Are Decade-Old DoS Tools Still Relevant in 2021? – Security Boulevard

Surprisingly, the answer is yes.

After Anonymous fell apart in 2016, the threat landscape shifted rapidly. The once mainstream group of organized Denial of Service (DoS) attacks with simple GUI-based tools were no more; as the era of Distributed Denial of Service (DDoS) attacks and DDoS-as-a-Service began to take shape under the power of new IoT botnets such as Bashlite and Mirai.

While Anonymous has not entirely disappeared, its digital footprint has significantly reduced over the last five years. Today, you can still find Anonymous accounts on the usual social media outlets and video platforms spreading operational propaganda, but with limited impact compared to the past.  However, during a recent Anonymous operation, I was surprised to find that the group, which still uses PasteBin and GhostBin (to centralize operational details), had updated their target list from years prior and suggested the use of Memcached and other reflective attack vectors. They recommended using antiquated DoS tools, such as LOIC, HOIC, ByteDoS, and Pyloris, all nearly 10-years-old.

Tools of The Past

HOIC

High Orbit Ion Cannon, or HOIC for short, is a network stress testing tool related to LOIC; both are used to launch Denial of Service attacks popularized by Anonymous. This tool can cause a Denial of Service through the use of HTTP floods. Additionally, HOIC has a built-in scripting system that accepts .hoic files called boosters. These files allow a user to deploy anti-DDoS randomization countermeasures and increase the magnitude of the attack.

While it has no significant obfuscation or anonymization techniques to protect the user’s origin, the use of .hoic “booster” scripts allows the user to specify a list of rotating target URLs, referrers, user agents, and headers. This effectively causes a Denial of Service condition by attacking multiple pages on the same site while making it seem like attacks are coming from several different users.

Blog 2 ProxyEgg Are Decade-Old DoS Tools Still Relevant in 2021? - Security Boulevard
Figure 1: HOIC
[Click for Full Report: Quarterly Threat Intelligence Report]

ByteDOS

Once considered a destructive tool, ByteDoS has become a novelty in 2021. ByteDos is a Windows desktop DoS application. It is a simple, standalone executable file that does not require installation and comes equipped with embedded IP resolver capabilities that allow this attack tool to resolve IPs from domain names. It also supports two attack vectors: SYN Flood and ICMP Flood, allowing the user to choose his preferred attack vector. ByteDos also supports attacks behind proxies, enabling the attackers to hide their source and identity. The tool is quite common among hacktivists and Anonymous supporters (it becomes very effective when used collectively by many attackers in a coordinated Denial of Service attack).

blog 3 ProxyEgg Are Decade-Old DoS Tools Still Relevant in 2021? - Security Boulevard
Figure 2: ByteDOS

Pyloris

Another one that was once considered a destructive tool is Pyloris. Pyloris is a low and slow HTTP DoS tool. Pyloris enables the attacker to craft HTTP requests with custom packet headers, cookies, packet sizes, timeouts, and line-ending (CRLF) options. Pyloris’ objective is to keep TCP connections open for as long as possible between the attacker and the victim’s servers in an attempt to exhaust the server’s connection table resources. Once exhausted, the server will not handle new connections from legitimate users, resulting in a denial-of-service state.

[Like this post? Subscribe now to get the latest Radware content in your inbox weekly plus exclusive access to Radware’s Premium Content. ]

blog 4 ProxyEgg Are Decade-Old DoS Tools Still Relevant in 2021? - Security Boulevard
Figure 3: PyLoris

[Check out the latest edition of Hacker’s Almanac Series 1:The Threat Actors]

How effective are the old tools

The tools suggested for this Anonymous operation, and many others are old and outdated, yet oddly enough, they still have a place in the threat landscape. In a world of easy-to-build IoT botnets and cheap attack services, it is odd to see some suggest using tools that are nearly a decade old. And while the use of these tools is not prominent, they can still be effective when correctly leveraged against unsuspecting and unprotected websites. Below is a chart showing events over the last year related to LOIC, HOIC, HULK, and SlowLoris attacks.

blog 5 ProxyEgg Are Decade-Old DoS Tools Still Relevant in 2021? - Security Boulevard
Figure 4: HOIC, LOIC, HULK, Slowloris DoS events (source: Radware)

As you can see, these tools are still relevant in 2020/21 but not as popular or effective as they used to be due to the evolution of the threat landscape and advancements in mitigation technology. While Anonymous is no longer the threat they used to be, there is always an inherited risk of a lone wolf or group of amateur threat actors popping up with these tools and presenting a certain level of risk for the unprotected.

Hackers book1 v1a 1 ProxyEgg Are Decade-Old DoS Tools Still Relevant in 2021? - Security Boulevard

Download Series 1 of Radware’s Hacker’s Almanac 2021.

