Articles tagged "DDoS"

Found 60 articles

A recent study by JFrog revealed that 148 npm packages masqueraded as student proxy tools, turning users' browsers into a distributed denial-of-service (DDoS) botnet for about two weeks in May. These packages did not target developers but instead leveraged the npm registry to host a malicious proxy site, attracting students looking to bypass restrictions. Once installed, the packages allowed attackers to harness the computing power of visitors' browsers to launch DDoS attacks. This incident raises concerns about the security of open-source package repositories and highlights the potential risks for users who may unknowingly install compromised software. Developers and users alike need to be vigilant about the packages they choose to install to avoid becoming part of such attacks.

Read Original

A new malware called RustDuck is actively hijacking various devices, including home routers, IP cameras, Android boxes, and poorly secured servers. The malware operates in two stages and connects these compromised devices into a botnet designed to launch Distributed Denial of Service (DDoS) attacks, effectively taking websites and online services offline. Researchers from QiAnXin's XLab have been monitoring RustDuck since February 2026 and note that its rapid evolution is particularly concerning. This highlights the vulnerability of consumer devices and poorly secured servers, which can be easily exploited by attackers. Users and organizations need to ensure their devices are secured to prevent becoming part of such a botnet.

Read Original

A new type of malware called AryStinger is infecting legacy home routers, turning them into a distributed reconnaissance and proxy network. Researchers from QiAnXin's XLab have identified at least 4,300 infected routers, and that number is likely to grow. Unlike typical malware that creates a DDoS botnet, AryStinger is designed for the reconnaissance phase of an attack, gathering information before any actual intrusion occurs. This shift in tactics poses a significant risk as attackers can use these compromised devices to gather sensitive data about potential targets without raising alarms. Home users and organizations relying on older routers could find themselves vulnerable if these devices are compromised.

Read Original

DDoS attacks are now being commercialized as subscription services, with various pricing tiers and support options available. This change has transformed the DDoS landscape from a collection of basic tools into sophisticated platforms that can be accessed more easily by malicious actors. The article discusses how these services allow even those with limited technical skills to launch large-scale attacks against targeted websites or services. This trend poses a significant risk to businesses and organizations, as the accessibility of these services means that anyone can potentially disrupt online operations for a relatively low cost. The growing prevalence of DDoS-as-a-Service not only complicates the security landscape but also raises concerns about the potential for increased cybercrime.

Read Original

Dutch authorities have successfully dismantled a large botnet that had infected around 17 million devices. The operation involved taking down over 200 servers from a local hosting provider that were crucial to the botnet's functionality. This action is significant as such botnets can be used for various malicious activities, including launching distributed denial-of-service (DDoS) attacks and distributing spam or malware. The disruption not only impacts the cybercriminals behind the botnet but also helps protect the millions of devices that were compromised. By targeting the infrastructure supporting these attacks, the Dutch government aims to enhance overall internet security and reduce the risk of further exploitation of infected devices.

Read Original

Security firms have successfully disrupted the GlassWorm botnet by taking down all four command-and-control channels that the malware relied on. This operation is significant because botnets like GlassWorm can be used by attackers for various malicious activities, such as launching distributed denial-of-service (DDoS) attacks or spreading other malware. By dismantling these C&C channels, researchers have reduced the botnet's ability to control infected devices, which is a win for cybersecurity efforts. This disruption not only impacts the operators of the botnet but also protects potential victims from being exploited. As the threat landscape evolves, ongoing vigilance against such malware remains crucial for both individuals and organizations.

Read Original
Actively Exploited

During the Milano Cortina 2026 Winter Games, which took place from February 6 to February 23, there was a significant increase in Distributed Denial of Service (DDoS) attacks. Researchers reported that the volume of attacks surged to six to ten times higher than historical levels, with a notable peak of over 2,200 attacks occurring on February 23. This spike in activity indicates that attackers were likely targeting the event's online infrastructure, which could disrupt services for attendees and viewers. The surge in DDoS attacks during such a high-profile event raises concerns for organizations involved in the games, as they need to bolster their cybersecurity measures to protect against these disruptions. Ensuring the integrity of digital platforms is crucial for both the event's success and the safety of participants and spectators.

Read Original

A DDoS attack has disrupted services for Ubuntu and Canonical, with the hacktivist group known as The Islamic Cyber Resistance in Iraq 313 Team claiming responsibility. They reportedly employed a DDoS-for-hire service named Beamed to carry out the attack. This incident highlights the vulnerabilities of major tech platforms to such attacks, which can lead to significant service outages and impact users relying on these systems. The ongoing nature of the attack suggests that it could continue to affect services for an indefinite period, raising concerns about the security and resilience of online infrastructure. Users and organizations relying on Ubuntu and Canonical services should be aware of potential disruptions and consider contingency plans.

