Today we’re going to learn what a DDoS attack is and how malicious actors can use them for their benefit.
First things first, DDoS stands for: distributed denial-of-service
This denial of service is referring to users not being able to use the services being offered by a website, or even to access that website at all.
What happens is, the hackers overwhelm things like servers and bandwidth with fake users, or requests or transactions to the point where the website can no longer handle the traffic and it crashes. This effectively prevents any genuine user from being able to access the website.
DDoS attacks can come in different forms:
- TCP connection attacks
- Volumetric Attacks
- Fragmentation Attacks
- Application Attacks
- DNS Reflection
- Chargen Reflection
If you’re interested in digging deeper into these different types of DDoS attacks I’ll include links down below to send you on your way down that rabbit hole.
You may be wondering, ok but how does flooding a server interest a hacker that’s after cryptocurrencies?
Well my friend, a lot of times hackers use DDoS attacks as a distraction or cloaking mechanism which ultimately lets them perform the real security breach which results in the acquisition of the cryptocurrencies they are after.
We see this a lot when big time centralized exchanges get hacked. It turns into a terrible situation for those using the exchange because suddenly they are unable to access their account and when it finally gets cleared up their met with an empty wallet and a sinking feeling in their stomach.
There’s a reason why we’ve seen so many popular exchanges getting hacked.
It’s because they are popular, meaning many people are using them, meaning many people are also storing their cryptocurrencies on them. This is the perfect honey pot for a hacker to target. Although now we are finally seeing most exchanges using cold storage for a majority of the coins that they store, they also need to provide liquidity for the users of that exchange, this means some coins will need to stay in a “hot” wallet for quick turnover.
Bottom line is this, if you store your coins on a centralized exchange; if you have never come across a thing called a private key or seed phrase, you are relying on that exchange to store your coins for you.
You are playing Russian roulette with your investments.
There is an easy fix for this and I’ll be making another video on it in the very near future, but this is me urging you to begin exploring other options for storing your cryptocurrencies.
Here’s a little fun fact, you can venture over to the dark web and purchase DDoS attacks. The average price is actually frighteningly cheap, it’ll run you about $150 for a week long attack, but that’s assuming the target doesn’t do anything to counter your attack. You can also sell them if you find yourself in the possession of something called a botnet.
Now here’s where we’re seeing the trend of hacks going: Botnets.
These are like armies of zombie computers succumbing to the will of the hacker who controls them. It’s pretty ingenious and altogether creepy as hell. What happens is a hacker will gain access to your computer or device thanks to a malicious email or link which you open or click on that ultimately ends up downloading some kind of malware or virus onto your device. This is what allows the hacker to control your computer and the contents it holds. They’ll then use your computer to be a part of its botnet which can include millions of other computers as well. The hacker can use this botnet for DDoS attacks, or for other phishing attempts and scams as well.
You can see the use of “bots” everywhere now, even in social media (even here on Steemit).
There’s a reason why people can buy likes and followers and views. They’re paying for a botnet to show their account some attention.
We’re also seeing it with certain crypto projects as they use them to spread promotions of their coin. I’ve actually been bombarded by Neblio bots commenting on a lot of my videos recently. All of that is pretty innocent albeit dishonest, but what we need to be aware of is that hackers can use these for their benefit and your detriment.
When they begin working AI into these botnets and malware, it’s going to become increasingly more difficult to decipher between what’s genuine and what’s a scam.