Cryptolulz666 continues targeting Government websites with DDoS

Cryptolulz666 is back targeting government websites to demonstrate that it is very simple for hackers to bring down them with DDoS attacks.

A few days ago a reported the attack conducted by the black hat hacker Cryptolulz ( @Cryptolulz666), a former member of the Powerful Greek Army, who hacked the website of Russian embassy of Armenia (www.embassyru.am). He hacked the website of Russian embassy of Armenia to create awareness amongst the authorities, the hacker confirmed me that he used a blind SQL Injection vulnerability.

Now Cryptolulz is back, he wanted to demonstrate that it is very simple for hackers, even small groups, to launch a massive DDoS attack against any target.

Yesterday he first launched a DDoS attack against the website http://italiastartupvisa.mise.gov.it/ belonging to the Italian Government.

It was just testing his own botnet, then later he targeted the website of the Russian Federal Drug Control Service liquidation commission.

The Russian website was down for several hours.

When I asked a comment he told me:

“from my perspective…. this is just low security, and for a government, it’s quite bad” said Cryptolulz666

He confirmed me to be a youngster with a great passion for cyber security that aims to spread awareness on the risks.

He launched a DDoS attack leveraging on the NetBIOS amplification technique. NetBIOS is a protocol used in computer software to allow applications to talk to each other via LAN networks.

“A NetBIOS NBSTAT query will obtain the status from a NetBIOS-speaking endpoint, which will include any names that the endpoint is known to respond to as well as the device’s MAC address for that endpoint. A NBSTAT response is roughly 3x the size of the request, and because NetBIOS utilizes UDP, this can be used to conduct traffic amplification attacks against other assets, typically in the form of distributed reflected denial of service (DRDoS) attacks.” states Rapid7.

The hacker scanned roughly 10 % of the Internet searching for potential bots to use in the attack and he found 2 million bots.
“which is pretty perfect for amp vectors..” he told me.

He confirmed me to have shut down the site of the Russian government with a single shot and maintained it down for hours.

In this specific attack he other two spoofing server in order to guarantee a stable malicious traffic against the target, and he made this with python scripts.

“I used another two spoofing servers to launch dos attacks with my self-coded python scripts.” he added.I did it to create awareness among the authorities and users of the website.

I did it to create awareness among the authorities and users of the website.
He confirmed me that he will target other government websites in next attacks, always for the same reason.

“you see the government don’t care about security so we gonna exploit it hard.” added Cryptolulz666

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Cryptolulz666, hacking)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.