DDOS

The Kraken botnet, believed by many to be the single biggest zombie network until it was dismantled last year, is staging a comeback that has claimed almost 320,000 PCs, a security researcher said.

Since April, this son-of-Kraken botnet has infected an estimated 318,058 machines - about half as big as the original Kraken was at its height in the middle of 2008, according to Paul Royal, a research scientist at the Georgia Tech Information Security Center.

Like its predecessor, the new botnet is a prodigious generator of spam, with a single machine with average bandwidth able to send more than 600,000 junk mails per day.

After an international take-down effort, a rogue ISP responsible for controlling large numbers of computers infected with data-stealing code is down for the moment, but it may be reconnecting with the Internet, according to security researchers.

Troyak, which is believed to be based in eastern Europe, was knocked offline earlier this month after other networks supplying its connectivity to the Internet stopped carrying its traffic due to complaints it was complicit in cybercrime.

Since then the network has fought a cat-and-mouse game with network providers in 12 countries and international law enforcement, according to Jart Armin, the pseudonymous editor of the Hostexploit.com Web site, which has been involved in the action.

Recently a DDoS attack hit various services provided by Amazon which left many users wanting to access its various web based services.

Arbor Networks Jose Nazario gives an upate on the Estionan cyberwar over at Techrepublic.

He states:

"We do see attacks against big corporations and big governments, and if you look at those attacks, some of them are probably politically motivated as a way of speaking out. I don't think this is going to become as common as seeing people on the streets. But it's something that some governments have to consider much more than I think they needed to five years ago."

The Estonian Cyberwar has a positive side! Finally politicians are getting the message that Cyberterrorists will use all means to take out a country.

Seems EU and Nato is receiving the message from the Cybercriminals. It is in due time. Internet has been a great source of information, and provides a perfect communication tool. Add to it the ease of attacking and exploiting users, companies and now countries, and you really start wondering why the governments has been so slow understanding the risk.

According to Infoworld, Estonia recieves help from NATO to trace the DDOS attacks. They are now recovering.

The attacks are traced to many different countries - US, Canada, Brazil amongst others. I wonder where is the surprise? After all, the first D in DDOS is Distributed. As in different locations, computers, countries. Doing so makes it hard to trace the attack, and easy to take down services in a cheap manner as there is no need for the attacker to invest in a large amount of equipment. Just spread the bots using virus, trojans and worms. Manage the bots through different relays and stay hidden.

What called the attack? The moving of a statue in downtown Tallinn. In other words, what most of us would think as nothing worth caring about. Obviously, someone disagrees.