Monday, September 28, 05:06
Home security FBI: New DdoS attacks using CoAP, WS-DD, ARMS, Jenkins

FBI: New DdoS attacks using CoAP, WS-DD, ARMS, Jenkins

FBI

The FBI announced last week that some new network protocols are used to implement DdoS attacks big scale.

The FBI alert lists three network protocols and one web application as a DdoS attack carriers.

The list includes CoAP (Constrained Application Protocol), the WS-DD (Web Services Dynamic Discovery), the ARMS (Apple Remote Management Service) and software Jenkins.

Three of the four (CoAP, WS-DD, ARMS) have already been abused to carry out mass DDoS attacks, the FBI said.

COAP

In December 2018, malicious hackers began to abuse his features Constrained Application Protocol (CoAP) to carry out DDoS "reflection" and "amplification" attacks.

WS-DD

In May and August 2019, cybercriminals began exploiting the protocol Web Services Dynamic Discovery (WS-DD) to accomplish more than 130 DDoS attacks. Later that year, several researchers security they said increase in the exploitation of non-standard IoT protocols and devices with incorrect configuration to enhance DDoS attacks. The Appliances IoTs are attractive targets because they use the protocol WS-DD to automatically detect new devices connected to Internet and are close by. As of August 2019, there were 630.000 exposed IoTs Appliances with the WS-DD protocol enabled.

ARMS

In October 2019, the hackers took advantage of Apple Remote Management Service (ARMS), part of the Apple Remote Desktop (ARD), to perform DDoS attacks.

JENKINS

In February 2020, researchers security of the United Kingdom located a vulnerability in embedded Jenkins server protocols, used to support the software development process and which could be exploited by hackers to perform DdoS amplification attacks. The researchers calculated that hackers could use vulnerable Jenkins servers to enhance traffic to systems of victims up to 100 times.

DDoS

FBI experts believe that these new threats DDoS will continue to be used further to cause downtime and other problems.

The purpose of the FBI alert is to warn American Companies for the impending danger so that they can invest in DdoS attack systems.

The FBI says that because these newly discovered DDoS carriers are network protocols that are necessary for Appliances in which they are used (IoT devices, smartphones, Macs), device manufacturers are unlikely to remove or disable protocols on their products. Therefore, the danger he is big.

"In the near future, the Criminals will likely take advantage of the growing number of devices with built-in network protocols (enabled by default) to create botnets capable of performing malicious attacks "DDoS," the FBI said.

So far, these four attackers have been used sporadically, but industry experts expect them to be used more and more often.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Digital Fortress
Digital Fortresshttps://www.secnews.gr
Pursue Your Dreams & Live!

LIVE NEWS

How to perform actions by tapping on the back of your Android phone

Gestures and shortcuts allow you to quickly access things without having to go through apps and menus. What's up...

iOS 14: The long-awaited new features!

The annual Apple iPhone update, iOS 14, is here, and in addition to the new privacy and security features there are many more.

Business - COVID-19: Storage in the cloud VS data centers!

The COVID-19 pandemic has changed the data for companies worldwide, with the result that they have to change both ...

How to use the Apple Translate App on your iPhone?

Apple's Translate app, introduced in iOS 14, allows iPhone users to do ...

How to turn off private Wi-Fi MAC addresses

Apple has changed the way the iPhone and iPad connect to Wi-Fi networks starting with the iOS 14 and iPadOS 14 updates ....

Mac: See how to rename multiple files at once!

Many people have more difficulty renaming files on a Mac than renaming Windows. The Finder of ...

How can you control the performance of your Chromebook?

Many times users wonder about the performance of their computer and would like to be able to take a look at the system ...

How To Detect Hidden Surveillance Cameras With Your Phone

During our holidays or on business trips, we are forced to stay in hotels or Airbnb ....

How to play the hidden game of Android 11

Google usually includes the so-called "Easter Eggs" in every new version of Android that is released. And Android 11 is not ...
00:01:49

Ring: Amazon's new device is a drone with a security camera

Amazon is ready to launch a new Ring security camera mounted on top of a flying drone.