Cybercriminals are delving into the past to launch attacks based on some very old vulnerabilities according to the latest report from Kaspersky Lab, and they’re using Linux to do it.
In the second quarter of 2018, experts have reported DDoS attacks involving a vulnerability in the Universal Plug-and-Play protocol known since 2001. Also, the Kaspersky DDoS Protection team observed an attack organized using a vulnerability in the CHARGEN protocol that was described as far back as 1983.
In the top 10 of countries hosting the most active command and control (C&C) servers, the US leads, accounting for almost half (45 percent) of all active botnet C&C servers in Q2. Meanwhile, Vietnam joined the list while Hong Kong dropped out of the top 10.
One of the most popular methods of monetizing DDoS attacks remains the targeting of cryptocurrencies and currency exchanges. In Q2, Verge cryptocurrency suffered an attack on some mining pools over the course of several hours, resulting in $35 million XVGs being stolen in the ensuing confusion.
Gaming platforms continue to be a target as well, particularly during eSports tournaments. According to Kaspersky Lab, DDoS attacks affect not only game servers (which is often done to extort a ransom in return for not disrupting the competition) but also the gamers themselves who connect from their own platforms. An organized DDoS attack on a team’s key players can easily result in that team losing and being eliminated from a tournament. Cybercriminals use similar tactics to monetize attacks on channels streaming broadcasts of video games. Competition in this segment is intense, and by using DDoS attacks, cybercriminals can interfere with online broadcasts and, consequently, a streamer’s earnings.
Submitted by: Arnfried Walbrecht