Zerosecurity
  • Home
  • Security
    • Exploits
    • Mobile Security
  • Malware
  • Data Breaches
  • Crypto
  • Privacy
  • Downloads
    • Malwarebytes
    • Exploits
    • Paper Downloads
    • Software & Service Reviews
No Result
View All Result
SUBSCRIBE
Zerosecurity
  • Home
  • Security
    • Exploits
    • Mobile Security
  • Malware
  • Data Breaches
  • Crypto
  • Privacy
  • Downloads
    • Malwarebytes
    • Exploits
    • Paper Downloads
    • Software & Service Reviews
No Result
View All Result
Zerosecurity
No Result
View All Result
Home Public

Anonymous developed new type of DDoS?

Paul Anderson by Paul Anderson
February 16, 2012 - Updated on February 23, 2012
in Public, Security
3
74
SHARES
1.2k
VIEWS
Share on FacebookShare on Twitter

You might also like

Cloudflare Stops Record-Breaking DDoS

Chrome Browser Extension Vytal Prevents Privacy Leaks

State-sponsored Iranian Hackers utilize .NET DNS Backdoor in new Attack

 

Some evidence is showing that Anonymous developed “Reflective DNS Amplification DDoS” to attack DNS root servers on March 31st 2011.

According to this pastebin post, Anonymous on March 31st, ‘shut down’ the internet by down 13 root DNS servers of the Internet.

A 198.41.0.4
B 192.228.79.201
C 192.33.4.12
D 128.8.10.90
E 192.203.230.10
F 192.5.5.241
G 192.112.36.4
H 128.63.2.53
I 192.36.148.17
J 192.58.128.30
K 193.0.14.129
L 199.7.83.42
M 202.12.27.33

By downing these DNS servers, Anonmyous would have prevented many users from being able to type in a URL such as Google.com to access the specific website.

 

The plan and how it worked:

The principle is simple; a flaw that uses forged UDP packets is to be
used to trigger a rush of DNS queries all redirected and reflected to
those 13 IPs. The flaw is as follow; since the UDP protocol allows it,
we can change the source IP of the sender to our target, thus spoofing
the source of the DNS query.

The DNS server will then respond to that query by sending the answer to
the spoofed IP. Since the answer is always bigger than the query, the
DNS answers will then flood the target ip. It is called an amplified
because we can use small packets to generate large traffic. It is called
reflective because we will not send the queries to the root name servers,
instead, we will use a list of known vulnerable DNS servers which will
attack the root servers for us.

DDoS request —> [Vulnerable DNS Server ] <—> Normal client requests
\
| ( Spoofed UDP requests
| will redirect the answers
| to the root name server )
|
[ 13 root servers ] * BAM

Since the attack will be using static IP addresses, it will not rely
on name server resolution, thus enabling us to keep the attack up even
while the Internet is down. The very fact that nobody will be able to
make new requests to use the Internet will slow down those who will try
to stop the attack. It may only lasts one hour, maybe more, maybe even
a few days. No matter what, it will be global. It will be known.

———————————————————————–

download link in #opGlobalBlackout

———————————————————————–

The tool is named “ramp” and stands for Reflective Amplification. It is
located in the \ramp\ folder.

———-> Windows users

In order to run “ramp”, you will need to download and install these two
applications;

WINPCAP DRIVER – http://www.winpcap.org/install/default.htm
TOR – http://www.torproject.org/dist/vidalia-bundles/

The Winpcap driver is a standard library and the TOR client is used as
a proxy client for using the TOR network.

It is also recommended to use a VPN, feel free to choose your own flavor
of this.

To launch the tool, just execute “\ramp\launch.bat” and wait. The attack
will start by itself.

———-> Linux users

The “ramp” linux client is located under the \ramp\linux\ folder and
needs a working installation of python and scapy.

