Experts warn of new Dirt Jumper botnet that crippled Krebs site

The baddies behind the Dirt Jumper malware have unleashed a new threat called Pandora and even cybersecurity experts like Brian Krebs aren’t immune to variations of the nasty botnet, a U.S. security firm is warning.

But the good news is that both of the distributed denial of service(DDoS) threats – Dirt Jumper andPandora – can be stopped or mitigatedby targeting weaknesses in the Dirt Jumper code, says ProlexicTechnologies Inc. And the company based in Hollywood, Fl. has releasedsome free tools to spot and deal with both Dirt Jumper and Pandora.

A form of the Dirt Jumper botnetcrippled the site of cybersecurity blogger Brian Krebs (above centre)for a few days in late July. 

DDoS attacks bring Web sites down by flooding them with uselesstraffic. Prolexic says Dirt Jumper, one of the most popular malwareattack tools used today, was authored by someone who uses thehandle‘sokol’ online. That individual sold various versions of DirtJumper privately, which were then leaked to the public. Right now thesource code to build the Dirt Jumper botnet can be bought online for$5,000, Prolexic says, with several authors using it to make spin-offvariations of the threat such as Max Flood, Pandora, HTTP Min, HTTPCombo and Socket Connect.

Cybersecurity blogger Krebs became the latest, and perhapsmostwell known, victim of the Max Flood variant of Dirt Jumper when his Website was felled by it for a few days starting on July 27. In a blog about the incident, Krebsdescribed how Prolexic helped him get his site up and running again byexposing a weakness in the Max Flood/Pandora/Dirt Jumper code. Prolexichas made the same Dirt Jumper scan and fix program available for freehere.

Krebs also warned in his blog that DDoS threats are escalating rapidly,pointing to Arbor Networks figures showing DDoS attacks are up by 82per cent since June 2011.  

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Story

How the CTO can Maintain Cloud Momentum Across the Enterprise

Embracing cloud is easy for some individuals. But embedding widespread cloud adoption at the enterprise level is...

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.

Featured Tech Jobs