Actually in cryptocurrency there are lots of problem and I think that is the problem it faces in payback period.
There are some companies who are really don’t give returns in income that they get.
Topic: DDOS Payback (Read 8437 times)
if we actually knew who was doing it what would be the point of ddosing him back? just post up a bounty for his broken knee caps. say 100btc per cap?
I think finger/hands would be more effective. oh, cut out his tongue to prevent speech to text software from helping him.
I have a suggestion to fight against dDOS attacs: Turn the bots against the botnet controller. Ie. instead of DDOS the target, they will DDOS them self :-D
Ok, how to do it? Hard question.. some ideas:
1. analyse the bot and make it forward it attack to the controller (works only specific bots)
2. DDOS attacks usually use faked DNS queries. Make a virus that finds out if PC is sending fake DNS queries. If it is, start sending those queries with different faked sending address from all connections the PC have. This will include also the bot controller. It also jams the pc connections so the user wil react.
Any other ideas?
Ok, how to do it? Hard question.. some ideas:
1. analyse the bot and make it forward it attack to the controller (works only specific bots)
2. DDOS attacks usually use faked DNS queries. Make a virus that finds out if PC is sending fake DNS queries. If it is, start sending those queries with different faked sending address from all connections the PC have. This will include also the bot controller. It also jams the pc connections so the user wil react.
Any other ideas?
Strangely enough... all financial institutes have been hit with DDOS in the past couple of weeks, In Holland they are currently still nuking a couple of government services. That they attack bitcoin is only logical, as even while being p2p is still a financial institute (distributed ofc) but this is where it shows the strength and weaknesses of bitcoin. They haven't found a way to disrupt bitcoin itself with DDOS, so they go after the exchanges (an easier target)
All we can do at this moment is stand fast, and hope Gox has their anti-ddos shit together so we have minimal interference. The fact that these people have not been caught, even after nuking just about any bank in the US and Europe, says enough IMO. Either the priority on this is just wrong, or they are very very good and will not be caught. (if some government is behind it... the won't get caught too)
All we can do at this moment is stand fast, and hope Gox has their anti-ddos shit together so we have minimal interference. The fact that these people have not been caught, even after nuking just about any bank in the US and Europe, says enough IMO. Either the priority on this is just wrong, or they are very very good and will not be caught. (if some government is behind it... the won't get caught too)
For 7 BTC someone can order a non-stop DDoS attack for the whole month. (http://areyouaredo.cc/?p=uslugi)
Mtgox statement:
https://mtgox.com/pdf/20130424_ddos_statement_and_faq.pdf
https://mtgox.com/pdf/20130424_ddos_statement_and_faq.pdf
Quote
On the evening of April 21st, from 11:50 PM Tokyo time,
Mt. Gox was hit by a strong DDoS (Distributed Denial of Service) attack that caused the
site and trading engine to be unavailable for approximately four hours. The source of the
attack is under investigation, and we are working with appropriate authorities to identify
those responsible. However, the reality is that our primary goal is to stop the attacks and
stabilize the exchange.
Mt. Gox was hit by a strong DDoS (Distributed Denial of Service) attack that caused the
site and trading engine to be unavailable for approximately four hours. The source of the
attack is under investigation, and we are working with appropriate authorities to identify
those responsible. However, the reality is that our primary goal is to stop the attacks and
stabilize the exchange.
Quote
How we are being attacked:
What we are experiencing lately are “Layer 7” DDoS attacks. Unlike your average DDoS
(which overloads the servers with traffic to the site as a whole) these are much more
creative and harder to detect in that they target specific elements of the site and make it
difficult to distinguish malicious traffic from normal traffic. The attackers’ goal is to shut
down the exchange, either through the DDoS itself, or by forcing Mt. Gox to take measures
that have the same effect. Attached to this document (See FAQ below) are some details
from Prolexic regarding the recent attack.
What we are experiencing lately are “Layer 7” DDoS attacks. Unlike your average DDoS
(which overloads the servers with traffic to the site as a whole) these are much more
creative and harder to detect in that they target specific elements of the site and make it
difficult to distinguish malicious traffic from normal traffic. The attackers’ goal is to shut
down the exchange, either through the DDoS itself, or by forcing Mt. Gox to take measures
that have the same effect. Attached to this document (See FAQ below) are some details
from Prolexic regarding the recent attack.
If the BTC community can do this over 34 bitcoins...
https://bitcointalksearch.org/topic/m.1907593
... I wouldn't bet on the DDOSers getting away with it.
