Pretty much the only regions on the planet from which we *don't* see regular volumetric DDOS against www.bbc.co.uk & www.bbc.com is central Africa & the poles.

This is map shows the number of time each country was a DDOS traffic source in the last 30 days (larger circles == more DDOS attacks).

The botnets are really well globally distributed these days (and we typically see thousands or tens of thousands of source IPs per attack - mostly compromised servers).

World map with a red dot of varying sizes on virtually every country. Countries without a red dot are more or less only the central African countries from Senegal/Mauritania on the West coast to Eritrea on the East coast.

#DDOS #InfoSec #BotNet

**dercraig** @dercraig@infosec.exchange · 2 T. *

2 T. *

dercraig @dercraig@infosec.exchange

A new book on DDoS attacks and mitigation is available here:
https://buchshop.bod.de/ddos-understanding-real-life-attacks-and-mitigation-strategies-stefan-behte-9783819226212 or on Amazon: https://www.amazon.de/DDoS-Understanding-Real-Life-Mitigation-Strategies/dp/3819226214/ #ddos - ebook also available in a few weeks! :)

**JBrickelt963 (φ)** @JBrickelt963@framapiaf.org · 2 T.

2 T.

JBrickelt963 (φ) @JBrickelt963@framapiaf.org

Après quelques recherches j'ai compris qu'il pouvait y avoir un certains défis à réintroduire les #regex sur #mastodon que ce soit par la complexité d'utilisation ou le ralentissement les services avec possible faille #DDOS le risque est le taille.

Personnellement, j'aurais bien aimé avec a profiter des nombreux avantages qui en découle malgré tout. Et j'ai cru comprendre qui que beaucoup de #moderation en aurait apprécié l'efficacité.

1/n

https://framapiaf.org/@JBrickelt963/114523955748256138

FramapiafJBrickelt963 (φ) (@JBrickelt963@framapiaf.org)@toddalstrom@mastodon.social oh je découvre qu'il est possible d'ajouter des expression "Regex" dans les filtres Mastodon !? L'expression pour Thread me sera sans doute moins utile maintenant qu'il est bien largement défédéré, mais ça ouvre le champ des possible. EDIT : Zut voilà que je déchante en apprenant que ça l'était jusqu'en 2018 dans l'implémentation officielle ... #Regex #Mastodon #Fediverse #feditips

**ITSec News deutsch** @itsecnews@anonsys.net · 2 T.

2 T.

ITSec News deutsch @itsecnews@anonsys.net

Die Zahlen lassen keinen Zweifel: DDoS-Attacken werden häufiger, raffinierter und gefährlicher – in der gesamten DACH-Region. Neue gesetzliche Vorgaben wie DORA, NIS 2 oder die Schweizer Meldepflicht sind wichtige Schritte in die richtige Richtung.#attacken #cyber-angriffe #ddos #dos #netscout
Anhaltender Anstieg von DDoS-Attacken – Deutschland im Fokus der Angreifer

Infopoint Security · 5 T.Anhaltender Anstieg von DDoS-Attacken – Deutschland im Fokus der AngreiferDie Zahlen lassen keinen Zweifel: DDoS-Attacken werden häufiger, raffinierter und gefährlicher – in der gesamten DACH-Region. Neue gesetzliche Vorgabe...

#Cyberangriffe

Antwortete im Thread

**Kevin Karhan** @kkarhan@infosec.space · 3 T. *

3 T. *

Kevin Karhan @kkarhan@infosec.space

@briankrebs yeah, cuz every #SecOps of any #ISP is gonna read that and look into the affected hosts if they were in their netwirk and obviously share the findings with investigators.

And I don't blame them since #DDoS attacks espechally at that scale do create a lot if cost and anger at their end as well.

So everyone but the malicious actor is gonna be mad...

Which makes it an even worse decision!

Antwortete im Thread

**Kevin Karhan** @kkarhan@infosec.space · 3 T.

3 T.

Kevin Karhan @kkarhan@infosec.space

@Npars01 and even then to me this looks more like a "bad" #PR stunt to me.

An expensive one for shure.

It's the digital equivalent of kids shooting paintballs at a parked cop car in a monsoon rain and that got only noticed retroactively...

