|
| CafePress has published information about the
DDoS attack on its website. |
Experts at SophosLabsâ„¢, Sophos's global
network of virus, spyware and spam analysis centers, have reminded
companies of internet attacks after popular website CafePress.com
told its members that it is currently the victim of a distributed
denial-of-service (DDoS) assault.
CafePress.com is a website that allows internet users to set up
their own online store to easily sell customized merchandise such
as t-shirts, mugs and and coasters. CafePress.com handles the
website hosting, order fulfilment and payment processing on behalf
of the store owner.
DDoS attacks are used by internet hackers to disrupt websites,
flooding them with traffic from zombie computers and making them
inaccessible for the general public. Sophos experts speculate that
the hackers may have deliberately targeted CafePress.com in the
run-up to the holidays, as it is a prime shopping period.
"We have seen denial-of-service attacks against gambling
websites in the days before a big horserace, so it's sadly no
surprise to see an attack against a popular online store just
before Christmas," said Graham Cluley, senior
technology consultant for Sophos. "Everyone has a responsibility to
ensure that their PC is properly secured, and not under the remote
control of hackers who might abuse it for this kind of
assault."
In an emailed statement to its shopkeepers, CafePress confirmed
that they were the victims of a DDoS attack, and that they were
working with the authorities:
As you may have read on the CafePress Community Forum, we're
experiencing a targeted Distributed Denial of Service (DDoS)
attack, which is causing significant service interruptions. As of
right now some customers have access that appears normal, some have
intermittent access, and some have no access at all.
A DDoS attack is a computer crime and violates Internet
proper use policy as dictated by the Internet Architecture Board,
and we are now working with the proper authorities. For this reason
we are not able to share any additional details at this
time.
We do consider this an attack on CafePress, but we're most
disturbed at how this victimizes our community of
Shopkeepers.
In October, a Russian gang were jailed
for blackmailing gambling websites to the tune of $4 million by
threatening denial-of-service attacks.
Previously, in January 2004, software company SCO announced that
it was offering a $250,000
reward for information leading to the successful arrest and
conviction of the author of the W32/MyDoom-A worm, which
successfully blasted its website off the internet through a DDoS
attack.
"Denial-of-service attacks have become a standard element in the
hacker's arsenal. Whether they are hitting websites in order to
blackmail them, or because they have a grudge against the company,
hackers can inflict great harm to the online presence of a
business," continued Cluley. "CafePress.com have done the right
thing by keeping their users informed of the problem and working
closely with the authorities to investigate this crime."
Zombie computers - are your PCs under someone else's
control?
Zombie computers can be used by criminal hackers to launch
distributed denial-of-service attacks, spread spam messages or to
steal confidential information. SophosLabs estimates that more than
60 percent of all spam today originates from zombie computers. In
May 2005, the Sober-Q Trojan horse and Sober-N worm worked in tandem to infect
and hijack computers around the world, programming them to spew out
German nationalistic spam during an election.
As spammers become more aggressive, collaborating with virus
writers to create armies of zombie computers, legitimate
organizations with hijacked computers are being identified as a
source of spam. This not only harms the organization's reputation,
but can also cause the company's email to be blocked by others.
Sophos ZombieAlertâ„¢
advises service subscribers when any computer on their network is
found to have sent spam to Sophos's extensive global network of
spam traps, and provides rapid notification to customers if their
Internet Protocol (IP) addresses are listed in public Domain Name
Server Block Lists (DNSBL). This information helps customers
locate, disinfect, and protect these systems from future
attacks.
Sophos continues to recommend that computer users ensure their
anti-virus software is up-to-date, and that companies protect
themselves with a consolidated solution
which can defend them from the threats of spam, spyware and
viruses.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.