———————————————————————–

“He who sacrifices freedom for security deserves neither.”
Benjamin Franklin

We know you wont’ listen. We know you won’t change. We know it’s because
you don’t want to. We know it’s because you like it how it is. You bullied
us into your delusion. We have seen you brutalize harmless old womans who were
protesting for peace. We do not forget because we know you will only use that
to start again. We know your true face. We know you will never stop. Neither
are we. We know.

We are Anonymous.
We are Legion.
We do not Forgive.
We do not Forget.
You know who you are, Expect us.

Notice, all of this is not confirmed, and all information has been taken from this pastebin post.

Tags: anonymousddosnew
Share30Tweet19
Paul Anderson

Paul Anderson

Editor and chief at ZeroSecurity. Expertise includes programming, malware analysis, and penetration testing. If you would like to write for ZeroSecurity, please click "Contact us" at the top of the page.

Recommended For You

Cloudflare Stops Record-Breaking DDoS

by Christi Rogalski
June 29, 2022
0
Cloudflare record breaking DDoS

Cloudflare has reported that it successfully neutralized the largest recorded DDoS attack in history. The attack, a 26 million request per second onslaught, targeted a customer on the...

Read more

Chrome Browser Extension Vytal Prevents Privacy Leaks

by Christi Rogalski
June 19, 2022 - Updated on June 20, 2022
0
Vytal Chrome Extension spoofs location data

Released in 2008, Google Chrome is a cross-platform web browser. With over 3.2 billion internet users worldwide, there's no denying that Chrome is the most popular browser today....

Read more

State-sponsored Iranian Hackers utilize .NET DNS Backdoor in new Attack

by Kyle
June 12, 2022
0
Lycaeum APT DNS hijacking backdoor

An Advanced Persistent Threat (APT) hacking group based out of Iran going by the name Lycaeum has been seen using a .NET-based DNS backdoor to target organizations within...

Read more

WatchDog’s new multi-stage cryptojacking attack unsurfaced

by Christi Rogalski
June 11, 2022
0
WatchDog Targets Docker Containers

Cado Security’s honeypot has recently captured a rather interesting cryptojacker from what they believe to be the WatchDog hacking group. They note that although the attack’s life cycle...

Read more

Kali Linux 2022.2 Releases With 10 New Tools

by Paul Anderson
May 19, 2022 - Updated on May 27, 2022
0
Kali Linux 2022.2 Releases With 10 New Tools

Offensive Security has announced that they released Kali Linux 2022.2, the second release this year. Updates include desktop enhancements, a fun April Fools screensaver, tweaks to the terminal,...

Read more
Next Post
Trading corporation of bangladesh hacked

Trading corporation of bangladesh hacked

Related News

BlueSky Ransomware backdoors KMSAuto activator

BlueSky Ransomware Infects KMSAuto Activator users

July 20, 2022 - Updated on July 22, 2022
BlackCat Ransomware aka “ALPHV” infections on the rise

BlackCat Ransomware aka “ALPHV” infections on the rise

June 16, 2022 - Updated on July 20, 2022
GIFs in messaging apps are tracking you

GIFs in messaging apps are tracking you

July 19, 2022
Zerosecurity

We cover the latest in Information Security & Blockchain news, as well as threat trends targeting both sectors.

Categories

  • Crypto
  • Data Breaches
  • DotNet Framework
  • Downloads
  • Exploits
  • Exploits
  • Information
  • Legal
  • Malware
  • Malware Analysis
  • Mobile Security
  • Paper Downloads
  • Piracy
  • Privacy
  • Programming
  • Public
  • Security
  • Security
  • Software & Service Reviews
  • Technology News
  • Tools
  • Tutorials
  • Video Tutorials
  • Whitepapers
  • Zero Security
  • Contact Us
  • List of our Writers

© 2022 ZeroSecurity, All Rights Reserved.

No Result
View All Result
  • Home
  • Security
  • Exploits
  • Data Breaches
  • Malware
  • Privacy
  • Mobile Security
  • Tools
  • Contact Us
  • Privacy Policy

© 2022 ZeroSecurity, All Rights Reserved.