A Distributed Denial-of-Service (DDoS) Attack Hit Sony Servers on Sunday and the Hacker Claiming Responsibility for it, Says that, One Server was Crippled by 263.35 Gbps of Junk Traffic.
News Broke that a Hacker Collective Going Under the Name of Lizard Squad, Directed a Large DDoS Attack against Sony Online Entertainment and PLAYSTATION Network Services.
However, it Appears that, the Group’s Contribution to the Incident was to Merely Take Credit for the Deed and Bring More Attention to it by Tweeting a Bomb Scare to the Flight Carrying SOE's President, John Smedley from Dallas to San Diego.
The Attack Seems to be the Act of a Hacker Known on Twitter as 'Fame' (@FamedGod), Who Came Back with a Vengeance Plan, Making Public the IP Addresses of Every Member of the Lizard Squad Collective. 'FamedGod' Tweeted that, they Pulled the DDoS by Abusing NTP (Network Time Protocol) Servers, which Blasted 263.35Gbps of Bad Traffic towards One Sony Server.
In the 2nd Quarter of 2014, the Largest DDoS Recorded by Arbor Networks was of 325 Gbps. Verisign also Registered Values Peaking at 300 Gbps for the Same Time Frame; by Comparison, 263.35 Gbps is Far from Being a Light Blast.
Soon after Launching the Attack, Users Started to Experience Issues on the PSN Service, being Signed Out Due to an Error (80710092) that Signaled Online Connectivity Problems.
According to Companies Offering DDoS Mitigation Solutions, Amplification Attacks Carried Out through NTP Servers, Have Become More Frequent in the 2nd Quarter of the Year.
In the Case of the Sony Incident, 'FamedGod' Appears to Have Leveraged Vulnerable NTP Servers. “OMG my NTP Lists are dead already. Gotta scan for new ones”, a Tweet Says.
A Report in May regarding the Number of NTP Servers Vulnerable to the “Monlist” Function Abuse, Informed that, 17,647 Machines still Needed to be Patched; Out of these, More than 2,100 were Capable of an Amplification of at least 700x.
In a YouTube Video, the Hacker Explains that, the Attack was Possible because Sony Didn't Implement Sufficient Security Measures to its Network following the 2011 Incident, which Resulted in the Theft of Personal Details from about 77 Million User Accounts. 'FamedGod' Explains that, “jailbreaks can access hidden and prohibited content now” and that, the Address of the Attacked Server Could be Discovered by Decrypting a Memory Dump. “Memory dumping can reveal the hidden servers which personal and main information is stored. Simple hex converting and decryption lead to a full DDoS on PlayStations main server data center”, it is Said in the Video.
A Good Example to Follow is Microsoft’s XBox Network, which Doesn't Operate on a Single Datacenter.
The Twitter Feed of the Hacker also Contains a Post Saying that, Sony Could Task a Team with Monitoring Servers and Filtering the Bad Traffic from a DDoS Attack but, they Wouldn't Send the Money on this.
Info Sources:
https://twitter.com/FamedGod/status/503487835392204800
http://www.verisigninc.com/assets/report-ddos-trends-Q22014.pdf
sábado, 30 de agosto de 2014
263.35 Gbps of Traffic Aimed at One Sony Server During DDoS Attack
02:09
No comments
0 comentários:
Enviar um comentário