login and payment systems. This attack with “scalpel-like” precision poses a systemic threat to industries that rely on real-time interaction. HTTPBot marks a paradigm shift in DDoS attacks, moving from “indiscriminate traffic suppression” to “high-precision business strangulation.” This evolution forces defense systems to upgrade from simple “rule-based interception” to a more dynamic approach combining “behavioral analysis and resource elasticity.”
nsfocusglobal EN 2025 Botnet HTTPBot activity Botnet Trojan DDoS
Police takes down six DDoS-for-hire services, arrests admins https://www.bleepingcomputer.com/news/security/police-takes-down-six-ddos-for-hire-services-arrests-admins/
07/05/2025 14:24:33
QRCode
archive.org
thumbnail

​Polish authorities have detained four suspects linked to six DDoS-for-hire platforms, believed to have facilitated thousands of attacks targeting schools, government services, businesses, and gaming platforms worldwide since 2022.

Such platforms are often marketed as legitimate testing tools on the dark web and hacking forums, but are mainly used to disrupt online services, servers, and websites by flooding them with traffic in distributed denial-of-service (DDoS) attacks and causing outages for real users.

The six DDoS services, named Cfxapi, Cfxsecurity, neostress, jetstress, quickdown, and zapcut, have been taken down in a coordinated law enforcement action involving authorities from Germany, the Netherlands, Poland, and the United States.

"In the latest blow to the criminal market for distributed denial of service (DDoS)-for-hire services, Polish authorities have arrested four individuals who allegedly ran a network of platforms used to launch thousands of cyberattacks worldwide," Europol said on Wednesday.

"The suspects are believed to be behind six separate stresser/booter services that enabled paying customers to flood websites and servers with malicious traffic — knocking them offline for as little as EUR 10."

bleepingcomputer EN 2025 Booter DDoS Distributed-Denial-of-Service Europol Operation-PowerOFF Poland Stresser
Incident update: Mitigating a DDoS attack on April 21, 2025 https://www.adyen.com/knowledge-hub/mitigating-a-ddos-april-2025
23/04/2025 09:36:12
QRCode
archive.org
thumbnail

This update outlines what happened, what we’ve done so far, and the actions we are taking to prevent it from happening in the future.

adyen EN 2025 incident DDoS attack payment Europe
Exclusive: Hackers claim cyber attack on Trump winery, golf courses https://www.cyberdaily.au/security/11834-exclusive-hackers-claim-cyber-attack-on-trump-winery-golf-courses
14/03/2025 16:10:43
QRCode
archive.org
thumbnail

Threat actors have claimed a cyber attack on two businesses owned by US President Donald Trump, allegedly bringing down their websites.

cyberdaily EN 2025 Trump winery golf DieNet DDoS
Arma Reforger And DayZ DDOS Attack Continues, Devs "Making Progress" https://www.thegamer.com/arma-reforger-dayz-ddos-attack-continues-bohemia-interactive-issues-statement/
07/02/2025 13:20:57
QRCode
archive.org
thumbnail

Bohemia Interactive has issued a statement in response to the Arma Reforger and DayZ DDOS attack.

thegamer EN 2025 DDOS Xiangjang_zhi DayZ Style-Squad-Reborn game
Swiss cities targeted by Russian hackers during WEF https://www.swissinfo.ch/eng/workplace-switzerland/schaffhausen-and-geneva-also-affected-by-russian-hacker-attacks/88763740
22/01/2025 21:22:53
QRCode
archive.org
thumbnail

Russian hackers have targeted canton Schaffhausen and the cities of Geneva and Sierre, paralysing their websites on Wednesday morning.

swissinfo EN 2025 Noname057(16) DDoS Wef
Record-breaking 5.6 Tbps DDoS attack and global DDoS trends for 2024 Q4 https://blog.cloudflare.com/ddos-threat-report-for-2024-q4/
21/01/2025 16:41:46
QRCode
archive.org
thumbnail

2024 ended with a bang. Cloudflare mitigated another record-breaking DDoS attack peaking at 5.6 Tbps. Overall, Cloudflare mitigated 21.3 million DDoS attacks in 2024, representing a 53% increase compared to 2023.

