[ISN] New DDoS Botnet Hits Nearly 200 Websites

From: InfoSec News <alerts_at_private>
Date: Mon, 30 Aug 2010 00:36:08 -0500 (CDT)
http://www.darkreading.com/database_security/security/attacks/showArticle.jhtml?articleID=227100032

By Kelly Jackson Higgins
DarkReading
Aug 26, 2010 

A new botnet built for knocking websites offline has attacked mostly 
Chinese and some U.S. sites, according to researchers.

About 90 percent of the command and control servers running YoyoDdos, 
the nickname given the botnet by researchers at Arbor Networks who have 
been studying and tracking it, have IP addresses in China, and 
two-thirds of its victim websites are out of China. The botnet has 
attacked around 180 websites so far, including 32 in the U.S.

"It is a pretty active botnet," says Jeff Edwards, a research analyst 
with Arbor who has been analyzing the botnet, which first appeared in 
Arbor's honeypot servers back in March. "We've detected a lot of attacks 
coming out of it ... [around] ten unique victims a day."

The malware itself isn't particularly sophisticated, however. "It's 
pretty typical of a lot of malware we see," he says. "It's a fairly 
non-sophisticated piece of malware, but effective."

[...]


_______________________________________________________      
Subscribe to InfoSec News - www.infosecnews.org
http://www.infosecnews.org/mailman/listinfo/isn
Received on Sun Aug 29 2010 - 22:36:08 PDT

This archive was generated by hypermail 2.2.0 : Sun Aug 29 2010 - 22:45:28 PDT