<img alt="" src="https://lh6.googleusercontent.com/l--wjKsSMUVFpP4_9raUZAgKO_iRyav6eW4w05fuXUvEQLKdmik8BW1N2GE6CAS4zPJwufiPdonDr88BKzT0LyteMuVNTAnM9SEa2Yx8LOC3bA7br0jkHKuwISz5To6qVGDFnE60=s0" />

The Uptycs threat research group warns of a new botnet called The Simps. Its creation is credited to the criminal group Keksec, which specializes in DDoS attacks.

The Uptycs threat research group warns of a new botnet called The Simps created by the criminal group Keksec specializing in DDoS attacks.

The Simps: a New Botnet, 2021 | StormWall

20 july 2021

<h1>Keksec Cybergang Debuts Simps Botnet for Gaming DDoS</h1>

The Uptycs threat research group warns of a new botnet called The Simps. Its creation is credited to the criminal group Keksec, which specializes in DDoS attacks. According to the researchers, the Gafgyt botnet has become a kind of &quot;base&quot; for the deployment of the Simps malicious code.

The first infections began in April. Gafgyt (also known as Bashlite) is a Linux-based botnet first discovered in 2014. It targets vulnerable IoT devices such as Huawei routers, Realtek routers and ASUS devices, which it then uses to launch large-scale DDoS attacks. The malware has recently added new functionality for using exploits to hack devices.

Thanks to links to chat on Discord and Telegram, experts attribute the creation of the Simps to the Keksec group (also known as Kek Security), which is a vast group of threats known for exploiting vulnerabilities to invade multiple architectures using polymorphic tools (running on different platforms and operating systems).

<img alt="" src="https://lh6.googleusercontent.com/l--wjKsSMUVFpP4_9raUZAgKO_iRyav6eW4w05fuXUvEQLKdmik8BW1N2GE6CAS4zPJwufiPdonDr88BKzT0LyteMuVNTAnM9SEa2Yx8LOC3bA7br0jkHKuwISz5To6qVGDFnE60=s0" />

In this regard, corporate users and network administrators are advised to:

<ul>
	<li>Regularly monitor suspicious processes, events and network traffic that occur when executing any unreliable or suspicious scripts;</li>
	<li>Be wary of external scripts;</li>
	<li>Update systems and firmware of all network devices to the latest releases and versions.</li>
</ul>

Keksec Cybergang Debuts Simps Botnet for Gaming DDoS

<img alt="" src="https://lh6.googleusercontent.com/ZSbc3yU5M4HeJ9V5vpezHFetdARU_2X2H90_MdqCtObe1JuAbvjJ-DBJYagY6tKLvFw5owFIoBrFtuYm6IcBDoKaprvLj-HS70tK9Criul4KQYp0XvDlCFJ0epjn9hd0uiQkkW6V=s0" />

The ongoing digital transformation of various businesses has not only significantly increased the load on networks and data centers, but also increased the interest of attackers in DDoS attacks at the network level. Modern DDoS attacks are already approaching 1 Tbit/s in scale.

History of DDoS attacks dates back to the 1990s. The first attack involved only 114 computers, while now huge networks of botnets are used.

Evolution of DDoS Attacks | StormWall

16 july 2021

<h1>Evolution of DDoS Attacks</h1>

The ongoing digital transformation of various businesses has not only significantly increased the load on networks and data centers, but also increased the interest of attackers in DDoS attacks at the network level. Modern DDoS attacks are already approaching 1 Tbit/s in scale.

But the history of DDoS attacks dates back to the 1990s. In 1996 when the Internet was just becoming widespread, a set of public tools with the source code for carrying out DDoS attacks was published on one of the forums.

That source code started the events that happened on July 22, 1999. On that day, the server of the University of Minnesota was suddenly attacked by a network of 114 computers infected with the malicious Trin00 script. The code forced infected computers to send data packets to the university in huge volumes (by those standards), which overloaded it. This was the first ever DDoS attack. But the practice spread quickly. Within a few months, Yahoo, Amazon and CNN, which were already quite popular, became its victims. An interesting fact is that one of these attacks was carried out by a 15-year-old Canadian. After the aforementioned events, blackhole / sinkhole methods were no longer able to neutralize the largest attacks.

