Web users are being unwittingly recruited for distributed denial of service (DDoS (opens in new tab)) attacks against multiple websites belonging to the Ukrainian government and local non-profits.
When someone visits one of these sites, their browser is forced to execute the code. The objective of the campaign is to overload the websites with fake traffic and take them offline.
We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time. Thank you for taking part.
>> Click here to start the survey in a new window (opens in new tab) <<
The people whose endpoints are being used for this attack almost certainly don’t know they are part of an attack. Besides slowing down their browsing a little, there’s no indication of the browser essentially being hijacked.
Bleeping Computer further explains that every request to the websites utilizes a random query string, so that the request doesn’t get served through Cloudflare or a similar CDN. Instead, it’s directly received by the target server.
Ukrainian websites aren’t the only victims of the attack, though. BleepingComputer found that the same script is being used to mount attacks against roughly 70 Russian websites too. The difference is that, in this case, the individuals are aware they are partaking in a DDoS campaign.
> Ukrainian ISP suffers 'massive cyberattack' (opens in new tab)
> Russia-Ukraine war pushes OneWeb into the arms of rival SpaceX (opens in new tab)
> Qualcomm stops selling chips to Russian firms (opens in new tab)
The war between Russia and Ukraine has spilled from the physical realm into cyberspace. Earlier this week, one of Ukraine’s Internet Service Providers (ISP), Ukrtelecom, reported suffering a “major” cyberattack, which brought internet connectivity in the country down to almost a tenth of its pre-war levels.
The ISP later announced that the attack had been thwarted, but connectivity for civilians is likely to remain patchy, as the ISP wants to ensure that the government and military have stable access, before restoring it for the rest of the citizens.
- Protect yourself from one of the most common cyberthreats around with the best ransomware protection services
Via BleepingComputer (opens in new tab)