DoS Tool Takes Out Web Host

Friday, June 8, 2012 @ 11:06 AM gHale


Hacking group UGNazi took down a string of sites including HostGator in live tests of a new Denial of Service (DoS) attack tool.

The tool, dubbed #TheHolocaust, targeted undisclosed vulnerabilities and had crippled HostGator in seconds from a machine with 2Gb of RAM, via a 10Mbps/2Mbps link, the group said in a published report.

RELATED STORIES
Google Rolls Out Attack Warning
Google: Web Sites Hacked
Focus to Fix Sign-On Flaws
Hackers Expose Site’s Security Hole

HostGator and payments company wepay.com remained offline until they resolved the issue.

The hackers wrote the DoS tool in Python and C++ and targeted vulnerabilities that would be easy to patch, group member named the “Godfather” said.

“We do not want to show the DOS Tool #TheHolocaust to the public yet as it is in development,” they said in the published report. “It affects the connection of the [targeted] server, as well as the [targeted] webserver.”

Not so long ago, UGNazi hacked cloud provider WHMCS through a social engineering attack against HostGator.

The perpetrator, named Cosmo, ended up arrested by the FBI. UGNazi in a later hack changed the DNS records of image board 4Chan pointing visitors to the hacking group’s Twitter account.

The latter hack was possible after they gained access to the personal Gmail account of CloudFlare’s chief executive Matthew Prince. The DoS protection company said the hackers navigated past Google’s two factor authentication exploiting a now fixed “subtle recovery flaw” and bypassed his AT&T voicemail PIN.

UGNazi claimed that hack was worse than what the CloudFlare led on they “got into their main server” and accessed customer account information including name, IP address and payment data.



Leave a Reply

You must be logged in to post a comment.