I just think it's wasteful to #DDoS @briankrebs 's website because it's only a #blog, he doesn't pay any #ransom, is extremely well protected and outage of it doesn't generate the same public or financial pressure compared to businesses and governmental institutions.

Like even if they had succeeded, what would've been the outcome? Maybe line that reads: "Congrats Kiddo, you just wasted thousands if not millions of dollars worth in Monero just to create an outage of a tiny blog. Go give yourself a star in your exercise book!"…

Someone just had more money than sense I guess...

Infosec.SpaceKevin Karhan :verified: (@kkarhan@infosec.space)@briankrebs@infosec.exchange TBH, I think #DDoS'ing *your blog* is kinda wasteful beyond *"#BraggingRights"* because it's not only *well protected* but the amount of damage / revenue by #blackmailing they could expect is just zero. - I mean, it shure is a way to get *your attention* but that doesn't mean any #BlackHat should *ask for that*! But there are thousands if not millions of weaker targets they could've attacked. - Seems like the [muggers from Crocodile Dundee](https://www.youtube.com/watch?v=qi0G0b1dNzE) *but dumber* cuz they try to puncture your tires but you're sitting in a tracked tank. Pretty shure had #Google not told you or anyone else you would not have even noticed it.

Antwortete im Thread

**Kevin Karhan** @kkarhan@infosec.space · 3 T.

3 T.

Kevin Karhan @kkarhan@infosec.space

@briankrebs TBH, I think #DDoS'ing your blog is kinda wasteful beyond "#BraggingRights" because it's not only well protected but the amount of damage / revenue by #blackmailing they could expect is just zero.

I mean, it shure is a way to get your attention but that doesn't mean any #BlackHat should ask for that!

But there are thousands if not millions of weaker targets they could've attacked.

Seems like the muggers from Crocodile Dundee but dumber cuz they try to puncture your tires but you're sitting in a tracked tank.

Pretty shure had #Google not told you or anyone else you would not have even noticed it.

YouTubeThat’s not a knife…THAT’S A KNIFE.” 😅 Crocodile Dun #movies #shortsVon universe of clips

**iam-py-test** @iampytest1@infosec.exchange · 4 T.

4 T.

iam-py-test @iampytest1@infosec.exchange

AdGuard was hit with a DDoS attack today, which they successfully countered

https://status.adguard.com/incidents/8zxgml8dksgw

status.adguard.comAdGuard website is under a DDOS attackAdGuard's Status Page - AdGuard website is under a DDOS attack.

#AdGuard #DDoS #Cyberattack

**Cybernews** @cybernews@infosec.exchange · 4 T.

4 T.

Cybernews @cybernews@infosec.exchange

Swiss authorities warn that cybercriminals launched several DDoS attacks against various websites in the country in connection with the Eurovision Song Contest.

#Eurovision #DDoS #hack #cybersecurity

https://cnews.link/ddos-attacks-target-eurovision-ncsc-says-1/

**Max Resing** @resingm@infosec.exchange · 6 T.

6 T.

Max Resing @resingm@infosec.exchange

Iberian Peninsula Blackout: Effects in Cyberspace is a recently published blog post on the #electricity #outage in #Spain, #Portugal and some parts in #France. Unlike other posts, we at #ASERT do not only cover traffic pattern, but specifically shed light on the #DDoS landscape, and the effect the outage had on the region.

NETSCOUTIberian Peninsula Blackout: Effects in Cyberspace | NETSCOUTIberian Peninsula Blackout: Effects in Cyberspace

#SpainOutage #IberianPeninsula #IberianBlackout

Fortgeführter Thread

**Dendrobatus Azureus** @Dendrobatus_Azureus@bsd.cafe · 6 T. *

6 T. *

Dendrobatus Azureus @Dendrobatus_Azureus@bsd.cafe

This part of the article will totally blow your mind and your brains in a very powerful exothermic reaction

