Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Mobile-based DDoS Attacks Create Mitigation Challenges: Report

According to a new report from Prolexic Technologies, a provider of Distributed Denial of Service (DDoS) protection services that was recently acquired by Akamai Technologies, mobile applications are being increasingly used in DDoS attacks and are creating mitigation challenges.

According to a new report from Prolexic Technologies, a provider of Distributed Denial of Service (DDoS) protection services that was recently acquired by Akamai Technologies, mobile applications are being increasingly used in DDoS attacks and are creating mitigation challenges.

Prolexic said that data gathered from attacks against its customers during Q4 shows that mobile devices participated in a DDoS attack campaign against a global financial services firm.

This should not be surprising, and mobile devices are not an entirely new DDoS attack vector. However, mobile-based DDoS attacks are important to pay attention to based on some of the mitigation challenges they create.

Mobile DDoS AttacksBased on analysis of recent attacks by Prolexic’s team, and Android-based tool called AnDOSid was used, which performs an HTTP POST flood attack.

This is not the first time mobile devices have been used as a platform to launch DDoS attacks.

DDoS attacks have become a favorite weapon of hacktivists over past few years, and while most attacks are launched from an army of PCs, some tools have worked their way over to mobile devices. In February 2012, researchers at McAfee found an Android version of the infamous Low Orbit Ion Cannon (LOIC).

LOIC was originally developed by “good guys” to stress test websites, but has been a favorite tool of Anonymous and other hacktivists to take targets offline by sending a flood of TCP/UDP packets in an attempt to overwhelm a system.

Prolexic believes that developers of applications commonly used in DDoS attacks like LOIC will increasingly port them to mobile platforms in 2014.

“The prevalence of mobile devices and the widespread availability of downloadable apps that can be used for DDoS is a game changer,” said Stuart Scholly, president of Prolexic. “Malicious actors now carry a powerful attack tool in the palm of their hands, which requires minimal skill to use. Because it is so easy for mobile device users to opt-in to DDoS attack campaigns, we expect to see a considerable increase in the use of these attack tools in 2014.”

“Traditionally, some type of infection or malware was required,” Scholly continued. “With mobile apps, malicious actors can choose to proactively participate in orchestrated DDoS attack campaigns. When you consider how many mobiles device users there are in the world, this presents a significant DDoS threat.”

DDoS attacks stemming from mobile devices create certain challenges when it comes to detecting and mitigating the attacks, and add another layer of complexity to the problem.

“Because mobile networks use super proxies, you cannot simply use a hardware appliance to block source IP addresses as it will also block legitimate traffic,” Scholly said. “Effective DDoS mitigation requires an additional level of fingerprinting and human expertise so specific blocking signatures can be developed on-the-fly and applied in real-time.”

Compared to Q4 2012, statistics from Prolexic’s Q4 DDoS Attack report include showing the following:

• 26.09 percent increase in total DDoS attacks

• 17.42 percent increase in application layer (Layer 7) attacks

• 28.97 percent increase in infrastructure layer (Layer 3 & 4) attacks

• 28.95 percent decrease in average attack duration: 22.88 vs. 32.21 hours

Compared to Q3 2013, the company saw a 48.04 percent increase in average peak attack bandwidth to 4.53 Gbps, and a 151.21 percent increase in peak packets-per-second rate to 10.60 Mpps.

“Looking back over 2013, a number of significant DDoS trends were observed,” said Scholly. “These include the emergence of Layer 7 toolkits, the rise in DDoS-for-hire services, the resurrection of amplified Distributed Reflection Denial of Service (DrDoS) attacks as a common and powerful attack vector, as well as the steady rise in the number of DDoS attacks originating from Asian countries.”

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack