It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Some features of ATS will be disabled while you continue to use an ad-blocker.
(visit the link for the full news article)
An attack on hundreds of web sites in South Korea earlier this week continues to clog websites in the United States of America
Officials say cyber attacks have affected U.S. government Web sites including those of the White House, departments of Homeland Security, Defense and Treasury and the Voice of
The attackers do not appear to be interested in breaking into computers to steal information but to give the impression that something is wrong with the entire system.
Here’s a 20 second summary of whats been happening in the news:
On July 4th, a handful of US websites (5) came under DDoS attack from a botnet consisting of a high proportion of bot agents (i.e. victims) based within South Korea.
Initial estimates placed this particular botnet at about 20,000 agents.
Over the following days the list of targeted web sites grew to 26, with a mix of US and South Korean sites.
The targets were a mix of government, financial and news media Web sites – more heavily weighted towards government sites.
The bot agents were launching a mix of HTTP GET requests, UDP packets and ICMP ECHO requests at each listed target – repeatedly cycling through the list in a round-robin fashion. Depending upon the victim computer being used, this could represent around 100 “attacks” per second.
Estimates of the botnet size range from 20k through to 100k – with most public news media estimating the size to be 50-60k bot agents.
Some Web sites didn’t cope well with their unwanted DDoS traffic and went down for a period of time – most noticeable the FTC Web site.
The bot agent in use (and the samples Damballa have collected) are based upon MyDoom – a worm-based bot agent dating back to 2004.