DDoS attacks almost always originate from hacked devices. The country/countries that the traffic originates from has never ever been an indicator of who's behind the attack. I've mapped botnet professionally for a decade. All this tells you is the geographical distribution of compromised devices 1/2 - ThreadSky

malwaretech.com • 2 days ago

DDoS attacks almost always originate from hacked devices. The country/countries that the traffic originates from has never ever been an indicator of who's behind the attack. I've mapped botnet professionally for a decade. All this tells you is the geographical distribution of compromised devices 1/2

Reposted from Raphael Satter

New: The DDOS attack against X (formerly Twitter) is real, according to an industry source I spoke with.

As for the amount of rogue traffic emanating from Ukraine: “Insignificant.”

Biggest chunks of malicious traffic coming from US, Brazil, Vietnam, etc.

www.reuters.com/technology/s...

Comments

xiane.bsky.social•2 days ago

Still, I'm perfectly happy to not blame Ukraine...or anyone.

orogenesis.bsky.social•2 days ago

Do attackers use the same botnets that previously existed? Like, are the same devices used in the Mirai botnet attack also used in this or other big IoT DDoS attacks? I imagine a majority of them were never patched or fixed their default passwords, and some are still online.

viscerl.bsky.social•2 days ago

All the time. The creds and IPs get traded around the forums like anything else.

darkglade.bsky.social•2 days ago

Indeed.

Then there's a crap tonne of botnets for hire complete with nice dashboards and click-and-drool style interfaces so even the minimally savvy can use them so long as they have the money.

cavalcate.bsky.social•2 days ago

US, interesting 😉

hopehimars.bsky.social•2 days ago

https://www.dailydot.com/debug/dark-storm-team-x-outage-ddos/

orangeplus.bsky.social•2 days ago

They do claim credit for lots of attacks but have never shown any capability of doing anything of this scale

hopehimars.bsky.social•2 days ago

I guess they found some buddies !

orangeplus.bsky.social•2 days ago

I guess Daily Dot and perhaps yourself

hopehimars.bsky.social•1 day ago

EVERYONE hates elon musk

darkglade.bsky.social•2 days ago

100% this, there are hundreds of thousands if not millions of legacy, unmaintained, usually consumer devices all over the planet which are easily hijacked for this type of activity.

The operators of these botnets don't care where the traffic comes from they just want VOLUME.

mikkwallace.bsky.social•2 days ago

Exactly
All indeed Facts ✅😉
Re Hacks

cathy3of6.bsky.social•2 days ago

I hope people take turns. Hackers get to work

malwaretech.com•2 days ago

When you plot this kind of data of a graph, all you get is a heat map of population density, which is slightly skewed by economic factors. The biggest sources of DDoS tend to be developing nations with large populations, as they tend to have a higher density of older less secure devices. 2/2.

drewizard.bsky.social•2 days ago

I remember conversations 20+ years ago founded on the idea that phishing from S Korea was predicated on a rapidly growing economy and 'net growth faster than the skills to secure it. I cracked into a S Korean Linux box myself. We still talking about an infra people can't secure in other countries?

bexone.bsky.social•2 days ago

Also like: would it actually be THAT big a surprise if the DDoS was coming from inside the house?

ullius.bsky.social•2 days ago

But you don't really expect a 'Tech' bro to understand this, right?

teresarothaar.bsky.social•2 days ago

I'm not surprised the U.S. is on the list, being as most people (and even many organizations) never bother changing the default creds for their IoT devices.

darkglade.bsky.social•2 days ago

That's part of the issue sure.

The bigger problem is vendor abandonment, most consumer tech gets MAYBE 18 months of updates and that's it, so if there's a vuln (and there usually IS) in an EOL router that's deployed in say 100k or 1M households it will never get fixed.

Straight up canon fodder.

marypcbuk.bsky.social•2 days ago

plus, the state of the Ukrainian IP ranges after everything that's been thrown at them: it feels like a giant sign that says 'of course it's Russia trying to make Ukraine look bad'

daledidporn.bsky.social•2 days ago

thank you for sharing your expertise

mgb5000.bsky.social•2 days ago

As a s/w engineer in a rural community I also cleaned/reinstalled people's infected PCs.

I don't have hard data but generally it was the antivax MAGA "I hate long passwords I'll use my birth year" types who were most likely to click on a malware link and be used for sending spams or DDOS attacks.

kye.boats•2 days ago

No. Just stop. Don’t politicise having poor security hygiene. Everybody does it.

mgb5000.bsky.social•2 days ago

Everybody has imperfect security hygiene but unintelligent uneducated and intellectually lazy people who reject science such as "Don't use your birth year as your password" - MAGA in a nutshell - are imperfecter™.

furcalor.net•2 days ago

I hope my Chinese smart led lights took part in this....

nrlnd.bsky.social•2 days ago

🥳

noteom.bsky.social•2 days ago

elon is obv making this nonsense up like everything else he says

when someone is a serial bullshitter you can just start at assuming it's bullshit and work back from there

clawclawbite.bsky.social•2 days ago

But the cool android device I bought on Temu lets me pirate all movies and TV! How could this device be bad or malicious? /s

heikki-machine.bsky.social•2 days ago

I can assure you the attack is not from machines in the Ukraine area. Elon likes to say things. They don’t relate to reality or the truth.
Below is a tweet where Elon gave advice to an ER doctor on ventilators. 1/

heikki-machine.bsky.social•2 days ago

Why did he? Because he bought (for massive positive press) bunch of sleep apnea devices that nobody had shortage of and called them ventilators.
People called him out on it so he had a short campaign about how milder ventilators were actually better.

It was totally “on brand” behavior for him.

tartanskull.bsky.social•2 days ago

He’s absolutely abhorrent.

heikki-machine.bsky.social•2 days ago

The remains of the discussion above - with doctors reacting to Elon's twet can be still found, it was retweeted with #mdmusk #medicalmusk and or #doctormusk. Elon deleted his tweet (which is quite rare) so only responses can be seen. For once he understood what a tool he was making himself look like

Comments

Posting Rules

Reply