More detection made of DDoS attacks

News by Dan Raywood

Further claims have been made about distributed denial of service (DDoS) attacks becoming more prevalent.

Further claims have been made about distributed denial of service (DDoS) attacks becoming more prevalent.


Jose Nazario, manager of security research at Arbor Networks, claimed that he had ‘been busy in the community watching some DDoS events unfold'. Pointing to a large amount of discussion on DDoS on micro-blogging site Twitter, Nazario pointed to four attacks in just over a week from 30th March to 7th April.


Nazario said: “We have data on some of these attacks but not all, and we're actively looking for commands and controls in all cases. What's interesting is the major services they're hitting. There's no apparent gain here, but definitely some widespread impact.


“It amazes me that I'm still talking about this problem over ten years after I first started looking at it, prior to me coming to Arbor.”


He also referred to the recent story where a Russian newspaper claimed that attacks on, and others are evidence of Conficker stepping it up its activities.


Nazario claimed that there was ‘no obvious reason' for Conficker to be blamed for the attacks, and said: “It turns out that I was characterising a new (to me) DDoS bot codebase we have dubbed ‘Votwup' and it's responsible for at least some of the attacks.


“It would be difficult to confuse this malware with Conficker, and it has its own little dropper. In this case once the bot is dropped it checks into a website with its UID and version and gets back a Base64 encoded command. When this is decoded using Base64, the address is ddl="

Nazario concluded that most of the Votwup commands and controls Arbor has classified so far are dead.






Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming event 

Webcast: Understanding this year's biggest adversaries - and how to combat them 

Nation-state activity, versatile, slippery strategies and Big Game Hunting - the threats are real, dangerous and ever changing. 
Brought to you in partnership with Crowdstrike