UPDATED 13:54 EDT / SEPTEMBER 16 2013

NEWS

Tools for DDoS-Attacks are Gaining Popularity in Online Gaming Communities

DDoS attacks dominate the news nowadays. Large companies are frequently harassed by Distributed Denial of Service (DDoS) attacks, with great damage. Prolexic, a company that offers security services for DDoS has published a technical White Paper detailing what it calls “the rampant problem of denial of service attacks within and from online gaming communities.”

The document contains the results of the analysis of modus operandi and some php-scripts included in a DDoS kit, the botnet topology built on its base, as well as recommendations for the detection of this threat and prevents infections.

According to Prolexic, the peak power of these attacks was 70 GB/s and more than 30 million packets/sec. The first such attack was registered a year ago. Packeting is a term used to refer to a denial of service attacks where excessive data packets are sent to a target IP address in an effort to slow or stop internet service. A packeting attack can be directed at any IP address including other gamers, the game server itself, or target outside of the gaming network.

In addition to the increasing size of attacks, the attack volume grew in the last quarter of 2012, reaching the highest number of attacks recorded by Prolexic for one quarter. The average duration of attacks achieved a 67% increase, from 19.2 hours in the third quarter to 32.2 in the last quarter of 2012. Readily available DDoS tools, poor password security protocols, and rivalries are some methods of DDoS attack, according to Stuart Scholly, president of Prolexic.

“DDoS attacks fueled by rivalries, poor password security protocols and readily available DDoS tools are widespread and harm gaming and non-gaming targets alike,” said Stuart Scholly, president of Prolexic. “There are serious repercussions for every industry from denial of service attacks that feed off the explosive growth of online gaming infrastructures.”

NSFOCUS recently released their mid-year 2013 DDoS Threat Report that suggest DDoS attacks while shrinking in length, are gaining in the number of attacks and becoming increasingly profit-driven. The company’s Security Research Academy observed and researched 168,459 DDoS incidents around the world.

“DDoS is a common way to easily express revenge or gain an upper hand against a rival gaming ‘clan’,” says Kyt Dotson HackANGLE editor. “While we’ve seen that it was the go-to mode of ‘trolling for the lulz,’ by outfits such as LulzSec, the gaming services targeted by them were chosen due to total popularity and not rivalry. However, actual groups looking to mess up the game and fun of other players do target gaming servers just to disrupt particular targets. In highly competitive games such as Call of Duty and Halo this is especialy pronounced because the software is easily unpackaged and used.”

DDoS attacks on a large scale

Widespread availability of compromised Web servers makes malicious agents and redistribute botnets grow more easily.  In an effort to provide greater bandwidth for a small number of infected computers, attackers have built many thousands of botnet of compromised Web servers. They inject malicious scripts using known vulnerabilities in systems management sites. The Internet operates a large number of sites using outdated versions of products and many cases of mass hacking occurred due to these vulnerability.

According to the report, some of the standalone attack tools developed for packeting by novice users are poorly designed and are often bundled with backdoors. Such as a Windows executable filled with additional malicious code such as malware, adware, and trojans.

Other packeting attack tools are much simpler and more effective like a Perl flooder script.

A few examples include an attack targeted Call of Duty 2 gaming servers across the globe in South Africa, Europe, Asia and the United States. DrDoS attack tools that use gaming servers including Quake, Half Life, and Call of Duty to attack non-gaming targets and the underground market for stressors, booters. And other DDoS-as-a-Service tools that target online gaming communities.

In addition, malicious gaming hackers have historically used gaming communities as sources of servers upon which to reflect and amplify denial of service attacks, because gaming server aggregators provide a good source of server IP addresses that are likely to be vulnerable.

According to forecasts of Prolexic, popularity among the initiators of DDoS campaigns will continue to grow, therefore it is important to begin to actively combat this threat. The goal of the attacker is to use the gaming industry’s infrastructure to engage in DDoS attacks against selected targets. Video game server infrastructures are more inclined to malicious attacks due to their large footprint and broadband capabilities.

The Prolexic Security Engineering & Response Team (PLXSERT) advise to implement several preventive measures including DDoS protection mechanism using third party DDoS protection services or implement network operation center based DDoS monitoring and mitigation; enforce authentication from clients by establishing endpoint security; implement proactive measures against potentially vulnerable protocols such as ICMP; implement policies for software updates, patches and change management and close opportunities for brute force attacks.


A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU