U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

DDoS attacks target the Philippine human rights alliance Karapatan

The Philippine human rights alliance Karapatan has suffered a massive and prolonged Distributed Denial of Service (DDoS) attack, Qurium organizations linked it to the local government. For the past three weeks, the Philippine human rights alliance Karapatan has suffered a heavy and sustained DDoS attack. The attack comes only a month after the waves of DDoS attacks targeting the alternative media […]

KARAPATAN DDOS ATTACK

The Philippine human rights alliance Karapatan has suffered a massive and prolonged Distributed Denial of Service (DDoS) attack, Qurium organizations linked it to the local government.

For the past three weeks, the Philippine human rights alliance Karapatan has suffered a heavy and sustained DDoS attack. The attack comes only a month after the waves of DDoS attacks targeting the alternative media outlets Bulatlat and Altermidya, which Qurium could link to infrastructure controlled by the Philippine government and army.

The DDoS attacks are taking place amid the online solidarity campaign #StopTheKillingsPH co-hosted by Karapatan, which marks one year since human rights organizations and advocates across the world asserted the call to stop the killings in the Philippines and to prosecute President Rodrigo Duterte for his crimes against the Filipino people. The event also marks one year since the killing of human rights worker Zara Alvarez, that was an active member of Karapatan.

KARAPATAN DDOS ATTACK
High level overview of traffic to Karapatan during the attack

Karapatan Secretary General Cristina Palabay states: “These new series of cowardly cyber attacks against our website were obviously made to prevent the public from accessing our reports on the worsening state of human rights in the Philippines — and we know whose interests these attacks serve.”

In the spirit of changing the landscape of commercial denial-of-service mitigation services where forensics knowledge is kept private, Qurium has decided to disclose how we fingerprinted and mitigated the DDoS attacks with the hope that other organizations can learn from our experience, and in solidarity with human rights organization and independent media that do not have the resources to mitigate and attribute targeted attacks.

Qurium’s forensics report reveals that the attack is proxied via 30,000 bots distributed in Russia, Ukraine, Indonesia and China. The attacker has modified the attack strategy a number of times during the past weeks, which illustrates his dedication to the task. However, Karapatan has not suffered any downtime during the heavy attacks and the website operates as normal.

Qurium’s forensics report compiles the technical findings about the infrastructure and techniques used to launch the attacks against Karapatan.

Qurium forensics report:
Human rights alliance ‘Karapatan’ under long lasting DDoS attack

About the author: Qurium Media Foundation is a Swedish non-profit digital security solutions provider, supporting independent media and human rights organizations in repressive regimes. Learn more at qurium.org or Twitter.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]