DDoS attack turns servers into bots

Cyber crime

Security experts have warned of a new distributed denial of service (DDoS) attack that targets full on web servers rather than individual PCs.

The hackers infect servers with an application and, through a very simple software program, are able to identify the URLs they want to attack and hit them in a click of a button.

Imperva, the security firm which discovered the attacks, has the source code for the original application, along with screenshots, showing it only contained 90 lines of PHP code.

"Although servers are typically harder to compromise than PCs, by capitalising on their greater horsepower, the hackers create a much more efficient and powerful DDoS tool using servers as the attack platform," said Imperva in a statement.

"By using web servers, the attackers are even less detectable. Trace backs typically lead to a lone server at a random hosting company."

Amichai Shulman, chief technology officer at Imperva, has claimed that unlike most DDoS attacks, this is not a one off and the attacks "will be ongoing."

He advises companies to be on the look out and monitor Google presence to check if they have been compromised.

Jennifer Scott

Jennifer Scott is a former freelance journalist and currently political reporter for Sky News. She has a varied writing history, having started her career at Dennis Publishing, working in various roles across its business technology titles, including ITPro. Jennifer has specialised in a number of areas over the years and has produced a wealth of content for ITPro, focusing largely on data storage, networking, cloud computing, and telecommunications.

Most recently Jennifer has turned her skills to the political sphere and broadcast journalism, where she has worked for the BBC as a political reporter, before moving to Sky News.