|
Hackers Hijack Web Servers For More Powerful DDoS Attacks
05/13/2010
|
David Hamilton - May 12, 2010
(WEB HOST INDUSTRY REVIEW) -- Instead of using bot-infected PCs, a new generation of distributed denial of service attacks are leveraging the power of web servers, according to research from security firm Imperva (www.imperva.com). This strategy forms the basis for a botnet that compromised around 300 web servers to launch high-bandwidth DDoS attacks, according to a Techworld news post.
Imperva researchers discovered this hijacking and they believe these servers were accessed using an unspecified security vulnerability that lets the attacker, "Exeman," infect them with a minuscule 40-line PHP script that includes a simple GUI that the attacker can use to enter an IP, a port and duration numbers to launch a DDoS attack. Once discovering the threat, researchers were able to observe the attacker using a compromised server to launch a real DoS attack on a Dutch ISP, which was likely for an extortion-related purpose.
Imperva CTO, Amachai Shulman told Techworld that web servers are an excellent resource for hackers because they often lack anti-virus software, and offer 10 to 50 times the upload bandwidth of a consumer PC. Shulman estimates that hundreds of web servers have been infected and are being re-purposed to carry out DDoS attacks.
Read the full article at TheWHIR.com... |
| Back | Return to Top |
|
|
