Вебпланета - Twitter and Facebook attacked: remember Hiroshima bombing? - Comments

Twitter and facebook are

Гость — Fri, 02 Apr 2010 12:16:22 +0400

Twitter and facebook are some of the moron farms of the internet. Wish they took them down completely.

PS. By the way, Graham, are

l_e_x_a — Sat, 08 Aug 2009 21:13:44 +0400

PS. By the way, Graham, are you a security expert or just a PR expert at Sophos?

The reason for this question is pretty simple. In your blog, you've got a post "More Cyxymu spam seen in Sophos spamtraps". You publish a screenshot of that spam letter but you don't publish the SOURCE of that letter (as a security expert would do).

So how can you say "My guess is that these emails aren't really being sent by Cyxymu"?

Look what Mr. Woodcock said in New York Times: he found evidence that the spam attacks had originated from the Abkhazia region. This is the region where the blogger Cyxymu lives. The spam attack came from his homeland. Not from Moscow or Beijing.

So it is pretty possible that blogger named Cyxymu just made some self-promotion.

Ok, we don't know the origins of the other attacks. There were some of them, experts say. The link in spam letters wouldn't do such a mess. There were DDoS-attacks, too.

But why all the "experts" say nothing about the SOURCES of those attacks? Why all of you repeat that one-blogger-excuse?

You can't trace where a spam letter came from? You can't crack the trojan code and find the address where botnet is downloaded from? You are just PR? Boring.

Alexey
webplanet.ru

July 4th is pretty high

Randy Abrams — Sat, 08 Aug 2009 02:04:08 +0400

July 4th is pretty high profile, but it does not mean that the timing of the attack was to protest against America. The timing may well have been because the attackers knew that many people would be on holiday that day and so they may be more likely to succeed. My guess though is that it was a south Korean (individual or group) protesting against the US having a military presence in South Korea with South Korea's official consent.

Unlike July 4th though, attacking Twitter is not an overt protest against America, especially since there are so many users from so many different countries. No, I think if a Hiroshima protest was the point, the attackers would have been much more to the point and chosen a serious target instead of a toy web service.

Randy Abrams
Director of Technical Education
ESET LLC

> the attacker would have

l_e_x_a — Sat, 08 Aug 2009 00:01:00 +0400

> the attacker would have done things to make sure
> the political motivation was known.

Really? What do you think about the wave of DDoS-attacks started on 4th of July?
ing_in_bot_attacks_on_U.S._sites_says_researcher...

The attacker is still unknown. Some say the botnet used South Korea zombi computers. Some say the master server was located in UK:
http://blog.bkis.com/?p=718

No markings of a political protest against America? 4th of July, The Independence Day?

> I am fully aware that the United States used atomic bombs

Good for you. As to me, I am fully UNaware that Russia used DDoS-attacks against Estonian or Georgian sites. No evidence at all. Yet I hear about these "Russian hackers" almost every day. From US papers.

And now, we are blamed for Twitter! That infantile service for mentally-deprived people with one-line brains. What a Russian on the Earth would be willing to kick down that piece of crap?

Alexey
Webplanet.ru

Brain washed? Memory

Randy Abrams — Fri, 07 Aug 2009 22:05:33 +0400

Brain washed? Memory editted? Are you quoting from Pravda?

If the Twitter attack had been due to Hiroshima then the attacker would have done things to make sure the political motivation was known. It seems the least likely explanation. Perhaps it was to celebrate Jamaica gaining it's independence from Britain on August 6th, 1962. Or maybe death penalty opponents commemorating August 6th 1890 when the electric chair was first used. No, it simply didn't have the markings of a political protest against America.

And no, I did not bomb Hiroshima. My parents didn't even know each other then. I am fully aware that the United States used atomic bombs on Hiroshima and Nagasaki though.

Randy Abrams
Director of Technical Education
ESET LLC

Hey guys, when I was

ThreatSTOP — Fri, 07 Aug 2009 21:31:29 +0400

Hey guys, when I was interviewed, I in no way pointed the finger @ Russians. Nor, as far as I know, did Paul Ferguson (we're friends). I actually said it was probably some script kiddies. Those are USUALLY Americans. The developers who build ThreatSTOP are Russian, as is my VP of Engineering.
Now, that it coincides with "No Hard Feelings Day" (the tongue in cheek name for the day the US got back @ Japan for Pearl Harbor) is interesting, but probably not the cause, IMNSHO.

