Denial of Service

China retail news reports that Yeepay, a Chinese online payments provider suffered a major denial of service attack. The story seems to be big in China, but hardly made it to the west.

Update (Jan 13^th 2009) - Ynet, an Israeli paper, reports that many of the sites defaced where actually DNS hijacked following a break-in to the servers of DomainTheNet, an Israeli registrar. And just like other recent DNS hijacking incidents, the fault was lack of sufficient authentications and the hackers got hold of passwords to the administration system.

Update (January 12^th 2009) An Ukrainian hacker who who was a member of the TJX hack ring was sentenced to 30 years in jail by a Turkish court. According to investigation papers Maksym Yastremskiy made approximately 11 million dollars from the hack!

The TJX breach is one of most publicized hacking incident in recent years. However, until now it was not part of the Web Hacking Incidents Database. And for a good reason: early report described the hack as a war driving hack, in which the attackers drive around and find a wireless network not properly secured.

However new information from the trial of the identity theft ring leader Albert Gonzalez, reveals that in order to penetrate TJX data center from the captured end points, the hackers employed different techniques including password sniffing and SQL injection. The later justifies getting the TJX incident for the 1st time into WHID.

Additional information:

• Network World, June 8th 2008

The web site of RIAA, the Recording Industry Association of America was attacked twice using SQL injection over the weekend. First a query that takes particularly long time was posted on a social network web site causing a distributed denial of service attack against the site. Later on hackers found and abused additional SQL injection and XSS vulnerabilities resulting in major defacement of the site.

Additional information:

Seems that the there is a new trend to disrupt on line bidding using denial of service attacks. In this case, an auction for 37 very expensive watches was halted 20 minutes before the end as the site crashed, in what official sources describe as a hacker attack that did not result in a site compromise.

Additional information:

• Hacker halts Rivkin auction of 37 watches [Herald Sun, Nov 5 2007]

The site of the Rockies was taken down by a denial of service preventing fans from buying tickets for the World Series games.

Like any DDoS attack, it is very hard to know if it was an application layer or network layer attack, but since this attack had a very significant financial impact by crippling a web site, we think it deserve a place in WHID.

Additional information:

Teen convicted of threatening an ISP with DOS attack, among other computer hacking activities

Additional information:

• Massachusetts Teen Convicted for Hacking into Internet and Telephone Service Providers [Press Release, Sep 8 2005]