NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
Home / News / Security / Hacking News

Hacking News


President of Georgia Web Page Down after Hacker Attack

The Russians are believed to be behind it

By George Craciun, Security News Editor

21st of July 2008, 11:06 GMT

Adjust text size:


DDOS attack shuts down the web page of Georgia President
Enlarge picture
Over the weekend, the web page of Mikhail Saakashvili, the president of Georgia, has been under an intense DDOS (denial-of-service) attack, which caused it to temporarily shut down. According to the Shadowserver Foundation, the attack began on Saturday morning and rendered the web page unavailable for a period of about 24 hours. Here is an example of the commands the foundation has detected so far: "flood http www.president.gov.ge/".

The server that hosts the Presidential web page also harbors the Social Assistance and Employment State Agency website, as well as other sites that have become unavailable due to the attack.

Steven Adair from the Shadowserver Foundation comments: "Who else have these guys been attacking with this MachBot C&C server? The answer is no one. This server recently came online in the past few weeks and has not issued any other attacks that we have observed until recently. All attacks we have observed have been directed right at www.president.gov.ge."

What is the reason for this multi-pronged distributed denial of service attack? Since the Shadowserver Foundation has yet to provide a precise answer, we can only speculate. What we do know is that political relations between Georgia and Russia have been quite tense recently. There are reasons to believe the attack originates from Russia and, as the attack on Lithuania has proven, this is the usual manner in which Russian hackers respond to political tensions.

"We do not have any solid proof that the people behind this C&C server are Russian. However, the HTTP-based botnet C&C server is a MachBot controller, which is a tool that is frequently used by Russian bot herders. On top of that the domain involved with this C&C server has seemingly bogus registration information but does tie back to Russia," says Steven Adair.

The Shadowserver Foundation is made up of several security pros that voluntarily monitor online traffic in an effort to detect malware, botnet activity, and electronic fraud. People must be made aware of the threats they may encounter while surfing the web, threats that range from malware spreading sites to compromised servers.

TAGS:

DDOS | hacking | Shadowserver | security


Rating:
NOT RATED 0 vote(s) so far    

Read by 527 user(s) | Add comment | Link to this article
Subscribe to news | Print article | Send to friend

© Copyright 2001-2008 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News
| Yesterday's News | News Archive


MORE RELATED ARTICLES:


Faulty Network Card Shuts Down Dublin Airport

How to Come Up with a Super Strong Password

Softpedia Interview: Marketcircle CEO Talks Switching to Mac

Softpedia Linux Weekly, Issue 3

New Trojan Guaranteed to Bypass Detection

US Presidential Candidate to Tackle Cybersecurity

Several SQL Injection Vulnerabilities Discovered in Zoph

iPhone 3G Is in Beta, Says Analyst

How the UN Keeps Its Network Safe

The Spanish Police Warns About Pro-Anorexia Websites

User opinions:


Comment #1 by: Thomas Burling on 11 Aug 2008, 20:16 GMT reply to this comment

Just trying to get the word out. Because of the conflict between Russia and the Republic of Georgia we are getting hammered. We broadcast, for expatriots, three Georgian television stations and a special announcement site for the Georgian President Mikhail Saakashvili (president.gov.ge) if you are carrrying any Georgian based material be careful, we are receiving attacks all across the spectrum, not only on our Georgian websites but all of our issued IPs. Fortunately we have the equipment and technicians who can handle it.
We agreed to host the President's site because Russian hackers had taken down the entire internet in Georgia. These people are nuts. Our techs are getting no sleep at all. It's one thing to attack the .ge site. It is another to take our table out of ARIN and try to take the whole network down.

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 






SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM