Prolexic Technologies, the global leader in Distributed Denial of Service (DDoS) protection services, today released a threat advisory on the use of booter shells, which allow hackers to readily launch DDoS attacks without the need for vast networks of infected zombie computers. As a public service, full details of the booter shell threat are available at http://www.prolexic.com/threatadvisories.
"Increased use of techniques such as booter shells is creating an exponential increase in the dangers posed by DDoS attacks," said Neal Quinn, chief operating officer at Prolexic. "For hackers, DDoS attacks have never been easier to launch, while for their victims, the power and complexity of attacks is at an all-time high. The threat of a DDoS attack has never been more likely or its potential impact more severe. We've entered the age of DDoS-as-a-Service."
The increased use of dynamic web content technologies, and the rapid deployment of insecure web applications, has created new vulnerabilities - and opportunities for hackers to use infected web servers (instead of client machines) to conduct DDoS attacks.
Traditional DDoS attacks make use of workstations infected with malware, typically infected through spam campaigns, worms or browser-based exploits. With these traditional tactics, hackers needed multitudes of infected machines, to mount successful DDoS attacks.
DDoS booter scripts, however, are simple standalone files that execute GET/POST floods when accessed via HTTP. With booter shells, DDoS attacks can be launched more readily and can cause more damage, with far fewer machines. Web servers typically have 1,000+ times the capacity of a workstation, providing hackers with a much higher yield of malicious traffic with the addition of each infected web server.
Furthermore, the skill level required to take over a web server and convert it into a DDoS zombie has been significantly reduced. A DDoS booter shell script can be easily deployed by anyone who purchases hosted server resources or makes use of simple web application vulnerabilities such as RFI, LFI, SQLi and WebDAV exploits.
The power, availability and ease-of-use of booter shell scripts has lowered the barrier to entry for launching a DDoS attack, putting attacks within reach of even novice hackers. Many booter shell scripts, tools and lists of infected hosts are freely available in the hacker underground, or can be available for a nominal fee.
"The design and deployment of DDoS attack tools have been greatly simplified. At the same time the power of attacks has increased because server capacity and bandwidth is being utilized instead of workstation bandwidth," Quinn said. "Businesses have to be prepared for DDoS attacks of a nature they may never have seen before."
The best way to prevent infection is with continuous testing of proprietary web applications, as well as repeated testing of known vulnerabilities in commercial applications, either in-house, or through a third-party service, such as Prolexic.
Designed to provide early warnings of new or modified DDoS attack signatures and scripts, recently observed by PLXsert, each threat advisory contains a detailed description of the type of attack, a list of attack signatures, and the specific network infrastructure or application that it targets. In addition, Prolexic's DDoS mitigation experts also offer insight into the nature of each type of attack, as well as provide specific warnings as to how the attack will affect businesses and enterprises of different sizes and infrastructures. PLXsert also provides threat remediation tips to help subscribers not only recognize the new attack signatures, but also proactively defend against them. The latest threat advisories, including HOIC and Dirt Jumper, are available to the public at http://www.prolexic.com/threatadvisories.
About the Prolexic Security Engineering & Response Team (PLXsert)
PLXsert monitors malicious cyber threats globally and analyzes DDoS attacks using proprietary techniques and equipment. Through data forensics and post attack analysis, PLXsert is able to build a global view of DDoS attacks, which is shared with customers. By identifying the sources and associated attributes of individual attacks, the PLXsert team helps organizations adopt best practices and make more informed, proactive decisions about DDoS threats.
Details of Prolexic's mitigation activities and insights into the latest tactics, types, targets and origins of global DDoS attacks are provided in quarterly reports published by the company. A complimentary copy of Prolexic's Q1 2012 Global DDoS Attack Report is available at http://www.prolexic.com/attackreports.
