History Of Distributed Denial of Service Attacks

DDOS stands for Distributed Denial of Service Attack and in itself is usually an attempt to knock off a web-site offline by overwhelming the server with an amount of connections which it cannot support. In its relatively short history this sort of attempt saw a spiraling arms race between the two sides as the Internet itself evolved.

From Angry Hackers To Trojans

In its earliest form, called flooding or nuking, DDOS attacks only needed a single computer to be pulled off. The hacker behind the attack would simply send some specially crafted data packets which would arrive faster than the server could answer them. These were not technically distributed denial of service attacks, but simply denial of service. Quickly the webmaster world came with answers. They learned to reject this sort of data packets and they learned to create filters blocking suspicious IP’s.

The first real form of DDOS was accomplished when several hackers joined and each attacked manually the victim web-site. Obviously this technique proved much better, but soon it also became obsolete as webmasters simply pooled up more IP’s into their blacklist. Nonetheless, if the web-site was not prepared, the DDOS attack would actually succeed, precisely because hackers were not restricted to the most efficient type of data packets, which were easily recognizable, but could also use less efficient, but much harder to automatically detect . This approach however saw an untimely death when law enforcement began hunting down these hackers and when broadband speeds rendered the sheer amount of packages sent ineffective.

This was the moment when DDOS’ers were forced underground and chose mal-ware, Trojans more specific as their weapon of choice.

Trojans, Mal-ware, Spy-ware

Trojans were at the moment, a highly malicious form of mal-ware, but it was DDOS attacks that made it evil. Basically with a Trojan installed, a computer would become a zombie machine doing whatever the mastermind behind the Trojan wished it to do.

With thousands or even tens of thousands of computers at their disposal, obtained through typical mal-ware infection, DDOS’ers had enormous power in their hands and some surprisingly high amount of anonymity. A power which unfortunately they did not hesitate to use. This was the period when the hacker world switched from ‘hacktivism’ to money making. And the money came through blackmail. There are no clear figures here, especially since most of the victim web-sites were some shady web-sites in themselves, but the amount of money generated was high enough to turn this sort of mal-ware venture into a profitable one.

As time went by however, the antispyware world learned how to read this mal-ware to track down its masters, while trying to keep as many computers as possible spy-ware free. This led to the next evolution in DDOS attacks.

DDOS and Mal-ware Today

Hackers soon discovered that they can attack via a proxy, without exposing the machines infected with mal-ware, thus keeping the code of the Trojans effective. They would search for servers which would receive fake packets that would trigger these servers to send a response to the victim web-site. In this fashion, the victim web-site would get flooded with packets coming from legitimate, usually trusted sources. The response to this new type of attack didn’t lag far behind. More specialized routers, load balancing and honey traps were the answer. What are honey traps? Well, they are fake servers, which when they receive those fake packets don’t send them to the victim web-site, but intercept them and discover the mal-ware infected computers.

To Check if Your Computer is infected with a mal-ware, helping the hackers, scan your computer using a good AntiSpyware regularly. You can download a copy for FREE SCAN from HERE.


Leave a Reply

Your email address will not be published. Required fields are marked *