#DDoSattack

CyberMaterial

@cybermaterial.bsky.social

1 day ago

Viking Line Hit By Cyberattack Crisis
Read More: buff.ly/dJPpupj

#VikingLine #DDoSAttack #ShippingCyber #MaritimeSecurity #ServiceOutage #EuropeanCyber #IncidentResponse #Infosec

Cybersecurity News Everyday

@hendryadrian.bsky.social

4 days ago

NoName057(16) DDoS Downs Bezeq, Mekorot, Kavim, E.M.I.T. Aviation The NoName057(16) group claims it launched coordinated DDoS attacks that took down several Israeli infrastructure and corporate targets, including telecom, water, transit, and UAV providers. The attacks, reported as part of the OpIsrael campaign, allegedly overwhelmed network resources and caused outages, authorization failures, and connection timeouts. #NoName05716 #OpIsrael...

NoName057(16) claims a coordinated DDoS attack targeting Israeli infrastructure including Bezeq, Mekorot, Kavim, and E.M.I.T. Aviation as part of the OpIsrael operation, causing outages and connection issues. #OpIsrael #Israel #DDoSAttack

Cybersecurity News Everyday

@hendryadrian.bsky.social

5 days ago

NoName057(16) DDoS Attacks Cyprus Gov, EAC, and Limassol Airport The NoName057(16) hacktivist group claims responsibility for a series of distributed denial-of-service attacks targeting multiple government, utility, and transportation entities in Cyprus, announcing the campaign on their Telegram channel. Reported victims include the Office of the Republic of Cyprus portal, Limassol Airport Express, Live Buses OSYPA, and the Cyprus Electricity Authority,...

NoName057(16) claims a series of DDoS attacks targeting Cyprus government sites, Limassol Airport, public transit, and the Electricity Authority, causing service disruptions across key public sectors. #NoName05716 #Cyprus #DDoSAttack

CyberTaters

@potato.software

1 week ago

149 Mashtivist DDoS Claims Recorded Across 16 Countries Following Middle East Escalation #PotatoCrime #DDOSAttack #Mashers