Prolexic is the world's largest, most trusted Distributed Denial of Service (DDoS) mitigation provider. Able to absorb the largest and most complex attacks ever launched, Prolexic restores mission critical Internet facing infrastructures for global enterprises and government agencies within minutes. Ten of the world's largest banks and the leading companies in e-Commerce, SaaS, payment processing, travel/hospitality, gaming and other at-risk industries rely on Prolexic to protect their businesses. Founded in 2003 as the world's first in-the-cloud DDoS mitigation platform, Prolexic is headquartered in Hollywood, Florida and has scrubbing centers located in the Americas, Europe and Asia. For more information, visit http://www.prolexic.com.
Michael E. Donner
SVP, Chief Marketing Officer
+1 (954) 620 6017
Read the full story at http://www.prweb.com/releases/2012/4/prweb9438887.htm
|Sat, May 18, 2013|
|06:02 AM||Blue Loan Services' Instructional Video Helps Clients Save Time And Money|
|06:02 AM||Fast, Efficient, and Effective Electronic Medical Records for Physical Therapists Revealed by Nitin Chhoda|
|06:02 AM||"Xocai Taiwan" Announces New MXI Corp Xophoria Anti-Aging Crème that Harnesses the Power of Chocolate with Revolutionary Neurocosmetic Technology for New Taipei City|
|06:02 AM||REMI Recommends Minneapolis for Startup Realtors|
|06:02 AM||CTR Develops New Back Tax Relief Program For Individuals With Other Debt|
|06:01 AM||Ayurveda Training in Mexico Offered by Escuela de Ayurveda de California, a Leading Institution in the West|
|06:01 AM||June Social Media Training Classes for Small Business, Announced by JM Internet|
|05:11 AM||San Francisco Discrimination Lawyers at Scranton Law Firm Announce Launch of Their New Employment law Website http://www.EmployeeRightsHotline.com|
|05:04 AM||The Special Introductory Offer for the New Retinol Serum at Sublime Beauty Ends Tonight|
|05:03 AM||New York Times Bestselling Author Craig Johnson Returns to Buffalo Bill Center of the West with Advance Copies of Latest Novel|
|04:52 AM||Zane Benefits Publishes New Information on Vermont Health Insurance Exchange|
|04:32 AM||Nissan India to Roll Out the Face-lifted Edition of Evalia Soon, Reports Gaadi.com|
|04:32 AM||Ilaj.com Innovates a Doctor Searching Mechanism with Its Reliable and Unique Services|
|04:03 AM||Explore Tibet Announces Nomadic Trekking Adventure|
|04:01 AM||Lennar is Now Pre Selling the Landmark Collection in The Reserves at Spring Meadows, Plymouth MN|
|03:51 AM||AAA State of Play Giving Discounts of Up to $300 on Playground Slides|
|03:25 AM||Dreammaker Spas, Hot Tubs On Sale at SportsFanPlayground.com|
|03:17 AM||Pros and Cons of Latex Mattresses Detailed in Latest Mattress Inquirer Article|
|03:17 AM||Wireless Security Home Alarm System.com Announces its New Tennessee Home Utility Solutions and Home Energy Automation Services|
|03:16 AM||Used Acura TSX Side Mirror Discounts Now Provided by Auto Pros USA|
|03:15 AM||Homes For Sale in Fort Lauderdale Now Available from KDP Real Estate Group|
|03:14 AM||BMA Affordable Assisted Living Community Wins State Wii Bowling Tournament|
|03:14 AM||AC Control Panel Discounts Now Offered by AutoProsUSA.com|
|03:14 AM||Used Lincoln Navigator Engine Price Drop Now at UsedEngines.co|
|03:13 AM||Used Ford F150 Ecoboost Engine Discounted for Truck Owners at GotEngines.com|
|03:11 AM||Refurbished Ford Escape Engine Sold to SUV Owners at RemanufacturedEnginesforSale.com|
|03:11 AM||Air Flow Meter for Vehicles Discounted Online by Auto Pros USA|
|03:11 AM||Used Honda Civic Headlights Now Sold to Buyers at AutoProsUSA.com|
|03:10 AM||Junk Yards in Tampa Now Selling Used Parts Through AutoProsUSA.com|
|03:09 AM||Diesel Engine for Sale Inventory Discounted at GotDieselEngines.com|
|More Press Releases From PRWeb|