When someone visits one of these sites, their browser is forced to execute the code. The objective of the campaign is to overload the websites with fake traffic and take them offline.
We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time. Thank you for taking part.
The people whose endpoints are being used for this attack almost certainly don’t know they are part of an attack. Besides slowing down their browsing a little, there’s no indication of the browser essentially being hijacked.
Bleeping Computer further explains that every request to the websites utilizes a random query string, so that the request doesn’t get served through Cloudflare or a similar CDN. Instead, it’s directly received by the target server.
Ukrainian websites aren’t the only victims of the attack, though. BleepingComputer found that the same script is being used to mount attacks against roughly 70 Russian websites too. The difference is that, in this case, the individuals are aware they are partaking in a DDoS campaign.
The war between Russia and Ukraine has spilled from the physical realm into cyberspace. Earlier this week, one of Ukraine’s Internet Service Providers (ISP), Ukrtelecom, reported suffering a “major” cyberattack, which brought internet connectivity in the country down to almost a tenth of its pre-war levels.
The ISP later announced that the attack had been thwarted, but connectivity for civilians is likely to remain patchy, as the ISP wants to ensure that the government and military have stable access, before restoring it for the rest of the citizens.
- Protect yourself from one of the most common cyberthreats around with the best ransomware protection services
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.