By 2016, vDos became the most popular service in the world for ordering DDoS attacks
If you believe conspiracy theories, then antivirus companies themselves distribute viruses, and DDoS attack protection services themselves initiate these attacks. Of course, this is fiction... or not?
January 16, 2020 Federal District Court of New Jersey
The sad story of Tucker Preston began in 2014, when the teenage hacker, along with his friend Marshal Webb, founded the company BackConnect Security LLC, which was then spun off from BackConnect, Inc. In September 2016, this company
A simple BGP interception is performed by announcing someone else's prefix as your own. Uplinks/peers accept it, and it begins to spread across the Internet. For example, in 2017, allegedly as a result of a software failure, Rostelecom (AS12389)
BackConnect CEO Bryant Townsend
As it turned out, this is not the first time BackConnect has used BGP interception, and the company generally has a dark history. Although it should be noted that BGP interception is not always used for malicious purposes. Brian Krebs
If a DDoS attack victim contacts Prolexic for help, the latter transfers the client's IP addresses to itself, which allows it to analyze and filter incoming traffic.
Since BackConnect provided DDoS protection services, an analysis was carried out to determine which of the BGP interceptions could be considered legitimate in the interests of their clients, and which ones looked suspicious. This takes into account the duration of the capture of other peopleβs addresses, how widely the other personβs prefix was advertised as their own, whether there is a confirmed agreement with the client, etc. The table shows that some of BackConnectβs actions look very suspicious.
Apparently, some of the victims filed a lawsuit against BackConnect. IN
As mentioned above, the investigation into BackConnectβs activities began after the vDos service was hacked. Then
These records showed that one of the accounts on the vDos website was opened to email addresses associated with a domain that was registered in the name of Tucker Preston. This account initiated attacks against a large number of targets, including numerous attacks on networks owned by
In 2016, a former FSF sysadmin said the nonprofit had at one point considered partnering with BackConnect, and the attacks began almost immediately after FSF said it would look for another firm to provide DDoS protection.
According to
GlobalSign provides scalable PKI solutions for organizations of all sizes.
More details: +7 (499) 678 2210, [email protected].
Source: habr.com