cloudflare EN 2025 DDoS mitigated record-breaking
IoT Botnet Linked to Large-scale DDoS Attacks Since the End of 2024 https://www.trendmicro.com/en_us/research/25/a/iot-botnet-linked-to-ddos-attacks.html
20/01/2025 08:53:40
QRCode
archive.org
thumbnail

Since the end of 2024, we have been continuously monitoring large-scale DDoS attacks orchestrated by an IoT botnet exploiting vulnerable IoT devices such as wireless routers and IP cameras.

trendmicro EN 2025 malware iot research report cyber-threats DDoS IoT botnet cameras
Luxembourg government websites knocked offline in latest cyberattack | Luxembourg Times https://www.luxtimes.lu/luxembourg/luxembourg-government-websites-knocked-offline-in-latest-cyberattack/33948495.html
15/01/2025 21:27:44
QRCode
archive.org
thumbnail

Several websites were inaccessible for a two-hour period on Friday afternoon

luxtimes EN 2025 DDoS cyberattack Luxembourg government
Panne des systèmes informatiques de la Confédération, en raison d'une attaque DDoS https://www.ncsc.admin.ch/ncsc/fr/home/aktuell/im-fokus/2025/ddos-2024-10-01.html
11/01/2025 11:58:53
QRCode
archive.org

Vendredi matin 10 janvier, l’administration fédérale a été perturbée pendant environ 45 minutes par une panne des systèmes informatiques, en raison d’une attaque DDoS. La téléphonie, Outlook, différents sites Internet de la Confédération ainsi que des applications spécialisées ont entre autres été affectés. Les contre-mesures ont permis de stabiliser la situation.

OFCS Govcert FR 2025 DDoS Panne
Cyber attack on Italy's Foreign Ministry, airports claimed by pro-Russian hacker group https://www.reuters.com/technology/cybersecurity/cyber-attack-italys-foreign-ministry-airports-claimed-by-pro-russian-hacker-2024-12-28/
02/01/2025 22:50:55
QRCode
archive.org

Hackers targeted around ten official websites in Italy on Saturday, including the websites of the Foreign Ministry and Milan's two airports, putting them out of action temporarily, the country's cyber security agency said.
The pro-Russian hacker group Noname057(16) claimed the cyber attack on Telegram, saying Italy's "Russophobes get a well deserved cyber response".

reuters EN 2024 Noname057(16) Italy DDoS
Airline hit by a cyberattack, delaying flights during the year-end holiday season https://apnews.com/article/japan-jal-cyberattack-flights-travel-04fbd4848f3015a77057339a5c90ca32
27/12/2024 11:41:55
QRCode
archive.org
thumbnail

Japan Airlines has been hit by a cyberattack that caused delays to more than 20 domestic flights, but it managed to restore its systems within hours.

apnews EN 2024 cyberattack DDoS flights Japan Airlines
The Rise of Alliances: NoName057(16)'s Transformation in 2024 https://www.radware.com/security/threat-advisories-and-attack-reports/the-rise-of-alliances-noname057-16-transformation-in-2024/
20/12/2024 09:25:12
QRCode
archive.org
thumbnail

In the dynamic and rapidly shifting landscape of hacktivism, few entities have managed to capture as much attention as NoName057(16). Once branded as the

radware EN 2024 NoName057(16) NoName057 hacktivism DDoS Alliances
Tuta has suffered multiple DDoS attacks in one week – but it claims privacy has not been compromised https://www.techradar.com/computing/cyber-security/tuta-has-suffered-multiple-ddos-attacks-in-one-week-but-it-claims-privacy-has-not-been-compromised
09/12/2024 11:19:41
QRCode
archive.org
thumbnail

Some users are still lamenting issues in using the encrypted email service

techradar EN 2024 DDoS attacks Tuta mail
Plusieurs tentatives: L'État luxembourgeois visé par des cyberattaques https://infos.rtl.lu/actu/luxembourg/a/2253791.html
01/12/2024 16:23:20
QRCode
archive.org
thumbnail

Après une première attaque au printemps, les sites de l'État luxembourgeois ont été à nouveau visés le 23 octobre dernier par une attaque "DDoS".

rtl.lu FR 2024 DDoS Luxembourg attaque
page 1 / 5
4493 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio