The hackers infect servers with an application and, through a very simple software program, are able to identify the URLs they want to attack and hit them in a click of a button.
Imperva, the security firm which discovered the attacks, has the source code for the original application, along with screenshots, showing it only contained 90 lines of PHP code.
“Although servers are typically harder to compromise than PCs, by capitalising on their greater horsepower, the hackers create a much more efficient and powerful DDoS tool using servers as the attack platform,” said Imperva in a statement.
“By using web servers, the attackers are even less detectable. Trace backs typically lead to a lone server at a random hosting company.”
Amichai Shulman, chief technology officer at Imperva, has claimed that unlike most DDoS attacks, this is not a one off and the attacks “will be ongoing.”
He advises companies to be on the look out and monitor Google presence to check if they have been compromised.
Posts
No comments:
Post a Comment