Malware evolving to defeat anti-DDoS services like CloudFlare?

From Botnets.fr
Jump to navigation Jump to search

(Publication) Google search: [1]

Malware evolving to defeat anti-DDoS services like CloudFlare?
Botnet OutFlare
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2013 / 2013-02-13
Editor/Conference ESET
Link http://www.welivesecurity.com/2013/02/13/malware-evolving-to-defeat-anti-ddos-services-like-cloudflare/ (Archive copy)
Author Alexis Dorais-Joncas
Type Blogpost

Abstract

Could distributed denial of service (DDoS) malware be evolving to defeat anti-DDoS security measures like Cloudflare? We do not usually see a lot of innovative denial-of-service malware in our day-to-day work. What we do see usually boils down to the basic flooding techniques: TCP Syn, UDP and ping floods, and sometimes HTTP-oriented floods.

Of course, many products and services are available to webmasters who want to defend against such DDoS attacks. Cloudflare is one of them. When we analyzed a new piece of malicious software that looked suspiciously like yet another DoS tool, we did not expect to find anything particularly interesting. However, it turns out that the malware dubbed Win32/DoS.OutFlare.A implements a technique we have not seen before: a routine intended specifically to defeat the very popular CloudFlare anti-DoS service.

Bibtex

 @misc{Dorais-Joncas2013BFR1303,
   editor = {ESET},
   author = {Alexis Dorais-Joncas},
   title = {Malware evolving to defeat anti-DDoS services like CloudFlare?},
   date = {13},
   month = Feb,
   year = {2013},
   howpublished = {\url{http://www.welivesecurity.com/2013/02/13/malware-evolving-to-defeat-anti-ddos-services-like-cloudflare/}},
 }