The national Computer Emergency Response Team for Ukraine, CERT-UA, has warned of an ongoing distributed denial of service (DDoS) attack against.
The scripts are injected into the HTML structure of the site’s main files, and are encoded with base64 encryption to remain out of sight. Therefore, whenever someone visits the site, their extra computing power is used to create a large number of requests against target URLs.
Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/£10.99.
In effect, the website visitors are the bots flooding Ukrainian sites with too much traffic for the servers to handle, resulting in the denial of service.
The worst part is, apart from a barely noticeable performance issue on the visitor’s endpoint, the attack is almost impossible to spot.
Some of the websites targeted include:
Allegedly, these websites have “taken a strong stance in favor of Ukraine” in the ongoing war with Russia, which is why they were targeted.
"To detect similar to the mentioned abnormal activity in the log files of the web server, you should pay attention to the events with the response code 404 and, if they are abnormal, correlate them with the values of the HTTP header 'Referer', which will contain the address of the web resource initiated a request," CERT-UA said.
At press time, there were 36 websites confirmed to be carrying the malicious code.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.