Tag: Decadeold | SpinSafe

Are Decade-Old DoS Tools Still Relevant in 2021?

June 9, 2021/in Internet Security

Surprisingly, the answer is yes.

After Anonymous fell apart in 2016, the threat landscape shifted rapidly. The once mainstream group of organized Denial of Service (DoS) attacks with simple GUI-based tools were no more; as the era of Distributed Denial of Service (DDoS) attacks and DDoS-as-a-Service began to take shape under the power of new IoT botnets such as Bashlite and Mirai.

While Anonymous has not entirely disappeared, its digital footprint has significantly reduced over the last five years. Today, you can still find Anonymous accounts on the usual social media outlets and video platforms spreading operational propaganda, but with limited impact compared to the past. However, during a recent Anonymous operation, I was surprised to find that the group, which still uses PasteBin and GhostBin (to centralize operational details), had updated their target list from years prior and suggested the use of Memcached and other reflective attack vectors. They recommended using antiquated DoS tools, such as LOIC, HOIC, ByteDoS, and Pyloris, all nearly 10-years-old.

Tools of The Past

HOIC

High Orbit Ion Cannon, or HOIC for short, is a network stress testing tool related to LOIC; both are used to launch Denial of Service attacks popularized by Anonymous. This tool can cause a Denial of Service through the use of HTTP floods. Additionally, HOIC has a built-in scripting system that accepts .hoic files called boosters. These files allow a user to deploy anti-DDoS randomization countermeasures and increase the magnitude of the attack.

While it has no significant obfuscation or anonymization techniques to protect the user’s origin, the use of .hoic “booster” scripts allows the user to specify a list of rotating target URLs, referrers, user agents, and headers. This effectively causes a Denial of Service condition by attacking multiple pages on the same site while making it seem like attacks are coming from several different users.

[Click for Full Report: Quarterly Threat Intelligence Report]

ByteDOS

Once considered a destructive tool, ByteDoS has become a novelty in 2021. ByteDos is a Windows desktop DoS application. It is a simple, standalone executable file that does…

Source…

Chinese hackers use decade-old Bisonal Trojan in cyberespionage campaigns – ZDNet

March 6, 2020/in Internet Security

Chinese hackers use decade-old Bisonal Trojan in cyberespionage campaigns ZDNet
“chinese hackers” – read more

Decade-old Bluetooth flaw lets hackers steal data passing between devices

July 25, 2018/in Internet Security

A large number of device makers are patching a serious vulnerability in the Bluetooth specification that allows attackers to intercept and tamper with data exchanged wirelessly. People who use Bluetooth to connect smartphones, computers, or other security-sensitive devices should make sure they install a fix as soon as possible.

The attack, which was disclosed in a research paper published Wednesday, is serious because it allows people to perform a man-in-the-middle attack on the connection between vulnerable devices. From there, attackers can view any exchanged data, which might include contacts stored on a device, passwords typed on a keyboard, or sensitive information used by medical, point-of-sale, or automotive equipment. Attackers could also forge keystrokes on a Bluetooth keyboard to open up a command window or malicious website in an outright compromise of the connected phone or computer.

Not novel

Bluetooth combines Simple Secure Pairing or LE Secure Connections with principles of elliptic curve mathematics to allow devices that have never connected before to securely securely establish a secret key needed for encrypted communications. The attack uses a newly developed variant of what cryptographers call an invalid curve attack to exploit a major shortcoming in the Bluetooth protocol that remained unknown for more than a decade. As a result, attackers can force the devices to use a known encryption key that allows the monitoring and modifying of data wirelessly passing between them.

Read 5 remaining paragraphs | Comments

Biz & IT – Ars Technica

Decade-old espionage malware found targeting government computers – Ars Technica

March 20, 2013/in Computer Security

Decade-old espionage malware found targeting government computers
Ars Technica
The discovery of TeamSpy is only the latest to reveal an international operation that uses malware to siphon sensitive data from high-profile targets. The most well-known campaign was dubbed Flame. Other surveillance campaigns include Gauss and Duqu, …

and more »

flame malware – read more

Tag Archive for: Decadeold

Not novel