Researchers Warn of CatDDoS Botnet and DNSBomb DDoS Attack Technique

By: Newsroom — May 28^th 2024 at 10:15

The threat actors behind the CatDDoS malware botnet have exploited over 80 known security flaws in various software over the past three months to infiltrate vulnerable devices and co-opt them into a botnet for conducting distributed denial-of-service (DDoS) attacks. "CatDDoS-related gangs' samples have used a large number of known vulnerabilities to deliver samples," the QiAnXin XLab team 

The Hacker News

Expert-Led Webinar - Uncovering Latest DDoS Tactics and Learn How to Fight Back

By: The Hacker News — May 3^rd 2024 at 12:53

In today's rapidly evolving digital landscape, the threat of Distributed Denial of Service (DDoS) attacks looms more significant than ever. As these cyber threats grow in sophistication, understanding and countering them becomes crucial for any business seeking to protect its online presence. To address this urgent need, we are thrilled to announce our upcoming webinar, "Uncovering Contemporary

The Hacker News

New U.K. Law Bans Default Passwords on Smart Devices Starting April 2024

By: Newsroom — April 30^th 2024 at 05:57

The U.K. National Cyber Security Centre (NCSC) is calling on manufacturers of smart devices to comply with new legislation that prohibits them from using default passwords, effective April 29, 2024. "The law, known as the Product Security and Telecommunications Infrastructure act (or PSTI act), will help consumers to choose smart devices that have been designed to

The Hacker News

Cisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH Services

By: Newsroom — April 17^th 2024 at 08:38

Cisco is warning about a global surge in brute-force attacks targeting various devices, including Virtual Private Network (VPN) services, web application authentication interfaces, and SSH services, since at least March 18, 2024. "These attacks all appear to be originating from TOR exit nodes and a range of other anonymizing tunnels and proxies," Cisco Talos said. Successful attacks could

The Hacker News

New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks

By: Newsroom — April 4^th 2024 at 11:15

New research has found that the CONTINUATION frame in the HTTP/2 protocol can be exploited to conduct denial-of-service (DoS) attacks. The technique has been codenamed HTTP/2 CONTINUATION Flood by security researcher Bartek Nowotarski, who reported the issue to the CERT Coordination Center (CERT/CC) on January 25, 2024. "Many HTTP/2 implementations do not properly limit or sanitize the

The Hacker News

Ivanti Rushes Patches for 4 New Flaws in Connect Secure and Policy Secure

By: Newsroom — April 4^th 2024 at 04:45

Ivanti has released security updates to address four security flaws impacting Connect Secure and Policy Secure Gateways that could result in code execution and denial-of-service (DoS). The list of flaws is as follows - CVE-2024-21894 (CVSS score: 8.2) - A heap overflow vulnerability in the IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an

The Hacker News

Crafting Shields: Defending Minecraft Servers Against DDoS Attacks

By: The Hacker News — March 26^th 2024 at 11:29

Minecraft, with over 500 million registered users and 166 million monthly players, faces significant risks from distributed denial-of-service (DDoS) attacks, threatening server functionality, player experience, and the game’s reputation. Despite the prevalence of DDoS attacks on the game, the majority of incidents go unreported, leaving a gap in awareness and protection. This article explains

The Hacker News

New 'Loop DoS' Attack Impacts Hundreds of Thousands of Systems

By: Newsroom — March 20^th 2024 at 14:51

A novel denial-of-service (DoS) attack vector has been found to target application-layer protocols based on User Datagram Protocol (UDP), putting hundreds of thousands of hosts likely at risk. Called Loop DoS attacks, the approach pairs "servers of these protocols in such a way that they communicate with each other indefinitely," researchers from the CISPA Helmholtz-Center for

The Hacker News

DirtyMoe Malware Infects 2,000+ Ukrainian Computers for DDoS and Cryptojacking

By: Newsroom — February 2^nd 2024 at 13:17

The Computer Emergency Response Team of Ukraine (CERT-UA) has warned that more than 2,000 computers in the country have been infected by a strain of malware called DirtyMoe. The agency attributed the campaign to a threat actor it calls UAC-0027. DirtyMoe, active since at least 2016, is capable of carrying out cryptojacking and distributed denial-of-service (DDoS) attacks. In March

The Hacker News

FritzFrog Returns with Log4Shell and PwnKit, Spreading Malware Inside Your Network

By: Newsroom — February 1^st 2024 at 15:44

The threat actor behind a peer-to-peer (P2P) botnet known as FritzFrog has made a return with a new variant that leverages the Log4Shell vulnerability to propagate internally within an already compromised network. "The vulnerability is exploited in a brute-force manner that attempts to target as many vulnerable Java applications as possible," web infrastructure and security