CySecurity News

@cysecuritynews.bsky.social

1 week ago

149 Hacktivist DDoS Claims Recorded Across 16 Countries Following Middle East Escalation A sharp rise in politically motivated cyber activity has emerged in the aftermath of the coordinated U.S.–Israel military operations against Iran, referred to as Epic Fury and Roaring Lion. Security analysts say online retaliation unfolded almost immediately, with hacktivist groups launching large-scale distributed denial-of-service, or DDoS, campaigns against institutions across multiple regions. According to a report published by Radware, 149 separate DDoS attack claims were documented between February 28 and March 2, 2026. These incidents targeted 110 distinct organizations spanning 16 countries. Twelve different groups participated in the activity. Three of them, Keymous+, DieNet, and NoName057(16), were responsible for 74.6 percent of the total claims. Radware further noted that Keymous+ and DieNet alone accounted for nearly 70 percent of activity during that period. The earliest attack in this wave was attributed to Hider Nex, also known as the Tunisian Maskers Cyber Force, on February 28. Information shared by Orange Cyberdefense describes Hider Nex as a Tunisian hacktivist collective aligned with pro-Palestinian causes. The group reportedly employs a dual strategy that combines service disruption with data theft and public leaks to amplify political messaging. Researchers trace its emergence to mid-2025. Geographically, 107 of the 149 DDoS claims were directed at organizations in the Middle East, where government bodies and public infrastructure entities were disproportionately affected. Europe accounted for 22.8 percent of the global targeting during the same timeframe. By sector, government institutions represented 47.8 percent of all affected entities worldwide. Financial services followed at 11.9 percent, while telecommunications organizations accounted for 6.7 percent. Within the Middle East, three countries experienced the highest concentration of reported activity. Kuwait accounted for 28 percent of regional attack claims, Israel represented 27.1 percent, and Jordan comprised 21.5 percent, according to Radware’s analysis. Threat intelligence from Flashpoint, Palo Alto Networks Unit 42, and Radware identified additional groups engaged in disruptive campaigns, including Nation of Saviors, Conquerors Electronic Army, Sylhet Gang, 313 Team, Handala Hack, APT Iran, Cyber Islamic Resistance, Dark Storm Team, FAD Team, Evil Markhors, and PalachPro. The cyber activity extended beyond DDoS operations. Pro-Russian hacktivist collectives Cardinal and Russian Legion publicly claimed breaches of Israeli military networks, including the Iron Dome missile defense system. These assertions have not been independently verified. Separate threat reporting identified an active SMS-based phishing operation distributing a counterfeit version of Israel’s Home Front Command RedAlert mobile application. Victims were reportedly persuaded to install a malicious Android package disguised as a wartime update. Once installed, the application displayed a functional alert interface while covertly deploying surveillance and data-exfiltration capabilities. Flashpoint also reported that Iran’s Islamic Revolutionary Guard Corps targeted energy and digital infrastructure sectors in the Middle East, including Saudi Aramco and an Amazon Web Services data center in the United Arab Emirates. Analysts assessed that the intent was to impose broader economic pressure in response to military losses. Researchers at Check Point observed that Cotton Sandstorm, also known as Haywire Kitten, revived a previous online identity called Altoufan Team and claimed responsibility for website compromises in Bahrain. The firm described the activity as reactive and warned of the likelihood of further involvement across the region. Data from Nozomi Networks shows that the Iranian state-linked group UNC1549, also tracked as GalaxyGato, Nimbus Manticore, and Subtle Snail, ranked as the fourth most active threat actor in the second half of 2025. Its campaigns focused on defense, aerospace, telecommunications, and government entities in support of national strategic objectives. Economic signals have also reflected the instability. Major Iranian cryptocurrency exchanges remain operational but have introduced adjustments such as batching or temporarily suspending withdrawals and issuing advisories about potential connectivity disruptions. Ari Redbord, Global Head of Policy at TRM Labs, stated that the situation does not yet indicate large-scale capital flight, but rather market volatility managed under connectivity constraints and regulatory intervention. He noted that Iran has long relied in part on cryptocurrency infrastructure to circumvent sanctions, and current conditions represent a real-time stress test of that system. Despite heightened online activity, Sophos reported observing an increase in hacktivist operations without a corresponding escalation in confirmed impact. The firm cited DDoS attacks, website defacements, and unverified compromise claims attributed largely to pro-Iran personas, including Handala Hack and APT Iran. The National Cyber Security Centre has warned organizations of elevated Iranian cyber risk and advised strengthening defenses against DDoS campaigns, phishing activity, and threats targeting industrial control systems. Cynthia Kaiser of Halcyon, formerly Deputy Assistant Director of the Federal Bureau of Investigation’s Cyber Division, stated that Iran has historically used cyber operations to retaliate against perceived political provocations and has increasingly incorporated ransomware into its playbook. She added that Tehran’s tolerance of private cybercriminal actors provides strategic options when responding to geopolitical events. SentinelOne assessed with high confidence that organizations in Israel, the United States, and allied nations are likely to face direct or indirect targeting, particularly across government, critical infrastructure, defense, financial services, academic, and media sectors. Nozomi Networks further emphasized that Iranian threat actors have a history of blending espionage, disruption, and psychological operations to achieve strategic objectives. During periods of instability, such campaigns often intensify and extend beyond immediate conflict zones. To mitigate risk amid the ongoing conflict, security experts recommend continuous monitoring aligned with elevated threat conditions, updating threat intelligence signatures, minimizing external exposure, conducting comprehensive reviews of connected assets, enforcing strict segmentation between information technology and operational technology networks, and isolating Internet-of-Things devices. Adam Meyers, head of Counter Adversary Operations at CrowdStrike, noted that Iranian cyber actors have historically synchronized digital campaigns with broader strategic goals. He added that these adversaries have evolved beyond traditional network intrusions, expanding into cloud and identity-focused operations capable of operating rapidly across hybrid enterprise environments with greater scale and impact. As tensions persist, analysts caution that cyberspace is likely to remain an active parallel arena of confrontation, requiring sustained vigilance from organizations across affected and allied regions.

149 Hacktivist DDoS Claims Recorded Across 16 Countries Following Middle East Escalation #CyberCrime #DDOSAttack #Hackers

CyberMaterial

@cybermaterial.bsky.social

1 week ago

149 Hacktivist DDoS Attacks Worldwide
Read More: buff.ly/pulPSB9
#Hacktivism #DDoSAttack #GeopoliticalCyber #DigitalRetaliation #CyberOperations #GlobalCyber #ThreatLandscape #Infosec

CyberMaterial

@cybermaterial.bsky.social

2 weeks ago

Deutsche Bahn Hit By DDoS Attack
Read More: buff.ly/65D0m6H

#DeutscheBahn #DDoSAttack #TransportCyber #CriticalInfrastructure #ServiceOutage #GermanyCyber #CyberIncident #InfosecAlert

Pure Tech

@puretech.news

3 weeks ago

Wikipedia blacklists Archive.today after alleged DDoS attack | TechCrunch Wikipedia editors have decided to remove all links to Archive.today, a web archiving service that they said has been linked to more than 695,000 times across the online encyclopedia.

Wikipedia blacklists Archive.today after alleged DDoS attack #Technology #Internet #Wikipedia #DDoSattack #ArchiveToday

techcrunch.com/2026/02/21/wikipedia-bla...

CyberMaterial

@cybermaterial.bsky.social

1 month ago

Arc Raiders And The Finals Hit By DDoS
Read More: buff.ly/IdqdsJY

#DDoSAttack #GameSecurity #OnlineGaming #ArcRaiders #TheFinals #ServiceDisruption #CyberAttack #LiveServiceGames

CyberTaters

@potato.software

1 month ago

Kimwolf Botnet Hijacks 1.8M Android Devices for DDoS Chaos #Botnet #PotatoAttacks #DDOSAttack

CySecurity News

@cysecuritynews.bsky.social

1 month ago

Kimwolf Botnet Hijacks 1.8M Android Devices for DDoS Chaos  The Kimwolf botnet is one of the largest recently found Android-based threats, contaminating over 1.8 million devices mostly Android TV boxes and IoT devices globally. Named after its reliance on the wolfSSL library, this malware appeared in late October 2025 when XLab researchers noticed a suspicious C2 domain rising to the top, surpassing Google on Cloudflare charts. Operators evolved the botnet from the Aisuru family, enhancing evasion tactics to build a massive proxy and DDoS army.  Kimwolf propagates through residential proxy services, taking advantage of misconfigured services like PYPROXY to access on home networks and attack devices with open Android Debug Bridge (ADB) ports. Once executed, it drops payloads such as the ByteConnect SDK via pre-packaged malicious apps or direct downloads, which converts victims into proxy nodes that can be rented on underground markets. The malware has 13 DDoS techniques under UDP, TCP, and ICMP while 96.5% of commands are related to traffic proxying for ad fraud, scraping, and account takeovers. Capabilities extend to reverse shells for remote control, file management, and lateral movement within networks by altering DNS settings. To dodge takedowns, it employs DNS over TLS (DoT), elliptic curve signatures for C2 authentication, and EtherHiding via Ethereum Name Service (ENS) blockchain domains. Between November 19-22, 2025, it issued 1.7 billion DDoS commands; researchers estimate its peak capacity at 30 Tbps, fueling attacks on U.S., Chinese, and European targets. Infections span 222 countries, led by Brazil (14.63%), India (12.71%), and the U.S. (9.58%), hitting uncertified TV boxes that lack updates and Google protections. Black Lotus Labs null-routed over 550 C2 nodes since October 2025, slashing active bots from peaks of 1.83 million to 200,000, while linking it to proxy sales on Discord by Resi Rack affiliates. Operators retaliated with taunting DDoS floods referencing journalist Brian Krebs.  Security teams urge focusing on smart TV vulnerabilities like firmware flaws and weak passwords, pushing for intelligence sharing to dismantle such botnets.Users should disable ADB, update firmware, avoid sideloading, and monitor networks for anomalies. As consumer IoT grows, Kimwolf underscores the risks of turning homes into cyber weapons, demanding vendor accountability and robust defenses.