Graham, this story about

l_e_x_a — Fri, 07 Aug 2009 14:30:28 +0400

Graham, this story about "anti-Russian blogger Cyxymi" is in fact LAST YEAR story. When Livejournal was down in October 2008 they blamed that blogger. We wrote about it, too (see the date):
http://webplanet.ru/news/security/2008/10/27/cyxymu.html

Is it possible the same primitive trick killed three different sites a year later? I'd agree with you saying "Most people wouldn't have bothered clicking on the link" (in spam letters).

There should be something more serious. I don't say I know for sure really about Hiroshima. Just wonder why no one considers this idea.

Alexey,
Webplanet.ru

Well, I knew it was the

Graham Cluley, Sophos — Fri, 07 Aug 2009 11:33:35 +0400

Well, I knew it was the anniversary of Hiroshima... but I didn't believe that it was anything to do with the denial-of-service attack so why should I mention it?

If you're interested in what /was/ probably the cause of Twitter's bad day then read this:

http://www.sophos.com/blogs/gc/g/2009/08/07/twitter-denialofservice-targeting-antirussian-blogger/

Cheers
Graham Cluley, Sophos

Twitter and Facebook attacked: remember Hiroshima bombing?

translator — Fri, 07 Aug 2009 04:26:49 +0400

It was yesterday, August 6th, about 17:30 in Moscow, when we saw Twitter, Livejournal and Facebook went down. So we run a story about it, here on Webplanet.ru. In our report, we suggested it could be a DDoS-attack to commemorate the day when the first American atomic bomb destroyed the Japanese sity of Hiroshima. August 6th, 1945.

Some hours later, Twitter and Facebook confirmed they were DDoS'ed. So the newspapers started to ask security experts what's the reason for these attacks. To our big surprise, no Western security expert knew about Hiroshima!

Lets see: The Guardian talks to Sophos and Symantec. "This seems like far too much to be a coincidence," said Graham Cluley, a senior consultant at IT security firm Sophos.

John Harrison of Symantec is also very "informative": "We're very surprised to see these types of attacks coming. Usually the people behind it want to use it for financial gain, not simply to take services away... It can be as simple as retribution against other hackers. It seems trivial and backwards, but it could be something as simple as that"

Then, PC World quotes Randy Abrams from ESET (wow, he's Director of Technical Education!). Again, the antivirus guy doesn't see the picture:

"Perhaps the bad guys are upset that Twitter has recently started filtering URLs in order to cut back on the amount of malware the user’s experience".

The Wired also tells fortunes by coffee grounds, with some help from Trend Micro and ThreatStop:

“This kind of stuff happens every day... there’s nothing to indicate there’s anything particularly interesting about the attack from a technical perspective... [blah-blah-blah]... It’s not clear what the motivation is for the attack. One of the most famous, and overblown DDoS attacks was launched against Estonia’s media and governemnt by Russian nationalist hackers and wannabes".

Oh, Russians again? No, wait! This is developed by New York Times to the wildest extreme. They found someone called Bill Woodcock, "a research director of the Packet Clearing House, a nonprofit technical organization that tracks Internet traffic". That clever Bill said the attack "was an extension of the conflict between Russia and Georgia".

"It was not clear who initiated the attack, he said, but likely “one side put up propaganda, the other side figured this out and is attacking them". He said he found evidence that the attacks had originated from the Abkhazia region”, says the paper.

Sounds like Tarantino, huh? One side, the other side... And then, just a year later... both sides suddenly go and kill Twitter on the other side of the Earth! Attacks originated from the Abkhazia? Ok, let's call it Russia for this time! Americans never look at the map anyway.

Hopefully, the reader's comment from Mashable.com makes this theory better: lets talk Iran 'cos everybody talks Iran nowadays. Or Chavez from Venezuela. Big hacker, too.

Sorry but we have to repeat this for you, brain-washed and memory-editted Americans: August 6th is The Day You Bombed Hiroshima. The second bomb destroyed Nagasaki three days later, on August 9th.