Users recently attacked a prominent security journalist, Brian Krebs, who runs the site KrebsonSecurity. Krebs is best known for revealing some of the most intrusive attacks on U.S. companies lately, including attacks against Home Depot, Target and Neman Marcus.
Attackers employed an unprecedented denial of service (DDoS) attack against Krebs’ website, launching as much as 620 Gbps at the site, which remained online during one of “the biggest assaults the internet has ever witnessed,” Krebs said. Krebs explained that sort of data is “many orders of magnitude more traffic than is typically needed to knock most sites offline.”
He suspects a botnet of devices was responsible.
“There are some indications that this attack was launched with the help of a botnet that has enslaved a large number of hacked so-called ‘Internet of Things,’ (IoT) devices — routers, IP cameras and digital video recorders (DVRs) that are exposed to the Internet and protected with weak or hard-coded passwords,” Krebs explained, showing yet again the importance of security for devices that seem harmless.
Krebs suspects that the attack may be a response to a story earlier this month in which he named two potential attackers. Those attackers sold DDoS attacks for cash, so it seems to link up pretty well. His article led to the arrest of two men, including one who uses the handle “applej4ck.” The string “freeapplej4ck” appeared inside packets intercepted during the DDoS attack on Krebs’ site.
“I can’t say for sure, but it seems likely related.”