Advertisement
Promo

Security threats Toolkit

Netsky attacks: Four sites down, one to go

Munir Kotadia ZDNet.co.uk

Published: 08 Apr 2004 14:35 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

File-sharing network eDonkey's main Web site has been knocked offline following an attack from Netsky, but Kazaa has survived -- so far

Earlier this week, file-sharing Web sites Kazaa and eDonkey and three other Web sites were bracing themselves for a distributed denial of service (DDoS) attack launched by variants of the Netsky worm. Netsky.Q, which first appeared on 29 March, is designed to attack certain Web sites that distribute either file-sharing clients or hacking and cracking tools. Kazaa and eDonkey are its best-known targets and the attack is scheduled to last for at least six days.

However, because the worm only attacks the main www.edonkey2000.com address, it is still accessible by visiting http://edonkey2000.com. Another target, www.emule-project.net, has also experienced severe disruption and in preparation has mirrored its site to www.emule-project.org. At the time of writing, both www.cracks.st and www.cracks.am were unavailable. Kazaa's Web site seems to be the only one of Netsky's targets to have survived the first day of the attack unscathed.

Mikko Hyppönen, director of antivirus research at F-Secure, said that even though the eDonkey and emule-project sites are online, because they are not accessible through their main Web address, most people will not be able to find them: "Most people that have bookmarked eDonkey and emule-project, or if they search for them on Google, will be directed to the "www" site, which fails. If you surf to a Web site and it fails, how many times do you try it again without the www?" he said.

Hyppönen said Netsky's authors seemed to have learnt a lesson from the mistakes made by the author of the Blaster worm, which last summer launched a massive DDoS attack on Microsoft's Windows Update Web site. However, unlike Netsky, Blaster attacked the lesser-used Web address: "Blaster was stupid -- it attacked the Web site that most people would not use. It only attacked http://windowsupdate.com, not www.windowsupdate.com. Netsky is attacking the address that most people would surf to," he said.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
73 out of 141 people found this useful


In association with Network Liberation Movement

Talkback

Post a comment


Full Talkback thread

1 comment

  1. Well it's pretty easy to discern the true authors... Bill Pumphrey Jr

Related Links

More In Security threats



Company/Topic Alerts

Create a new alert from the list below:









Related Jobs

Junior .NET Developer - Social Networking Site - East Grinstead

SEO Campaign Manager

Web Developer North Wales, near Chester

Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

DNA details of innocent will be kept f...

The government has announced that it plans to keep innocent people's DNA details for up to six years. In response to a consultation it launched last December, the government said... More

5 comments

Motorola Droid Drops Today: Happy Droi...

Motorola Droid Drops Today: Happy Droid Day America! Author: Eric Everson, Mobile Security Expert If you’re wondering what all of the buzz is about with words like Droid and Android... More

Post a comment

Mobile Security Profile: BlackBerry St...

Mobile Security Profile: BlackBerry Storm2 Author: Eric Everson BlackBerry handsets are a staple of office culture; from syncing calendars to sharing business-related data,... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters