TheWikiBoat hacker group is targeting large orgs. on May 25. Here's a list of sites they plan to bring down:
11:44 PM - 23 May 12 via web · DetailsPosted by Ronen Kenig on May 23, 2012 in Application Security, Attack Mitigation, DDoS Attacks, HTTP Flood Attacks, Security, Web Application Firewall | 0 comments
Radware’s Emergency Response Team (ERT) releases a new threat alert regarding an upcoming DDoS attack on Friday, May 25th.
Attacker Background:
A new group of hacktivists is on the rise with a planned DDoS attack on some of the world’s largest organizations including Apple, Bank of America, British Telecom and Bank of China (see the full list below). The new group, known as TheWikiBoat, is not related to Anonymous, although they might share the same ideas as Anonymous. The hackers’ team is calling for supporters from around the world to join the attack and to support their actions.
Attack Information:TheWikiBoat is about to launch its operation #OpNewSon on Friday, May 25th, aiming to take down online services for at least 2 hours and to expose sensitive data from the target organizations.
In Operation NewSon, TheWikiBoat group are planning to use the LOIC attack tool for a DDoS with expected thousands of attackers downloading the attack tool and joining the attack. LOIC performs a denial-of-service (DoS) attack, and when used by multiple individuals, it generates a DDoS attack on a target site by generating a multi-vector attack. The LOIC tool floods the server with massive amounts of UDP, TCP and HTTP packets, with the intention to disrupt the online service of the target victim. To read more on LOIC see Radware 2011 Global Application & Network Security Report.
Radware ERT Advice:
Based on the ERT experience, groups such as Anonymous and TheWikiBoat let their supporters use the simple-to-use LOIC tool, but the more sophisticated hackers will use during the attack additional tools to penetrate into the organization systems and get access to sensitive information
Make sure your DoS and DDos protection equipment is properly configured to block the LOIC attack tool and to protect your critical online services from a multi-vector attack on your network and applications.
Radware’s customers are encouraged to contact our support team and to receive immediate assistance from our ERT team. Other prospects and non-Radware customers can contact our ERT through a Radware representative.