[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ISN] DDoS attacks fall as crackers turn to spam
By John Leyden
2nd May 2007
Denial of service attacks are falling out of favour with black hat
hackers because using compromised machines to send spam is a more
lucrative - and less risky - way of making money illicitly.
Networks of compromised PCs can be used for purposes including relaying
junk mail or flooding targeted websites with spurious traffic.
Symantec reckons the noticeable fall in denial of service attacks it
witnessed in the second half of 2006 is down to the growing difficulty
in launching such attacks, and getting victims to pay up even if these
assaults are successful. Stealthier misuse of compromised PCs - such as
sending spam - poses far less risk, the security firm argues.
Symantec recorded an average of 5,213 denial of service (DoS) attacks
per day in the second half of 2006, down from 6,110 in the first half of
last year. The US was the target of most DoS attacks accounting for 52
per cent of the worldwide total.
"DoS attacks are loud and risky. Whenever a bot-network owner carries
out a denial of service attack they run the risk of losing some of their
bots. This could happen either because an attacking computer is
identified and disinfected, or if it is simply blocked by its ISP from
accessing the network," Symantec researcher Yazan Gable notes in a
posting to Symantec's Security Response Weblog.
Gable adds that the "up-front" costs in setting up a botnet before any
hope of payment, as well as the possible loss of an entire bot network
if a command and control server is identified, also act as a deterrent.
"It is likely that bot network owners are now moving away from DoS
extortion and towards more lucrative ventures like spam. Not
surprisingly, we saw a noted increase in spam volumes in the last six
months of 2006," he added.
Subscribe to InfoSec News