Kimwolf Botnet Hijacks 1.8M Android Devices for DDoS Chaos #Botnet #CyberAttacks #DDOSAttack

CyberMaterial

@cybermaterial.bsky.social

1 month ago

ICE Agents Data Leak Site Taken Offline
Read More: buff.ly/sw69363

#DDoSAttack #Hacktivism #DataLeak #OpSec #CyberConflict #InformationSecurity #OnlineSafety #ThreatActors #IncidentResponse #CyberNews

Hyuugagirl21

@hyuugagirl21.bsky.social

2 months ago

MROW!! HISS!! 😾

#ffxiv #content #ff14 #catgirl #ddosattack

CyberTaters

@potato.software

2 months ago

Belgian government institutions including federal and provincial websites, and key energy entities were reportedly targeted with large-scale DDoS attacks by a pro-Russian masher group ahead of a major EU summit.

#PotatoSecurity #DDoSAttack #GovernmentSecurity #InfosecK2K

InfosecK2K

@infoseck2k.bsky.social

2 months ago

Belgian government institutions including federal and provincial websites, and key energy entities were reportedly targeted with large-scale DDoS attacks by a pro-Russian hacker group ahead of a major EU summit.

#CyberSecurity #DDoSAttack #GovernmentSecurity #InfosecK2K

InfosecK2K

@infoseck2k.bsky.social

2 months ago

Europe’s Cybersecurity 2025: From the Polish Space Agency breach to airport ransomware and La Poste DDoS attacks this year exposed rising risks to critical infrastructure across Europe.

#CyberSecurity #EuropeCyber #CriticalInfrastructure #Ransomware #DDoSAttack #InfosecK2K

Pure Tech

@puretech.news

2 months ago

DDoS attack knocks France’s postal service La Poste offline during holiday peak France’s national postal service,  La Poste and its banking arm, La Banque Postale, were knocked offline on Monday in a distributed denial-of-service attack that disrupted services at the height of...

DDoS attack knocks France’s postal service La Poste offline during holiday peak #Technology #Cybersecurity #DDoSAttack #LaPoste #CyberSecurity

CyberMaterial

@cybermaterial.bsky.social

2 months ago

Kimwolf Botnet Hits Millions
Read More: buff.ly/3gsNl6M

#KimwolfBotnet #AndroidBotnet #DDoSAttack #IoTSecurity #SmartTVMalware #BotnetActivity #ThreatResearch

Naoya

@naoyacreates.bsky.social

2 months ago

Solana Defies 6 Tbps DDoS Attack: Network Resilience | Blockchainbulltein News Solana survived a 6 Tbps DDoS attack with zero downtime. Learn why this resilience is a game-changer for investors.

Blockchainbulletin News!
Solana survived a historic 6 Tbps DDoS attack with zero downtime. This silent resilience reveals its true network maturity.#Solana #DDoSAttack #BlockchainTech

Click here↓↓↓
blockchainbulletin.net/solana-ddos-...

Security Land

@security.land

2 months ago

Censys Reveals Rapid Server Rotation Behind NoName057(16) Attacks Censys research reveals DDoSia control servers last avg 2.5 days, with 6 active at any time. Analysis of pro-Russian DDoS infrastructure.

New infrastructure analysis from Censys reveals how the pro-Russian hacktivist group NoName057(16) maintains DDoSia operations through rapid server rotation.

#SecurityLand #ThreatHorizon #Research #Censys #DDoSia #DDoS #DDoSAttack #NoName057

Read More: www.security.land/ddosia-infra...

ReconBee

@reconbee.bsky.social

3 months ago

Microsoft Mitigates Record 15.72 Tbps DDoS Attack Driven by AISURU Botnet provider enforcement and traceback were made easier read more about Microsoft Mitigates Record 15.72 Tbps DDoS Attack Driven by AISURU Botnet

Microsoft Mitigates Record 15.72 Tbps DDoS Attack Driven by AISURU Botnet reconbee.com/microsoft-mi...

