Share

Related Links

  • The Smoking Gun
  • Reed Exhibitions Ltd is not responsible for the content of external websites.

Related Stories

Top 5 Stories

News

FBI reveals $600,000-plus Russian DDoS sabotage plot

01 September 2011

The FBI has revealed a wide range of businesses - mostly in the US - have been carefully targetted in a DDoS attack originating from Russia.

According to The Smoking Gun newswire, the FBI is investigating a series of DDoS attacks against a number of key businesses with an online presence, generating losses of more than $600,000.

The newswire says that the FBI’s Cyber Crimes Task Force investigation started late last year after its agents learned that a pair of botnets were behind coordinated assaults on the e-commerce web sites of several firms selling batteries, including batteriesplus.com and batteries4less.com.

An analysis of the attacks revealed that the 'Black Energy' botnets have been scanning and DDoS-ing a number of businesses, with command-and-control servers located in Romania at greenter.ru and globdomian.ru, says the newswire, adding that both domains were registered in Russia last May.

“With the help of Ukraine’s Ministry of Internal Affairs (Department on Combating Cybercrime and Human Trafficking), FBI agents learned that the domains were subscribed in the name of Korjov Sergey Mihalivich, a 30-year-old St. Petersburg man”, notes The Smoking Gun.

Commenting on the reports, Jeff Edwards, a research analyst with Arbor Networks, said that the Black Energy botnet spent about a week attacking the websites of four different online retailers specialising in horse saddles and related gear.

“The week before that, the same botnet was going after three different online merchants of skin care products. And the week before that, it was attacking three different vendors of 'Ed Hardy' brand clothes”, he said.

“This botnet - like others powered by Black Energy - seems to operate in week-long cycles in which they attack a particular set of companies affiliated with the same segment of industry or commerce”, he added.

Edwards went on to say that Arbor has seen this pattern in all kinds of different market segments, including power tools, online pharmacies, online sportsbooks, accountants and wheelchair vendors and, whilst his team has not their resources digging that deeply into the motives behind the attacks, “one (unproven) conjecture is that the botmaster rents out his botnet to people who want to slow down the online competition.”

This article is featured in:
Internet and Network Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×