[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Host.us DDOS attack -and- related conversations
Apologies to all as the hostname in my subject is incorrect.
It should be hostus.us...
On Wed, Aug 3, 2016 at 10:25 AM, Robert Webb <rwfireguru at gmail.com> wrote:
> Not sure if it is related to the PokemonGO or not. This started around
> 23:00 EDT last night per my monitoring.
>
> Seems like a pretty big attack at 300Gbps and to also temporarily take a
> down a Tier 1 POP in a major city.
>
> I was interested as to if this might be a botnet or some type of
> reflection attack.
>
>
> Robert
>
> On Wed, Aug 3, 2016 at 10:16 AM, Alain Hebert <ahebert at pubnix.net> wrote:
>
>> Well,
>>
>>
>> Could it be related to the last 2 days DDoS of PokemonGO (which
>> failed) and some other gaming sites (Blizzard and Steam)?
>>
>>
>> And on the subject of CloudFlare, I'm sorry for that CloudFlare
>> person that defended their position earlier this week, but there may be
>> more hints (unverified) against your statements:
>>
>> https://twitter.com/xotehpoodle/status/756850023896322048
>>
>> That could be explored.
>>
>>
>> On top of which there is hints (unverified) on which is the real bad
>> actor behind that new DDoS service:
>>
>>
>>
>> http://news.softpedia.com/news/pokemon-go-ddos-attacks-postponed-as-poodlecorp-botnet-suffers-security-breach-506910.shtml
>>
>>
>> And I quote:
>>
>> "One thing LeakedSource staff spotted was that the first payment
>> recorded in the botnet's control panel was of $1, while payments for the
>> same package plan were of $19.99."
>>
>> ( Paypal payments btw )
>>
>>
>> There is enough information, and damages, imho, to start looking for
>> the people responsible from a legal standpoint. And hopefully the
>> proper authorities are interested.
>>
>> PS:
>>
>> I will like to take this time to underline the lack of
>> participation from a vast majority of ISPs into BCP38 and the like. We
>> need to keep educating them at every occasion we have.
>>
>> For those that actually implemented some sort of tech against
>> it, you are a beacon of hope in what is a ridiculous situation that has
>> been happening for more than 15 years.
>>
>> -----
>> Alain Hebert ahebert at pubnix.net
>> PubNIX Inc.
>> 50 boul. St-Charles
>> P.O. Box 26770 Beaconsfield, Quebec H9W 6G7
>> Tel: 514-990-5911 http://www.pubnix.net Fax: 514-990-9443
>>
>> On 08/03/16 09:41, Robert Webb wrote:
>> > Anyone have any additonal info on a DDOS attack hitting host.us?
>> >
>> > Woke up to no email this morning and the following from their web site:
>> >
>> >
>> >
>> > *Following an extortion attempt, HostUS is currently experiencing
>> sustained
>> > large-scale DDOS attacks against a number of locations. The attacks were
>> > measured in one location at 300Gbps. In another location the attacks
>> > temporarily knocked out the entire metropolitan POP for a Tier-1
>> provider.
>> > Please be patient. We will return soon. Your understanding is
>> appreciated.
>> > *
>> >
>> >
>> > >From my monitoring system, looks like my VPS went unavailable around
>> 23:00
>> > EDT last night.
>> >
>> > Robert
>> >
>>
>>
>