Twitter DDoS Attack Takes Twists and Turns
The fallout from the distributed denial-of-service attack that hit several Web 2.0 sites Aug. 6 has taken a couple of twists and turns.
Besides knocking out
Twitter for a time on the Aug. 6, the attack triggered a response from the
company that a day later disrupted service for some users. According
to Twitter, its defensive measures blocked some Twitter clients from
communicating with Twitter's
If that wasn't enough, researchers at McAfee found attackers have begun leveraging interest in the situation to spread malware by using search engine optimization techniques to lure users into clicking on search results leading to malicious sites.
All this because of an apparent act hacktivism targeting a pro-Georgian blogger named "Cyxymu."
"It's not surprising that
political motivation is mentioned where major DDoS attacks are concerned, as
many services now play key roles in politically charged events," said Chris
Boyd, director of research at FaceTime Security Labs. "However, it's important
not to get carried away with 'the Reds under the bed' way of thinking-recent
attacks on key
What is known is that the
attack hit Facebook, Twitter, YouTube, Fotki and LiveJournal. Researchers are
still on the trail of whoever was behind it, but have determined the attack
packets sent to the Websites were requests to fetch pages hosted for the
blogger, who reportedly had just recently blogged about the upcoming
anniversary of the war between
Between this incident and
the recent DDoS attacks targeting both public and commercial Websites in the
"When under attack, there are a variety of mitigation techniques; most are specific to the type of DDoS attack," he said. "Use technologies, including firewalls and routers, to block or redirect IP addresses and types of traffic. Involve others, the ISP and perhaps the ISPs of attacking clients. Web admins can add the additional IP addresses they have in reserve and move services off the attacked servers."
There isn't too much end users can do, but they should steer clear of any sites affected by a DDoS while it's going on.
"Computer users are also encouraged not to visit sites that are rumored to be under a DDoS attack for the sole purpose of seeing what happens," he said. "This -rubbernecking' type of activity, similar to that which happens when there is an accident on the freeway, only causes an increase in traffic to the site, which will only delay access to the Website even longer and prolong the attack."