Pierluigi Paganini January 09, 2016

The  hacking group New World Hacking that claimed the responsibility for the BBC attack revealed that the DDoS attack reached the 602 GBps.

On December 31th, the BBC website and iPlayer service went down due to a major “distributed denial of service” attack.”

The attack started at 0700 GMT and paralyzed the websites for more than hour causing the panic among users on the social media.

A group of Anti-ISIS hackers calling itself New World Hacking has claimed the responsibility for the BBC attack. The outage lasted more than an hour, according to security firm Netcraft, service to the BBC network was restored with the support of the Akamai firm.

According to a post published by the BBC, Hackers of the New World Hacking said they had launched the attack as a “test of its capabilities”.

The hackers said that the DDoS attack reached 602Gbps, it is an amazing volume of traffic, almost twice the size of the most powerful attack recorded by Arbor Networks last year that reached 334Gbps.

“Some of this information still needs to be confirmed,” “If it’s proven, it would be the largest attack on record. But it depends on whether it’s actually confirmed, because it’s still a relatively recent attack.”  explained Paul Nicholson, director of product marketing at A10 Networks.

The worst aspect of the story is that according to the New World Hacking group the DDoS attack against the BBC was “only a test.”

“We didn’t exactly plan to take it down for multiple hours,” the hacking crew told the BBC. 

According to Nicholson, the group has chosen the BBC as a target just for marketing purpose, the expert speculated that the crew intends to advertise an online DDoS tool called BangStresser that is offered for rent to deliver attacks as a service.

BangStresser isn’t the unique tool that could be rented to launch a powerful DDoS, last year the hackers belonging to the Lizard Squad took down the PlayStation and Xbox networks using another tool dubbed the Lizard Stresser. The popular security expert Brian Krebs and a research team discovered that the Lizard Stresser DDoS tool relies on compromised Home Routers.

Experts at  A10 Networks believe that there are many similarities between the two tools, but another circumstance appears very strange in the attack against the BBC; the New World Hacking is claiming to be using Amazon servers to launch the attacks.

Nicholson speculates that some legitimate DDoS attack services have been abused.

“Some are offered as useful services to websites, to see if they can handle the load,” he said. “Some of them are quite inexpensive and configurable,” Nicholson said. “for example, you can have different attacks at different times, so that it’s harder to defend against them.”

According to CsoOnline, we will assist to other attacks against high-profile media websites and political websites due to the U.S. election cycle

Pierluigi Paganini

(Security Affairs – Black Energy, Sandworm)