#microsoft #DDoSattack #AISURU #botnet #CybersecurityNews #CyberAttack

Reliable Embedded Systems – Robert Berger e.U.

@reliableembsys.bsky.social

5 months ago

Cloudflare Blocks Record-Breaking 11.5 Tbps DDoS Attack Cloudflare mitigated a record 11.5 Tbps DDoS attack in 35 seconds, highlighting rising hyper-volumetric threats.

🚨⚡️ Major cybersecurity alert! A web security firm fended off DDoS attacks peaking at 11.5 Tbps from Google Cloud! Secure your systems! thehackernews.com/2025/09/cloudflare-block... #CyberSecurity #DDoSAttack #RapperBot 💻🔒

FreelanceBar.me

@freelancebarme.bsky.social

5 months ago

Cloudflare mitigates new record DDoS attack, peaking at 22.2Tbps and lasting less than a minute The 40-second, 22.2Tbps, attack was fast and furious

Cloudflare faces massive 22.2Tbps DDoS attack hitting 10.6Bpps in just 40 seconds. #CyberSecurity #DDoSAttack www.techradar.com/pro/security/cloudflare-...

CySecurity News

@cysecuritynews.bsky.social

5 months ago

World’s Largest 22.2Tbps DDoS Attack and Rogue SIM Network Busted by US Secret Service   Earlier this month, reports highlighted a massive 11.5Tbps DDoS attack — the largest on record at the time. However, that figure was quickly overshadowed this week when a new distributed denial-of-service strike reached an unprecedented 22.2Tbps, transmitting 10.6 billion packets per second. The assault, although lasting just 40 seconds, showcased the immense scale and power of today’s botnets.  Experts warn that as these malicious networks expand, future DDoS attacks will likely grow even more destructive, targeting vulnerable companies and platforms worldwide. In another alarming case, the US Secret Service dismantled a rogue cellular network made up of more than 100,000 SIM cards. The network, which was spread across several physical sites, was strategically positioned ahead of the UN General Assembly in New York City.  Investigators revealed the operation aimed to carry out attacks against diplomats and officials, including DDoS campaigns, deepfaked calls, and even “swatting” attempts — where false bomb or violence threats are reported to law enforcement to provoke an armed response. Doxxing, exposing private personal details, was also among the threats. These incidents serve as stark reminders of how critical it is to safeguard personal data. Yet, protecting your information is increasingly challenging in a digital economy where data brokers profit from collecting and selling detailed profiles.  Even everyday apps, from Duolingo to Candy Crush, harvest user data. On the positive side, individuals can take action by requesting data deletion directly from brokers or by using specialized personal data removal services.

World’s Largest 22.2Tbps DDoS Attack and Rogue SIM Network Busted by US Secret Service #222Tbpscyberattack #CyberAttacks #DDOSAttack

CyberTaters

@potato.software

5 months ago

FastNetMon Mitigates 1.5 Billion PPS DDoS Attack Leveraging IoP Devices and MikroTik Routers #ClownFlare #PotatoAttacks #DDOSAttack