The Hacker News

From Megabits to Terabits: Gcore Radar Warns of a New Era of DDoS Attacks

By: The Hacker News — January 23^rd 2024 at 11:33

As we enter 2024, Gcore has released its latest Gcore Radar report, a twice-annual publication in which the company releases internal analytics to track DDoS attacks. Gcore’s broad, internationally distributed network of scrubbing centers allows them to follow attack trends over time. Read on to learn about DDoS attack trends for Q3–Q4 of 2023, and what they mean for developing a robust

The Hacker News

DDoS Attacks on the Environmental Services Industry Surge by 61,839% in 2023

By: Newsroom — January 15^th 2024 at 05:55

The environmental services industry witnessed an “unprecedented surge” in HTTP-based distributed denial-of-service (DDoS) attacks, accounting for half of all its HTTP traffic. This marks a 61,839% increase in DDoS attack traffic year-over-year, web infrastructure and security company Cloudflare said in its DDoS threat report for 2023 Q4 published last week. “This surge in cyber attacks coincided

KitPloit - PenTest Tools!

PhantomCrawler - Boost Website Hits By Generating Requests From Multiple Proxy IPs

By: Zion3R — January 4^th 2024 at 11:30

PhantomCrawler allows users to simulate website interactions through different proxy IP addresses. It leverages Python, requests, and BeautifulSoup to offer a simple and effective way to test website behaviour under varied proxy configurations.

Features:

Utilizes a list of proxy IP addresses from a specified file.
Supports both HTTP and HTTPS proxies.
Allows users to input the target website URL, proxy file path, and a static port.
Makes HTTP requests to the specified website using each proxy.
Parses HTML content to extract and visit links on the webpage.

Usage:

POC Testing: Simulate website interactions to assess functionality under different proxy setups.
Web Traffic Increase: Boost website hits by generating requests from multiple proxy IPs.
Proxy Rotation Testing: Evaluate the effectiveness of rotating proxy IPs.
Web Scraping Testing: Assess web scraping tasks under different proxy configurations.
DDoS Awareness: Caution: The tool has the potential for misuse as a DDoS tool. Ensure responsible and ethical use.

Get New Proxies with port and add in proxies.txt in this format 50.168.163.176:80

You can add it from here: https://free-proxy-list.net/ these free proxies are not validated some might not work so first validate these proxies before adding.

How to Use:

Clone the repository:

git clone https://github.com/spyboy-productions/PhantomCrawler.git

Install dependencies:

pip3 install -r requirements.txt

Run the script:

python3 PhantomCrawler.py

Disclaimer: PhantomCrawler is intended for educational and testing purposes only. Users are cautioned against any misuse, including potential DDoS activities. Always ensure compliance with the terms of service of websites being tested and adhere to ethical standards.

Snapshots:

If you find this GitHub repo useful, please consider giving it a star!

Download PhantomCrawler

The Hacker News

Discover How Gcore Thwarted Powerful 1.1Tbps and 1.6Tbps DDoS Attacks

By: The Hacker News — December 1^st 2023 at 10:26

The most recent Gcore Radar report and its aftermath have highlighted a dramatic increase in DDoS attacks across multiple industries. At the beginning of 2023, the average strength of attacks reached 800 Gbps, but now, even a peak as high as 1.5+ Tbps is unsurprising. To try and break through Gcore’s defenses, perpetrators made two attempts with two different strategies.

The Hacker News

GoTitan Botnet Spotted Exploiting Recent Apache ActiveMQ Vulnerability

By: Newsroom — November 29^th 2023 at 05:07

The recently disclosed critical security flaw impacting Apache ActiveMQ is being actively exploited by threat actors to distribute a new Go-based botnet called GoTitan as well as a .NET program known as PrCtrl Rat that's capable of remotely commandeering the infected hosts. The attacks involve the exploitation of a remote code execution bug (CVE-2023-46604, CVSS score: 10.0)

The Hacker News

Russian Hackers Linked to 'Largest Ever Cyber Attack' on Danish Critical Infrastructure

By: Newsroom — November 16^th 2023 at 06:06

Russian threat actors have been possibly linked to what's been described as the "largest cyber attack against Danish critical infrastructure," in which 22 companies associated with the operation of the country's energy sector were targeted in May 2023. "22 simultaneous, successful cyberattacks against Danish critical infrastructure are not commonplace," Denmark's SektorCERT said [PDF]. "The

The Hacker News

Record-Breaking 100 Million RPS DDoS Attack Exploits HTTP/2 Rapid Reset Flaw

By: Newsroom — October 26^th 2023 at 13:00

Cloudflare on Thursday said it mitigated thousands of hyper-volumetric HTTP distributed denial-of-service (DDoS) attacks that exploited a recently disclosed flaw called HTTP/2 Rapid Reset, 89 of which exceeded 100 million requests per second (RPS). "The campaign contributed to an overall increase of 65% in HTTP DDoS attack traffic in Q3 compared to the previous quarter," the web infrastructure

