Hackers seed Amazon cloud with potent denial-of-service bots
Source: arsTechnica - Posted by Dave Wreski   
Intrusion Detection Attackers have figured out a new way to get Amazon's cloud service to wage potent denial-of-service attacks on third-party websitesóby exploiting security vulnerabilities in an open source search and analytics application known as Elasticsearch. The power of Backdoor.Linux.Ganiw.a was documented earlier this month by researchers from antivirus provider Kaspersky Lab. Among other things, the trojan employs DNS amplification, a technique that vastly increases the volume of junk traffic being directed at a victim by abusing poorly secured domain name system servers. By sending DNS queries that are malformed to appear as if they came from the victim domain, DNS amplification can boost attack volume by 10-fold or more. The technique can be especially hard to block when distributed among thousands or hundreds of thousands of compromised computers.

Read this full article at arsTechnica

Only registered users can write comments.
Please login or register.

Powered by AkoComment!