Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
Security Power

DDoS Attacks Shifting To VPS Infrastructure For Increased Power (bleepingcomputer.com) 5

Posted by BeauHD from the small-but-mighty dept.
Hyper-volumetric DDoS (distributed denial of service) attacks in the first quarter of 2023 have shifted from relying on compromised IoT devices to leveraging breached Virtual Private Servers (VPS). BleepingComputer reports: According to internet security company Cloudflare, the newer generation of botnets gradually abandoned the tactic of building large swarms of individually weak IoT devices and are now shifting towards enslaving vulnerable and misconfigured VPS servers using leaked API credentials or known exploits. This approach helps the threat actors build high-performance botnets easier and often quicker, which can be up to 5,000 times stronger than IoT-based botnets.

"The new generation of botnets uses a fraction of the amount of devices, but each device is substantially stronger," explains Cloudflare in the report. "Cloud computing providers offer virtual private servers to allow start ups and businesses to create performant applications. The downside is that it also allows attackers to create high-performance botnets that can be as much as 5,000x stronger." Cloudflare has been working with key cloud computing providers and partners to crack down on these emerging VPS-based threats and says it has succeeded in taking down substantial portions of these novel botnets.
This discussion has been archived. No new comments can be posted.

DDoS Attacks Shifting To VPS Infrastructure For Increased Power More

DDoS Attacks Shifting To VPS Infrastructure For Increased Power

Comments Filter:
  • and should be rewritten to make it protect us from companies in the online space having rules that conflict with it. As to those of you who have the ideology that it's their property, they should be allowed to do what they want. Yeah well that's just like, your opinion man. Entirely subjective. I'd love the ability to vindictively knock facebook offline because they chose to put me in a 30 day lockdownand pay a DDOS as a service to do it. Good thing too I know which VPN providers take privacy seriously a

  • Grammar (Score:2, Informative)

    by Anonymous Coward

    The new generation of botnets uses a fraction of the amount of devices

    "Number," not "amount." How are they going to take over the world when they don't even know the difference between countable and mass nouns?

  • Many Spammers use cheap VPS (Score:1)

    by Anonymous Coward

    According to spam logs I see, many spammers use cheap VPS providers. I'll google search the spammer's sending IP address to find the ASN number of the VPS provider. I'll then blocklist all the IP subnets of that ASN number. So far, I've very significantly decreased spam, and in 2 years have only had 1 legit small partner that was blocked. For that single partner, I allowlisted the partner's sender From: domain, and still blocked all other domains from the VPS they use.

  • Easily observed (Score:3)

    by null etc. ( 524767 ) on Thursday April 13, 2023 @11:32AM (#63446772)

    Spin up a new VPS instance, and one of the first things you'll see is hundreds to thousands of invalid SSH login attempts. Hackers are an inseparable part of the cloud ecosystem.

Slashdot Top Deals

Don't panic.

Close