The Hacker News

HTTP/2 Rapid Reset Zero-Day Vulnerability Exploited to Launch Record DDoS Attacks

By: Newsroom — October 10^th 2023 at 15:24

Amazon Web Services (AWS), Cloudflare, and Google on Tuesday said they took steps to mitigate record-breaking distributed denial-of-service (DDoS) attacks that relied on a novel technique called HTTP/2 Rapid Reset. The layer 7 attacks were detected in late August 2023, the companies said in a coordinated disclosure. The cumulative susceptibility to this attack is being tracked as CVE-2023-44487,

The Hacker News

Researcher Reveals New Techniques to Bypass Cloudflare's Firewall and DDoS Protection

By: Newsroom — October 3^rd 2023 at 09:29

Firewall and distributed denial-of-service (DDoS) attack prevention mechanisms in Cloudflare can be circumvented by exploiting gaps in cross-tenant security controls, defeating the very purpose of these safeguards, it has emerged. "Attackers can utilize their own Cloudflare accounts to abuse the per-design trust-relationship between Cloudflare and the customers' websites, rendering the

The Hacker News

High-Severity Flaws Uncovered in Atlassian Products and ISC BIND Server

By: THN — September 22^nd 2023 at 08:00

Atlassian and the Internet Systems Consortium (ISC) have disclosed several security flaws impacting their products that could be exploited to achieve denial-of-service (DoS) and remote code execution. The Australian software services provider said that the four high-severity flaws were fixed in new versions shipped last month. This includes - CVE-2022-25647 (CVSS score: 7.5) - A deserialization

The Hacker News

DDoS 2.0: IoT Sparks New DDoS Alert

By: The Hacker News — September 15^th 2023 at 10:25

The Internet of Things (IoT) is transforming efficiency in various sectors like healthcare and logistics but has also introduced new security risks, particularly IoT-driven DDoS attacks. This article explores how these attacks work, why they’re uniquely problematic, and how to mitigate them. What Is IoT? IoT (Internet of Things) refers to online, interconnected devices that collect and exchange

The Hacker News

How Cyberattacks Are Transforming Warfare

By: The Hacker News — September 13^th 2023 at 09:56

There is a new battlefield. It is global and challenging to defend. What began with a high-profile incident back in 2007, when Estonia was hit by hackers targeting its government and commercial sector, has evolved into cyber warfare that is being waged constantly worldwide. Today, cyberattacks have become the norm, transforming how we think about war and international conflict as a whole. From

The Hacker News

Mirai Botnet Variant 'Pandora' Hijacks Android TVs for Cyberattacks

By: THN — September 7^th 2023 at 09:47

A Mirai botnet variant called Pandora has been observed infiltrating inexpensive Android-based TV sets and TV boxes and using them as part of a botnet to perform distributed denial-of-service (DDoS) attacks. Doctor Web said the compromises are likely to occur either during malicious firmware updates or when applications for viewing pirated video content are installed. "It is likely that this

The Hacker News

"Mysterious Team Bangladesh" Targeting India with DDoS Attacks and Data Breaches

By: THN — August 3^rd 2023 at 09:20

A hacktivist group known as Mysterious Team Bangladesh has been linked to over 750 distributed denial-of-service (DDoS) attacks and 78 website defacements since June 2022. "The group most frequently attacks logistics, government, and financial sector organizations in India and Israel," Singapore-headquartered cybersecurity firm Group-IB said in a report shared with The Hacker News. "The group is

The Hacker News

DDoS Botnets Hijacking Zyxel Devices to Launch Devastating Attacks

By: THN — July 21^st 2023 at 09:03

Several distributed denial-of-service (DDoS) botnets have been observed exploiting a critical flaw in Zyxel devices that came to light in April 2023 to gain remote control of vulnerable systems. "Through the capture of exploit traffic, the attacker's IP address was identified, and it was determined that the attacks were occurring in multiple regions, including Central America, North America,

The Hacker News

Surviving the 800 Gbps Storm: Gain Insights from Gcore's 2023 DDoS Attack Statistics

By: The Hacker News — July 6^th 2023 at 11:22

Gcore Radar is a quarterly report prepared by Gcore that provides insights into the current state of the DDoS protection market and cybersecurity trends. This report offers you an understanding of the evolving threat landscape and highlights the measures required to protect against attacks effectively. It serves as an insight for businesses and individuals seeking to stay informed about the

The Hacker News

DDoSia Attack Tool Evolves with Encryption, Targeting Multiple Sectors

By: Ravie Lakshmanan — July 4^th 2023 at 10:44

The threat actors behind the DDoSia attack tool have come up with a new version that incorporates a new mechanism to retrieve the list of targets to be bombarded with junk HTTP requests in an attempt to bring them down. The updated variant, written in Golang, "implements an additional security mechanism to conceal the list of targets, which is transmitted from the [command-and-control] to the

The Hacker News

Cybercriminals Hijacking Vulnerable SSH Servers in New Proxyjacking Campaign

By: Ravie Lakshmanan — June 30^th 2023 at 08:31

An active financially motivated campaign is targeting vulnerable SSH servers to covertly ensnare them into a proxy network. "This is an active campaign in which the attacker leverages SSH for remote access, running malicious scripts that stealthily enlist victim servers into a peer-to-peer (P2P) proxy network, such as Peer2Profit or Honeygain," Akamai researcher Allen West said in a Thursday

The Hacker News

New Condi Malware Hijacking TP-Link Wi-Fi Routers for DDoS Botnet Attacks

By: Ravie Lakshmanan — June 21^st 2023 at 05:36

A new malware called Condi has been observed exploiting a security vulnerability in TP-Link Archer AX21 (AX1800) Wi-Fi routers to rope the devices into a distributed denial-of-service (DDoS) botnet. Fortinet FortiGuard Labs said the campaign has ramped up since the end of May 2023. Condi is the work of a threat actor who goes by the online alias zxcr9999 on Telegram and runs a Telegram channel

The Hacker News

Microsoft Blames Massive DDoS Attack for Azure, Outlook, and OneDrive Disruptions

By: Ravie Lakshmanan — June 19^th 2023 at 08:37

Microsoft on Friday attributed a string of service outages aimed at Azure, Outlook, and OneDrive earlier this month to an uncategorized cluster it tracks under the name Storm-1359. "These attacks likely rely on access to multiple virtual private servers (VPS) in conjunction with rented cloud infrastructure, open proxies, and DDoS tools," the tech giant said in a post on Friday. Storm-#### (

The Hacker News

From Cryptojacking to DDoS Attacks: Diicot Expands Tactics with Cayosin Botnet

By: Ravie Lakshmanan — June 17^th 2023 at 06:59

Cybersecurity researchers have discovered previously undocumented payloads associated with a Romanian threat actor named Diicot, revealing its potential for launching distributed denial-of-service (DDoS) attacks. "The Diicot name is significant, as it's also the name of the Romanian organized crime and anti-terrorism policing unit," Cado Security said in a technical report. "In addition,

The Hacker News

Dark Frost Botnet Launches Devastating DDoS Attacks on Gaming Industry

By: Ravie Lakshmanan — May 25^th 2023 at 14:53

A new botnet called Dark Frost has been observed launching distributed denial-of-service (DDoS) attacks against the gaming industry. "The Dark Frost botnet, modeled after Gafgyt, QBot, Mirai, and other malware strains, has expanded to encompass hundreds of compromised devices," Akamai security researcher Allen West said in a new technical analysis shared with The Hacker News. Targets include

The Hacker News

Zyxel Firewall Devices Vulnerable to Remote Code Execution Attacks — Patch Now

By: Ravie Lakshmanan — April 28^th 2023 at 11:41

Networking equipment maker Zyxel has released patches for a critical security flaw in its firewall devices that could be exploited to achieve remote code execution on affected systems. The issue, tracked as CVE-2023-28771, is rated 9.8 on the CVSS scoring system. Researchers from TRAPA Security have been credited with reporting the flaw. "Improper error message handling in some firewall versions

The Hacker News

New SLP Vulnerability Could Let Attackers Launch 2200x Powerful DDoS Attacks

By: Ravie Lakshmanan — April 25^th 2023 at 13:26

Details have emerged about a high-severity security vulnerability impacting Service Location Protocol (SLP) that could be weaponized to launch volumetric denial-of-service attacks against targets. "Attackers exploiting this vulnerability could leverage vulnerable instances to launch massive Denial-of-Service (DoS) amplification attacks with a factor as high as 2,200 times, potentially making it

The Hacker News

New GoLang-Based HinataBot Exploiting Router and Server Flaws for DDoS Attacks

By: Ravie Lakshmanan — March 17^th 2023 at 12:07

A new Golang-based botnet dubbed HinataBot has been observed to leverage known flaws to compromise routers and servers and use them to stage distributed denial-of-service (DDoS) attacks. "The malware binaries appear to have been named by the malware author after a character from the popular anime series, Naruto, with file name structures such as 'Hinata-<OS>-<Architecture>,'" Akamai said in a