The probably easier task of tracking down the pastebin FUDers would also be a good start, and would send a clear message.
https://bitcointalksearch.org/topic/m.1907593
So how did I find this kid and get the coins? An amazing group of researchers put together valuable information, starting by contacting the file hosting site that hosted the trojan. They got the login and ip info and matched it to a user called PoutineCoutu across the net which has a few scam reports. We then found him highly active on hackforums.net where he was selling and GIVING AWAY bitcoins, which also matched all the activity to the bitcoin address where my coins went. He's so stupid he didn't even wash the coins and was selling them publicly. He even has multiple threads asking how to open ports on his firewall for his trojan C&C and that he is using a silent java drive-by script.
Reported to police (they are really no help, so much for paying their salary, seems they've gotten fbi reports about bitcoins and don't really like them, started asking if I pay taxes on them...), but at least I had a precedent to pursue. Tried contacting the thief, he blocked me and claimed I was blackmailing him all over the forums. This went on for a while. He was feeling the heat and dumped the coins to an offline exchange member, Xch4nge, which I tracked down immediately by tracking the coins on blockchain.info. Contacted him and what an amazing guy, helped me throughout the entire process and took alot of heat but basically a huge skid war erupted all across the forums, and he still held on to the coins for a week until finally the kid came to his senses realizing what he was doing is "bad" (and he might go to jail). He was arguing that it's okay he stole the coins from someone, but not okay someone "stole" the coins from him.
Finally he publicly agreed to allow the return of the coins. Throughout the entire process many people came to my help and provided me information about this person and one guy who goes to school with him even said that he's a $%@!. And the guy who sold him the Java script even apologized to me and said he's sorry that his script was responsible for my loss...
Reported to police (they are really no help, so much for paying their salary, seems they've gotten fbi reports about bitcoins and don't really like them, started asking if I pay taxes on them...), but at least I had a precedent to pursue. Tried contacting the thief, he blocked me and claimed I was blackmailing him all over the forums. This went on for a while. He was feeling the heat and dumped the coins to an offline exchange member, Xch4nge, which I tracked down immediately by tracking the coins on blockchain.info. Contacted him and what an amazing guy, helped me throughout the entire process and took alot of heat but basically a huge skid war erupted all across the forums, and he still held on to the coins for a week until finally the kid came to his senses realizing what he was doing is "bad" (and he might go to jail). He was arguing that it's okay he stole the coins from someone, but not okay someone "stole" the coins from him.
Finally he publicly agreed to allow the return of the coins. Throughout the entire process many people came to my help and provided me information about this person and one guy who goes to school with him even said that he's a $%@!. And the guy who sold him the Java script even apologized to me and said he's sorry that his script was responsible for my loss...
... I wouldn't bet on the DDOSers getting away with it.
The probably easier task of tracking down the pastebin FUDers would also be a good start, and would send a clear message.
A real attack wouldn't have leaked ... maybe they are probing to see the community response ... I wouldn't be surprised to see a real attack in the coming days/weeks.
If they were seriously planning on dumping the price and making "$300k" in profits afterwards they wouldn't be telling the world beforehand. This is troolin, esp the "one-million botnet" part
start a rumor that the guy doing the ddos did/said something extremely offensive to islam. then let al queda behead him.
I like this one. or Make a cartoon of Allah DDoSing the Koran and put the attackers name to it?
On a more serious ignorant note. Why is not possible to make a virus to disable botnets? Can viruses (virii?) not be made for good proposes only bad? This was kinda of discussed earlier in the thread but not exactly. I would have no idea how to do such a thing but why couldn't a virus be made to disinfect botnet infected machines? Frustrate the botnet ops like they frustrate those they attack.
Quote
===OPERATION SHOCK AND AWE
===Date: Monday 2013-04-22
===Start time of event: 15:30 UTC
===Goal: Bring bitcoin price < $30 US dollars
===Date: Monday 2013-04-22
===Start time of event: 15:30 UTC
===Goal: Bring bitcoin price < $30 US dollars
I do not think chicken shit they used to pull on likes of PPC and TRC from BTC-E trollbox is going to work on Bitcoin.
A few sockpuppets tried it on in the trollbox and everyone laughed in their faces. More people seem to believe it in bitcointalk. Go figure.
I'm assuming for now that this document is FUD, but Timothy R. Wilson (@BitInvestor) just tweeted this:
Anyone seen any bogus press about Gox under investigation by Japanese govt?
Quote
#Bitcoin DDoS plan possible tomorrow(as always). Do not fall into the trap and panic sell http://pastebin.com/QAPxhEbP @MtGox @BitStamp @MaxKeiser
Quote
===OPERATION SHOCK AND AWE
===Date: Monday 2013-04-22
===Start time of event: 15:30 UTC
===Goal: Bring bitcoin price < $30 US dollars
===Date: Monday 2013-04-22
===Start time of event: 15:30 UTC
===Goal: Bring bitcoin price < $30 US dollars
Anyone seen any bogus press about Gox under investigation by Japanese govt?
is supposedly still scheduled for today
I'm assuming for now that this document is FUD, but Timothy R. Wilson (@BitInvestor) just tweeted this:
Anyone seen any bogus press about Gox under investigation by Japanese govt?