CySecurity News

@cysecuritynews.bsky.social

5 months ago

FastNetMon Mitigates 1.5 Billion PPS DDoS Attack Leveraging IoT Devices and MikroTik Routers   A massive distributed denial-of-service (DDoS) attack has been detected and mitigated by FastNetMon, targeting a DDoS protection vendor in Western Europe. According to the company, the attack surged to an astonishing 1.5 billion packets per second (pps), ranking among the largest packet-rate floods ever recorded. FastNetMon revealed that the malicious traffic primarily consisted of UDP floods generated from hijacked customer-premises equipment (CPE), including IoT devices and MikroTik routers. The attack leveraged resources from over 11,000 networks worldwide. While the victim company wasn’t disclosed, FastNetMon confirmed it was a DDoS scrubbing provider, a service that filters malicious traffic during such cyberattacks. “This event is part of a dangerous trend,” said Pavel Odintsov, founder of FastNetMon. “When tens of thousands of CPE devices can be hijacked and used in coordinated packet floods of this magnitude, the risks for network operators grow exponentially. The industry must act to implement detection logic at the ISP level to stop outgoing attacks before they scale.” The incident was identified and mitigated in real time, with FastNetMon’s automated systems flagging the abnormal traffic within seconds. Defense measures included scrubbing technologies at the customer’s facility and deploying access control lists (ACLs) on routers vulnerable to amplification abuse. FastNetMon highlighted that its platform, powered by optimized C++ algorithms, is specifically built to handle traffic events at such a scale. Thanks to these defenses, the targeted provider reportedly suffered no visible downtime or service disruption. The news comes shortly after Cloudflare reported a record-breaking volumetric attack reaching 11.5 Tbps and 5.1 billion pps, underscoring the growing severity of both packet-rate floods and bandwidth-driven DDoS attacks. “Taken together, the two incidents underline a rise in both packet-rate and bandwidth-driven floods, a trend that is pressuring the capacity of mitigation platforms worldwide,” FastNetMon said. “What makes this case remarkable is the sheer number of distributed sources and the abuse of everyday networking devices. Without proactive ISP-level filtering, compromised consumer hardware can be weaponized at a massive scale,” the company added.

FastNetMon Mitigates 1.5 Billion PPS DDoS Attack Leveraging IoT Devices and MikroTik Routers #CloudFlare #CyberAttacks #DDOSAttack

Helga

@helgana.bsky.social

5 months ago

#ddos #cybersecurity #hacking #ddosattack #botnet #hacker #linux #hackers #coding #botnets #python #security #cyberattack #vpn #javascript #ddosattacks #java #programming #computerscience #hacks #cybercrime #ddospanel #tech #botnetsetup #malware #pythonprogramming #firewall

CySecurity News

@cysecuritynews.bsky.social

6 months ago

DDoS Attacks Emerge as Geopolitical Weapons in 2025  The first half of 2025 witnessed more than 8 million distributed denial-of-service (DDoS) attacks worldwide, according to new figures from Netscout. The EMEA region absorbed over 3.2 million incidents, with peak strikes hitting 3.12 Tbps in speed and 1.5 Gpps in volume. Once used mainly to cause digital disruption, DDoS has now evolved into a strategic instrument of geopolitical influence.  Adversaries are increasingly timing attacks to coincide with politically sensitive moments, striking at critical infrastructure when disruption carries maximum impact. The surge highlights how cheap and accessible DDoS-for-hire services have lowered the bar for attackers, enabling even novices to launch campaigns using AI-driven automation, multi-vector strikes, and carpet-bombing techniques.  Botnets and Hacktivist Tactics In March 2025 alone, attackers executed over 27,000 botnet-powered DDoS campaigns, often exploiting existing IoT vulnerabilities rather than new flaws. That month averaged 880 bot-driven incidents daily, peaking at 1,600. The assaults lasted longer too, averaging 18 minutes 24 seconds as adversaries combined multiple attack vectors to evade defenses.  Among hacktivist actors, NoName057 remained dominant, launching TCP ACK floods, SYN floods, and HTTP/2 POST attacks against governments in Spain, Taiwan, and Ukraine. A newer group, DieNet, carried out more than 60 strikes against targets ranging from U.S. transit systems to Iraqi government sites, expanding its scope to energy, healthcare, and e-commerce.  “As hacktivist groups leverage automation and AI-driven tools, traditional defenses are being outpaced,” warned Richard Hummel, Director of Threat Intelligence at Netscout.  He emphasised that the rise of LLM-enabled malware tools like WormGPT and FraudGPT is deepening the risk landscape. While the takedown of NoName057(16) slowed activity temporarily, Hummel cautioned that resilience, intelligence-led strategies, and next-generation DDoS defenses are essential to stay ahead of evolving threats.

DDoS Attacks Emerge as Geopolitical Weapons in 2025 #CyberAttacks #CyberNews #DDOSAttack