VietNamNet Bridge – Some Internet security experts have said they can see many signs of another DDoS attack targeting online newspapers through botnets which have not been discovered, or through the old botnets which have been updated with new control malware.
Local newspapers one day ago joyfully reported that the server which commanded and controlled the hacking to online newspapers was found and neutralized. However, the disaster has not ended yet.
On July 17, Dantri online newspaper posted a piece of news advising readers to update the tool to kill the new malware to fight against DDoS attacks. The users downloading the malware killing tool provided on July 16 need to download the latest version and scan their computers once more.
As such, it is very likely that there exist the new malware pieces which have not been used by hackers in the DDoS attacks in recent days.
A representative of BKAV said it has not received any new information from online newspapers, therefore, it’s still early to come to a conclusion that a new attack has been kicked off.
However, it’s highly possible that hackers use the other undiscovered botnets to launch new attacks.
Nguyen Hong Phuc, a member of HVAOnline, a security forum, has confirmed that a new DDoS attack ha begun. The attack has been conducted by the botnet used in the previous attack which had been updated with the latest version of malware before it collapsed on the morning of July 16.
“The new malware outperforms the old malware piece, and it seems that the hackers have launched the new attack to take revenge,” Phuc said.
According to CMC Infosec, a security firm, while considering the measures to fight against the DDoS attacks to online newspapers recently, internet security agencies found the malware pieces that created botnets, and discovered a malicious piece called Cbot infected by a lot of computers.
Cbot can operate quietly for a long time and it only begins attacks after receiving the command from CC server. Since Cbot operates quietly, it can update with the latest malware versions any time, if it is recognized by anti-virus software.
The repeated DDoS attacks to online newspapers recently have raised big worries among the public. BKAV has released a shocking report that one or two DDoS attacks are conducted every week in Vietnam.
When asked about the capability of Vietnamese websites to fight against the attacks, Nguyen Minh Duc from BKAV said not all companies and agencies can possess the infrastructure systems powerful enough to protect themselves against DDoS, because the systems are very costly.
Therefore, Duc said, if a cyberwar occurred right now with the large scaled DDoS attacks aiming to the important websites in Vietnam, the majority of the websites would get paralyzed.
According to Duc, Vietnam should think of building up a datacenter with very broad bandwidth to fight against the DDoS attacks. He said the existence of a powerful center which serves many different agencies and companies would help strengthen the anti-DDoS systems. Especially, it would allow minimizing the investment costs.
Duc said that such centers have been developed in many countries.
South Korea, for example, has DDoS Boongke, a center in charge with dealing with DDoS attacks.
Buu Dien