Download Now

*** This is a Security Bloggers Network syndicated blog from Radware Blog authored by Daniel Smith. Read the original post at: https://blog.radware.com/security/ddos/2021/06/are-decade-old-dos-tools-still-relevant-in-2021/

Source of this news: https://securityboulevard.com/2021/06/are-decade-old-dos-tools-still-relevant-in-2021/

Related posts:

Linkerd Kubernetes Service Fabric Builds in Security – The New Stack - thenewstack.io
We all know network security is vital to our Kubernetes deployments, right? Of course, right. A service mesh improves network security by adding a dedicated infrastructure layer to facilitate servic...
New Bug Could Let Attackers Hijack Zimbra Server by Sending Malicious Email - The Hacker News
Cybersecurity researchers have discovered multiple security vulnerabilities in Zimbra email collaboration software that could be potentially exploited to compromise email accounts by sending a malici...
How to see where a Netflix title is available - AZ Big Media
Tired of not being able to tell where Netflix titles are available? We know how frustrating that is. It’s downright infuriating when you hear about a new cool show or movie on Netflix, but it won’t s...
The world's worst kept secret and the truth behind passwordless technology - Help Net Security
One of the biggest security risks of modern-day business is the mass use of passwords as the prime authentication method for different applications. When the technology was first developed, passwords...
Android on Windows, WHQL-signed malware atacks, and 21H2 builds are presented in this week's Microso...
We’ve come into the end of the week, which leads to it’s time to take a look go back at what’s transpired here in Microsoft’s world over the last few within the. Microsoft’s primary focus with re...
Four New Maps Added To 2019's Call of Duty: Modern Warfare can KeenGamer News
Image credit: Infinity Keep Points new multiplayer maps have been added to the seemingly lost Call of Duty: Leading-edge Warfare as part of the mid-season update for Warzone and Bl...
That Do Companies Use Proxy server? - Cardiff - Wales247
Decision-making function businesses is a data-driven concern. Companies monitor their competitors’ moves and websites distinguish what they can change in their when working. They also collect dat...
Find Tracing - What You Need to Know difficult techPresident
Contact tracing was, and is, a critical feature in aiding governments monitor the multiplication of the covid-19 virus. Our own NSO-group was right at you see, the forefront of contact searching for...
What Is Session Hijacking? How to Ensure Session Privacy - G2
A lot can happen between a login and a logout. Attackers look for sessions where they can gain unauthorized access to your accounts and exploit your data. You should ensure that you authenticate your...
Why Modernize Your Legacy Monitoring? - IT Jungle
April 25, 2022 Ash Giddings Modernization is everywhere at present, with teams actively looking to bring their business into the 21st century by transforming applications, framework, underlyi...
Lincoln Star Concept: Could a sport tourer be in Lincoln's electric future? - Yahoo Entertainment
Lincoln unveiled Wednesday at an event in Hollywood its first fully electric concept vehicle: The Lincoln Star Concept, a crossover that looks a lot like a Corsair or Nautilus crossover with a longer...
Study connects hyperglycemia and prolonged cloth mask use to COVID-19-associated mucormycosis risk -...
A new study conducted in India identifies the role of high blood sugar levels in predisposing patients to mucormycosis infection. The study, which is available on the preprint server medRxiv*, also p...
Fix An error occurred while starting Roblox - TWCN Tech News
Roblox is an online game platform where users can design their games or play games by other users, but sometimes users will receive an error stating that “An error occurred while starting Roblox Stud...
Oracle Cloud now provides Arm CPUs at one cent per core hour - iTWire
Oracle today announced a new range of Arm compute instances based on Ampere’s ARM processors along with the tools and support to accelerate Arm-based application development. The new Arm offerings c...
Kingsdale Advisors Launches Corporate Game trailer Campaign to Help Business Responsable Succeed in ...
TORONTO--( BUSINESS WIRE )-- Kingsdale Advisors , North America’s leading strategic aktionär advisory firm, today built the first in a four-part management and business trailer campaign focus...
Fix If your Google Drive Not Syncing - The Laconia Daily Sun
Cloud storages become a leading solution for some individual and organization users due to enhanced data accessibility and safety. That is, many users choose to save their important data to a cloud ...
'Tis the Season for the Wayward Car finance package Phish – Krebs concerned with Security - Krebs av...
The holiday shopping season really want means big business with phishers, who tend to have increased success this time of year possessing lure about a wayward product that needs redelivery. Here’s a...
The Southpaw Advantage - FanGraphs
Editor’s Note: An abridged version of this study appeared at FiveThirtyEight on August 17, 2020 under the title “What Really Gives Left-Handed Pitchers Their Edge?” Left-handed pitching has long bee...

IP Rotating Proxy Onsale

SPECIAL LIMITED TIME OFFER

00
Months
00
Days
00
Hours
00
Minutes
00
Seconds
First month free with coupon code FREE30