According to this study, 82% of attacks last less than 4 hours. In terms of bandwith volume, 34% clock in at between 100 MB’s to 1 GB’s, and only 5.3% exceed the 10 GB/s mark.
A 1 GB/s denial-of-service attack is strong enough to take down most of the websites out there, since their data hosting simply doesn’t offer enough bandwith to keep the site online.
After infecting a device, Momentum attempts to achieve persistence by modifying the “rc” files; then it joins the command and control (C&C) server and connects to an internet relay chat (IRC) channel called #HellRoom to register itself and accept commands. The IRC protocol is the main method of communication with the command and control (C&C) servers. The botnet operators can then control infected systems by sending messages to the IRC channel.
One of the biggest ever recorded was the Mirai botnet attack in Autumn 2016, coming at over 1 terrabytes per second. It overwhelmed the Dyn DNS provider, and then the effect cascaded, temporarily taking down major websites such as Reddit or Twitter.
Nowadays, even beginner hackers who can’t even code to save their life (called script kiddies) have access to big and powerful botnets-for-hire that can flood a target with 100 GB/s. This type threat isn’t going away, quite the contrary. Quite the contrary, it will only become powerful and widely accessible than before.
No comments:
Post a Comment