Hackers Now Using Crippling Ad Networks for DDoS

There are crippling ad networks used today to infect computers. Hackers have developed a new way of advertising using Distributed Denial-of-Service (DDoS).

It is now a daily occurrence to find these online malicious malware targeting internet computer users. Interestingly, hackers have advanced in their knowledge and they can now launch a DDoS attack through the networks which is both malicious and severe.

It is now a daily occurrence to find these online malicious malware targeting internet computer users. Interestingly, hackers have advanced in their knowledge and they can now launch a DDoS attack through the networks which is both malicious and severe.

A tech team at CloudFlare which is mandated with the mitigation of DDoS discovered a wide spread attack recently. The team believes that this attack gave birth to a number of hacker ads which targeted browsers and mobile device apps.

According to a report released by the CloudFlare team, unique Internet Protocol (IP) addresses numbering to more than 650,000 mostly located in China were used to make over 275,000 HTTP requests per second. This phenomenon attack was directed to one of the company’s esteemed clients.

The attackers using DDoS are sophisticated and psychologically savvy. They will make these HTTP requests to look like they are coming from a genuine browser rather than scripts or malware. A closer look into the source of these attacks suggested that close to 80% of them were originating from tablets and Smartphones.

Surprisingly, the referrer for these malicious requests happened to be an attack page which had many ads. These ads embedded Java Script Code which then loaded an additional script from other unknown domains. It is the secondary script which commandeered the browser. The browser then formulates Ajax (XHR) cross-origin calls to the victim’s site in a loop.

According to one of the CloudFlare DDoS team expert, Marek Majkowski, it is puzzling why so many mobile devices went to see this attack page. He, however, observes that the most probable distribution vector is that it was an ad network. Internet users were invited to click or visit corrupted Java Script ads. It is then likely that ads appeared in apps section such as iFrames or just popped up in mobile browsers.

Share this post

Share on facebook
Share on twitter
Share on linkedin
Share on print
Share on email