Quote
#Bitcoin DDoS plan possible tomorrow(as always). Do not fall into the trap and panic sell http://pastebin.com/QAPxhEbP @MtGox @BitStamp @MaxKeiser
Quote
===OPERATION SHOCK AND AWE
===Date: Monday 2013-04-22
===Start time of event: 15:30 UTC
===Goal: Bring bitcoin price < $30 US dollars
===Date: Monday 2013-04-22
===Start time of event: 15:30 UTC
===Goal: Bring bitcoin price < $30 US dollars
Anyone seen any bogus press about Gox under investigation by Japanese govt?
Almost every major Bitcoin website has been under DDOS attack over the past few days. It’s becoming a real problem, not just for the exchanges. It is also opening up other vulnerabilities.
Installing defensive tech (like cloudflare) is not enough. Isn’t the Bitcoin community supposed to include some of the best hackers in the world? We should set up a bounty and take the fight to whatever botnets are trying to mess with Bitcoin.
Installing defensive tech (like cloudflare) is not enough. Isn’t the Bitcoin community supposed to include some of the best hackers in the world? We should set up a bounty and take the fight to whatever botnets are trying to mess with Bitcoin.
Nobody is messing with Bitcoin. Bitcoin is distributed, and so far it's doing fine.
DDoS's are targetting centralized weak-links in the Bitcoin economy, and putting into light how these centralized businesses ARE the real danger for the Bitcoin economy. We should be grateful greedy botnet operators are showing us what our achilles' heel is before this gets exploited mercilessly by our real ennemies. The only way to "fight back" is to make everything decentralized. As an individual, the best you can do is walk your talk and vote with your money by supporting innovative ideas that help decentralizing economic activity.
info on where they are getting DDOS'd from
Not sure you undertand what DDoS means...I would gladly counter DDOS those servers, or help in other ways.
Good luck fighting back a bee swarm... 
If the reward got big enough though the DDOSer might just fake details, predict the next DDOS, claim the bounty and then lay low for a while happy and smug...
This would be a pretty big issue.
The only way to fight ddos is to better develop infrastructure which mitigates it. Current technology isn't powerful enough.
Quote from: Nicholas Klein, trade unionist not Gandhi, 1914
First they ignore you. Then they ridicule you. And then they attack you and want to burn you. And then they build monuments to you.
Does that mean they are just about to build monuments to bitcoin?
Is this a real attack or just exponential traffic growth?
Related:
- http://news.netcraft.com/archives/2013/04/11/mt-gox-victim-of-own-success-as-bitcoins-fall-in-value.html
This is true. I've seen all bitcoin related service suffer the same fate in the last few days, including Rugatu, and I don't seem to understand what is the purpose of this sustained attack.
The purpose is to kill off Bitcoin as a currency and as a community.
What if the mafia or criminal enterprises are finaly looking on Bitcoin as a tool for their shady financial activities. They want some coins for testing so they DDOSed and manipulated the price down, so they can bought a lot of them for cheap.
Mafias, more than anything want liquidity and stability.
They won't enter the Bitcoin bandwagon until both are achieved.
They wouldn't spend money attacking something they don't believe.
Guys... guys... I have the solution.
Just reroute it all to Paypal.
Although funny that wouldn't be a solution.Just reroute it all to Paypal.
It would be as bad we being DDoSed and unfair.
Agreeing or not with their policies, we have no right to desire harm to them.
While on a general level you are correct, and I was joking.... On a personal level, I don't think devoting the life of myself and a crack team of genius engineers to design a temporal displacement device so I could go back in time and cock block the founder of Paypal's father as he was concieving would be at all unjustified..... Just saying.
Why not instead, use the Sonic Screwdriver™ and fix paypal on it's origins?
Believe me, eBay it's bigger on the inside!!!
99485 members on this forum and we can't even get a compelling answer to question 0: Is this a real attack or just exponential traffic growth?
(Personally and from what I've gathered from several webmasters this does look like an attack... but I want proof, not opinions).
(Personally and from what I've gathered from several webmasters this does look like an attack... but I want proof, not opinions).
Gox said 4 hours ago on their twitter feed that this was a DDOS. Or are you suspecting that Gox is lying about that? If so, the only people with access to this "proof" you want would be Gox, SoftLayer, Prolexic, or the person actually doing the attack.
Then I guess this is old information:
https://mtgox.com/press_release_20130411.html
Jump to: