Botnet Flaw Lets Researchers Disrupt Attacks

Trailrunner7 writes "A team of researchers has discovered a weakness in the command-and-control infrastructure of one of the major DDoS toolkits, Dirt Jumper, that enables them to stop attacks that are in progress. The discovery gives the researchers the ability to access the back-end servers that control the attack tool, as well as the configuration server, and key insights into the way that the tool works and how attackers are using it. Dirt Jumper is not among the more well-known of the DDoS attack toolkits, but it's been in use for some time now and has a number of separate iterations. The bot evolved from the older RussKill bot over time, and various versions of the tool's binary code and back end configuration files have been made public. Researchers have watched as the bot has been used in attacks around the world against a variety of targets, and now they've been able to find a crack in the malware's control infrastructure."