The itsoknoproblembro distributed denial of service (DDoS) toolkit threatens web content management systems by infecting servers with malicious PHP scripts. This cybersecurity threat advisory includes profiles of 11 different attack signatures with detailed SNORT rules for DDoS mitigation and detection rules to identify infected web servers (bRobots). The report also includes a free log analysis tool (BroLog.py) that can be used to pinpoint which scripts were accessed, the IP address used and the specific DDoS targets, to aid sanitization efforts.
Throughout the fall of 2012, a very public DDoS campaign emerged that targeted multiple sectors with unprecedented levels of malicious DDoS traffic. The attacks made use of thousands of compromised web servers and a multi-tiered attack-and-control topology.
Attackers made use of vulnerabilities within outdated versions of the applications or exploited public vulnerabilities within third-party plugins or themes.
Servers that contained the itsoknoproblembro toolkit often showed evidence of multiple points of compromise and were being used for multiple malicious purposes, such as spam and phishing. This outcome suggest two possibilities:
In either case, the end result was a large number of zombied web servers that were able to generate in excess of 70Gbps of DDoS traffic at their peak.
Akamai® is the leading provider of cloud services for helping enterprises provide secure, high-performing user experiences on any device, anywhere. At the core of the Company's solutions is the Akamai Intelligent Platform providing extensive reach, coupled with unmatched reliability, security, visibility and expertise. Akamai helps enterprises around the world optimize the web experience with SaaS cloud computing solutions including web application acceleration, mobile and web performance optimization, web media delivery and content delivery network (CDN) services, Akamai's cloud security solutions protect online assets against threats such as SQL Injection and DDoS attacks for maximum information security. Akamai removes the complexities of connecting the increasingly mobile world, supporting 24/7 consumer demand, and enabling enterprises to securely leverage the cloud.