DDoS Attack Floods Video Provider

Wednesday, April 9, 2014 @ 09:04 AM gHale


An application layer distributed denial-of-service (DDoS) attack leveraged a vulnerability in a popular website to carry out the operation.

Traffic hijacking techniques were successful in flooding the targeted server with over 20 million GET requests from 22,000 web browsers, said researchers at security provider Incapsula.

RELATED STORIES
Email Trojan Malware Within Malware
Attacks Continue from Compromised Sites
DDoS Attacks: ‘A Common Pain Point’
Execs Not Sharing Breach Info

Incapsula did not reveal the website hit in the attack, but it has revealed that it is a popular video content provider.

The site does allows users to sign in with their own profiles. The attackers exploited a persistent cross-site scripting (XSS) vulnerability that enabled them to inject JavaScript code into the tag associated with the image of the user profile.

This meant malicious code could embed each time the image ended up used. Whenever someone visited pages containing the image, the malicious code executed.

“As a result, each time a legitimate visitor landed on that page, his browser automatically executed the injected JavaScript, which in turn injected a hidden