Tag Archive for: CloudFlare

WordPress sites being hacked with fake Cloudflare DDoS to distribute malware

/in


WordPress sites being hacked with fake Cloudflare DDoS to distribute malwareImage courtesy:wordpress.org

On Saturday, WordPress sites are being hacked for displaying fake Cloudflare DDoS protection pages to circulate malware that installs the NetSupport RAT and the RaccoonStealer password-stealing Trojan.

DDoS protection screens are commonplace on the internet, that protects sites from bots, pinging them with bogus requests which aim to overwhelm them with garbage traffic.

Internet users treat these welcome screens as an unavoidable short-term annoyance that keeps their favorite online resources protected from malicious operatives. Unfortunately, this familiarity serves as an excellent opportunity for malware campaigns, Bleeping Computer reports.

According to the reports by Sucuri, hackers are attacking poorly protected WordPress sites to add a heavily obscure JavaScript payload, displaying a fake Cloudflare protection DDoS screen.

In June 2022, Raccoon Stealer returned to operations when its authors released its second major version and made it available to cybercriminals under a subscription model.

Raccoon 2.0 targets passwords, cookies, auto-fill data, and credit cards saved on web browsers, a wide range of cryptocurrency wallets, and it also has the potential of performing file exfiltration and taking screenshots of the victim’s desktop.

 




Source…

Mantis Botnet Behind the Largest HTTPS DDoS Attack Targeting Cloudflare Customers

/in


Mantis Botnet

The botnet behind the largest HTTPS distributed denial-of-service (DDoS) attack in June 2022 has been linked to a spate of attacks aimed at nearly 1,000 Cloudflare customers.

Calling the powerful botnet Mantis, the web performance and security company attributed it to more than 3,000 HTTP DDoS attacks against its users.

The most attacked industry verticals include internet and telecom, media, gaming, finance, business, and shopping, of which over 20% of the attacks targeted U.S.-based companies, followed by Russia, Turkey, France, Poland, Ukraine, the U.K., Germany, the Netherlands, and Canada.

Last month, the company said it mitigated a record-breaking DDoS attack aimed at an unnamed customer website using its Free plan that peaked at 26 million requests per second (RPS), with each node generating approximately 5,200 RPS.

The tsunami of junk traffic lasted less than 30 seconds and generated more than 212 million HTTPS requests from more than 1,500 networks in 121 countries, topped by Indonesia, the U.S., Brazil, Russia, and India.

Mantis Botnet

“The Mantis botnet operates a small fleet of approximately 5,000 bots, but with them can generate a massive force — responsible for the largest HTTP DDoS attacks we have ever observed,” Cloudflare’s Omer Yoachimik said.

Mantis stands out for a number of reasons. The first is its ability to carry out HTTPS DDoS attacks, which are expensive in nature due to the computational resources required to establish a secure TLS encrypted connection.

Secondly, unlike other traditional botnets that rely on IoT devices such as DVRs and routers, Mantis leverages hijacked virtual machines and powerful servers, equipping it with more resources.

CyberSecurity

These volumetric attacks aim to generate more traffic than the target can process, causing the victim to exhaust its resources. While adversaries have traditionally utilized UDP to launch amplification attacks, there has been a shift to newer TCP reflected amplification vectors that make use of middleboxes.

Microsoft, in May 2022, disclosed that it prevented about 175,000 UDP reflected amplification attacks over the past year that were aimed at its Azure infrastructure. It also observed a TCP reflected amplification attack…

Source…

Self-Hosting Security Guide for your HomeLab

/in



NET Stock: Cloudflare Solves the Internet’s Need for Speed and Security

/in


Cloudflare (NYSE:NET) investors had to ride a roller coaster for the first five months of 2021. However, since mid-May, NET stock has been in growth mode, posting gains of over 50% from its low point. On July 9, it closed at $108.97, a new all-time high, though it has since eased back. Still within spitting distance of that record close, will NET stock run out of momentum, or does it still have room for growth?

Close up of Cloudflare logo at the Company's headquarters

Source: Sundry Photography / Shutterstock.com

I would argue that Cloudflare is a company with the right product mix at the right time to continue fueling long-term growth. Online shopping is only continuing to grow in popularity. Other services are moving online, including the transition from cable TV to streaming video services.

Cloudflare provides the critical services that keep online services fast, and keep them safe. It’s even a big part of exploding IoT (Internet of Things) growth. This Portfolio Grader “B” rated stock is up nearly 500% from its September 2019 public debut. Given the business Cloudflare is in, the stock growth may just be getting started.

The Importance of Website Speed

One of CloudFlare’s primary lines of business is being a CDN, or content delivery network. That may not sound exciting, but it is an increasingly important service — and one that was in the spotlight during the pandemic.

Cloudflare uses local servers to host critical website services so that users enjoy the speed they expect. Even if a user is logging in on a PC across the country from a company’s main data center, they hit a Cloudflare regional server first so there is no lag and no overload. That ensures online shopping, video conferencing, and other web-based activities offer a positive experience for all users, regardless of their location.

Now, more than ever, slow-loading websites are simply not acceptable. As Forbes’ Jason Hall wrote in 2019:

If a page loads slowly, many people will give up and go somewhere else. That can mean a loss of traffic to your site and a loss of dollars in your pocket. Your conversion rates may suffer, and your bounce rates — the number of people who leave your site after only visiting one page — may increase.

In…

Source…