The campaigns fueled by this toolkit are difficult to mitigate
Experts from Prolexic Technologies – a security company that specializes in distributed denial-of-service (DDOS) protection services – claim that this type of attacks have not only increased in size, but they’ve also reached a new level of sophistication.DDOS attacks have caused a lot of problems for organizations in the past period. In September, we learned that the sites of several financial institutions from the United States were disrupted as a result of such operations.
Prolexic found that many of the recent attacks against their customers relied on the itsoknoproblembro DDOS toolkit. By combining the toolkit’s capabilities with other sophisticated methods, the cybercriminals have been able to launch attacks that are difficult to mitigate even for specialized firms.
The security firm has recorded massive sustained floods, some of which peaked at 70 Gbps and over 30 million pps.
Itsoknoproblembro includes a number of application layer and infrastructure attack vectors, such as UDP and SSL encrypted attack types, SYN floods, and ICMP.
A noteworthy fact about the attacks launched with this particular DDOS toolkit is that the botnet that powers it contains a large number of legitimate IP addresses. This allows the attack to bypass the anti-spoofing mechanisms deployed by companies.
“What we are experiencing is a dramatic uptick in the size and sophistication of DDoS attacks to a level not previously observed. Only a handful of companies around the world could survive a hit of 70 Gbps in conjunction with the complex blend of attack vectors we have witnessed,” explained Prolexic Chief Executive Officer Scott Hammack.
“The size and sophistication of this threat has created a high-alert within various industries and with good reason. I’m proud to say we’ve successfully mitigated multiple itsoknoproblembro campaigns throughout the year, even when attack vectors have continuously modulated during the course of the assault.”