14 DAY TRIAL // Experts from Prolexic Technologies – a security firm that specializes in fending off distributed denial-of-service (DDOS) attacks – have found a way to neutralize attacks that rely on the Dirt Jumper family of toolkits by leveraging a flaw in their command and control (C&C) architecture.
“DDoS attackers take pride in finding and exploiting weaknesses in the architecture and code of their targets. With this vulnerability report, we’ve turned the tables and exposed crucial weaknesses in their own tools,” Scott Hammack, chief executive officer at Prolexic, explained.
By identifying the C&C servers, the researchers have been able to thoroughly analyze them. With the aid of open source penetration testing application, they have found a way to access the server’s backend and its configuration files.
These elements can allow experts to access the servers and terminate DDOS attacks before they can cause too much damage.
“Part of our mission is to clean up the Internet. It is our duty to share this vulnerability with the security community at large,” Hammack added.
Besides releasing the vulnerability disclosure report on the Dirt Jumper DDOS Toolkit family, Prolexic has also revealed its findings on a new member of the Dirt Jumper family, namely Pandora.
The Pandora toolkit can allegedly take down a poorly protected website with a botnet of just 10 computers. Furthermore, its masters claim it can slow down even Russia’s most popular search engine (yandex.ru) if one thousand bots are at hand.
However, perhaps the best example of what Pandora is capable of is the attack on the website of security journalist Brian Krebs. Three different DDOS attacks were launched on Krebs' site in the last week of July.
The complete threat advisory is available for download on Prolexic’s website.