https://jan.wildeboer.net/2025/04/Web-is-Broken-Botnet-Part-2/

The image shows a smartphone screen displaying a web page. The top of the screen shows the time as 09:38, with a battery level of 90%, and various icons indicating weather, signal strength, and temperature. The main content of the page is a text post discussing proxy services, with a link to a review page at "https://proxyway.com/reviews?e-filter-da2a7bc-reviews_categories=proxy-providers." The text mentions AI web scraping as a significant driver for these companies and expresses concern about some companies injecting SDKs into third-party apps to extend their reach and fill their pools of residential proxies, suggesting they distribute malware and create botnets. The post concludes with the author's personal opinion that these companies are legitimate. Below the text, there is a screenshot of the review page from Proxyway, showing logos of various proxy providers like Smartproxy, Oxylabs, Bright Data, Netnut, Soax, and Webshare, with links to their reviews. The URL at the bottom of the screen is "jan.wildeboer.net/20," indicating the source of the post.

Ovis2-8B

🌱 Energy used: 0.272 Wh

#AI #crawlers #botnet

**Dendrobatus Azureus** @Dendrobatus_Azureus@bsd.cafe · 6 T.

6 T.

Dendrobatus Azureus @Dendrobatus_Azureus@bsd.cafe

A very powerful article about what crawlers dictated by AI companies are doing by simply destroying the web by doing endless infinite requests on servers as small as a Raspberry Pi and as large as Google's content delivery network, forcing drastic measures as the recent one ironically by GitHub where you can only do 10 requests after you've logged in

https://jan.wildeboer.net/2025/04/Web-is-Broken-Botnet-Part-2/

#AI #crawlers #botnet

Antwortete im Thread

**Radio Azureus** @RadioAzureus@mastodon.social · 6 T.

6 T.

Radio Azureus @RadioAzureus@mastodon.social

@alcinnz

Many places leave a tool running up front that checks if it is an AI bot that is storming their Systems.

The DDoS percentage drops with more than 98%

#AI #data #LLM

**AI6YR Ben** @ai6yr@m.ai6yr.org · 13. Mai

13. Mai

AI6YR Ben @ai6yr@m.ai6yr.org

Add this to the list of ADDITIONAL REASONS I hate AI.

They're absolutely slamming websites on the Internet so they can suck the contents into their great big training database.

https://mastodon.social/@tdp_org/114501075084619358

Graph of total requests per day by content type for one GenAI crawler over a week. The request rate was essentially zero for everything until yesterday when requests for HTML (web pages) began to increase dramatically. Today we're on about 460,000 requests so far

MastodonNeil Craig (@tdp_org@mastodon.social)Angehängt: 1 Bild As part of a time-limited trial, yesterday we removed the www.bbc.co.uk & www.bbc.com robots.txt "block" on *one* GenAI crawler. Here's a graph of total daily requests from that 1 GenAI crawler by content-type. You'll note, they've retrieved ~460k web pages in ~16 hours, so a mean of ~28,750 web pages per hour. They'll likely pull ~690k pages today, ~32GB egress. Whilst this is a drop in the ocean versus our other traffic, I can easily see how this could sink a smaller website. #GenAI #WebDev

#AI #LLMs #DDoS

**cyberfox** @cyberfox@infosec.exchange · 13. Mai

13. Mai

cyberfox @cyberfox@infosec.exchange

domain "nerd[.]parody" has two A records. It seems innocent. But if we reverse these two IPs to 154[.]81[.]156[.]35 and 154[.]81[.]156[.]54, there will be two malicious IPs (https://virustotal.com/gui/ip-address/154.81.156.35) (https://virustotal.com/gui/ip-address/154.81.156.54)
#botnet #DDoS
(first query detected on 2025-04-18)

**Security Incidents** @securityincidents@social.tchncs.de · 12. Mai

12. Mai

Security Incidents @securityincidents@social.tchncs.de

DDoS-Angriff: Radio Televisión Nacional de Colombia (RTVC) #DDoS #Ausfall #TeamInfoSec #cyberangriff https://www.security-incidents.de/sicherheitsvorfaelle/ddos_angriff_radio-televisión-9426.php

Compliance Essentials GmbH · 12. MaiDDoS-Angriff: Radio Televisión Nacional de Colombia (RTVC)Von Martin Holzhofer

Frühere Suchanfragen

Suchoptionen

Verwaltet von:

Serverstatistik:

#ddos