Read Original
Critical
Hackers Use Jenkins Access to Deploy DDoS Botnet Against Gaming Servers

Hackread – Cybersecurity News, Data Breaches, AI and More

Actively Exploited

Hackers are exploiting poorly configured Jenkins servers to launch a distributed denial-of-service (DDoS) attack against gaming servers, particularly targeting infrastructure associated with Valve Corporation. This attack leverages the Jenkins automation server, which is often used for continuous integration and deployment. Misconfigurations in these servers make it easier for attackers to gain unauthorized access and deploy their botnets. The implications are significant for gamers and the gaming industry, as DDoS attacks can disrupt services and lead to extended downtimes. Companies operating gaming platforms need to ensure their Jenkins servers are properly secured to mitigate the risk of such attacks in the future.

Read Original
Actively Exploited

A Brazilian tech company, which specializes in DDoS protection, has been implicated in enabling a botnet that has targeted other internet service providers in Brazil with massive DDoS attacks. The CEO of the firm claims that these attacks stemmed from a security breach and suggested that a rival company might be behind the malicious activities to damage his firm's reputation. This situation raises serious concerns about the integrity of cybersecurity firms and their ability to protect clients. It also highlights the potential for internal issues or competition to lead to significant disruptions in the tech industry. The ongoing attacks could impact the reliability of internet services for many users and businesses in Brazil.

Read Original
Actively Exploited

A new campaign linked to the Mirai malware is exploiting a serious command-injection vulnerability in D-Link DIR-823X routers, identified as CVE-2025-29635. This vulnerability allows attackers to take control of the routers and integrate them into a botnet. Users of these routers are at risk as their devices can be hijacked for malicious purposes, including launching distributed denial-of-service (DDoS) attacks. This situation is particularly concerning since the affected routers are at the end of their life cycle, meaning they are unlikely to receive security updates. It’s crucial for users to be aware of this exploit and take necessary precautions to secure their networks.

+1 more
Read Original
Actively Exploited

Mastodon experienced a significant DDoS attack shortly after Bluesky faced a similar disruption. Both platforms, which serve as decentralized social networking sites, were temporarily knocked offline due to these attacks. Mastodon managed to restore its services within a few hours, but the timing of these incidents raises concerns about the security of emerging social media platforms. DDoS attacks can severely impact user experience and trust, making it crucial for these services to enhance their defenses against such threats. Users and developers alike should remain vigilant as these incidents highlight the ongoing challenges in securing online communication tools.

Read Original
Actively Exploited

Mastodon, a popular decentralized social media platform, recently experienced a significant DDoS (Distributed Denial of Service) attack that resulted in a major outage. The attack disrupted services for users, but the Mastodon team managed to mitigate the impact within just a few hours. This incident follows a similar attack on Bluesky, another social media platform, raising concerns about the security of these emerging online spaces. DDoS attacks can overwhelm servers with traffic, making services unavailable to legitimate users, which can erode trust and lead to user migration. The quick response from Mastodon demonstrates their commitment to maintaining service availability, but it also highlights the ongoing risks faced by platforms that rely on decentralized architectures.

Read Original
Critical
Bluesky Back Online After DDoS Attack, as Iran-Linked 313 Team Takes Credit

Hackread – Cybersecurity News, Data Breaches, AI and More

Actively Exploited

Bluesky, a social media platform, experienced a significant disruption due to a DDoS attack that lasted approximately 24 hours. The attack was claimed by a group known as the 313 Team, which is linked to Iran. Fortunately, the company reported that no user data was compromised during the incident. This attack raises concerns about the vulnerability of online platforms to such disruptions, especially as geopolitical tensions can lead to cyberattacks targeting specific services. Users and organizations that rely on Bluesky for communication and engagement should remain vigilant about potential future attacks.

Read Original
Actively Exploited

Mastodon, a decentralized social media platform, experienced a distributed denial-of-service (DDoS) attack that began early Monday morning. The attack disrupted the functionality of its flagship server, impacting users who rely on the platform for communication and social interaction. Mastodon confirmed that they were investigating the incident around 7 a.m. ET. DDoS attacks can overwhelm a server with traffic, making it unavailable to legitimate users, which raises concerns about the platform's reliability and security. This incident highlights the ongoing challenges that online services face in protecting against cyber threats.

Read Original
Page 1 of 4Next