<img alt="" src="https://lh6.googleusercontent.com/ZSbc3yU5M4HeJ9V5vpezHFetdARU_2X2H90_MdqCtObe1JuAbvjJ-DBJYagY6tKLvFw5owFIoBrFtuYm6IcBDoKaprvLj-HS70tK9Criul4KQYp0XvDlCFJ0epjn9hd0uiQkkW6V=s0" />

In 2003 DDoS attacks reached Russia: MasterHost, the largest hosting in the country at that time, was attacked. Four years later Estonia was subjected to severe distributed denial of service attacks. For the first time, the state felt the full power of DDoS attacks &mdash; before that it was believed that only prankers and extortionists use such tools against businesses and local organizations, e.g. universities and schools.

The first half of the 2010s is characterized by constantly updated records for the power of DDoS attacks: 300 Gbps, 500 Gbps, 620 Gbps. Hardware-assisted protection was not enough to neutralize incoming attacks from multiple botnets. Other possibilities were required. And they appeared. The largest network security companies are completing their distributed filtering networks. At the same time, the era of global cloud-based DDoS protection services began.

These days, the DDoS landscape has a high &ldquo;threshold&rdquo; for inflicting tangible damage on the target. The most &ldquo;painful&rdquo; attacks target medium-sized businesses and usually have two motives. The first is to support their attempts to penetrate &mdash; it is more difficult to return the system to a normal state and stop the attacker when it is combined with a full-scale DDoS. And the second is unlawful competition. For these reasons, botnet owners either sell their services on the darknet or engage in banal extortion as a source of income. In part, it was the high entry threshold for DDoS attacks that made this illegal activity a real business.

Where there is a demand, there is also a supply: we have already written that today on the Darknet and specialized Telegram channels one can find offers to rent a botnet to carry out DDoS attacks for quite modest money &mdash; you can use a botnet that can launch an attack up to 400 Gbps, for only a few hundred dollars a week.

Nevertheless, experts believe that we should brace ourselves for an increase in DDoS activity in the foreseeable future. The ubiquity of the Internet of Things, the emergence of 5G networks, and the consequences of the lockdown only contribute to the replenishment of the ranks of cybercriminals. The answer to this will surely be the emergence of even more advanced means of countering DDoS, including machine learning technologies.

The evolution of DDoS attacks from the 90s to the present day

<img alt="" src="https://lh6.googleusercontent.com/LTfbzdCCucs3QK63kdFw4f5esQTGm1qjlBYPBoBOhgxw22gJTkWQMmeXhO8wgVYeC-kkiA-qkQsDngA6qtb1kclyZrZxi067af-IxWBOJF84T4u_KOBEy3y98ZcVxKSCP4UwgcMR=s0" />

Most companies tend to underestimate DDoS attacks and the threats they pose. Every year the attacks become more dangerous and sophisticated; their power is continuously growing.

Why it is not profitable to organize DDoS protection in-house and what the advantages of professional Anti-DDoS solutions

Top Reasons to Use Professional Anti-DDoS Solutions | StormWall

23 july 2021

<h1>5 Reasons to Get a Professional Protection From DDoS Attack</h1>

Most companies tend to underestimate DDoS attacks and the threats they pose. Every year the attacks become more dangerous and sophisticated; their power is continuously growing. Fighting DDoS attacks is an extremely challenging task. Some companies try to organize the protection of their resources internally, while others use professional Anti-DDoS solutions and find themselves in a more advantageous situation.

<ul>
	<li>Expertise that can&rsquo;t be achieved in-house unless you are a tech company</li>
</ul>

Modern DDoS-protection is very cost-intensive: IT specialists are very expensive employees, and you also need modern software and hardware installed globally to have any chances to withstand brutal yet ubiquitous DDoS-attacks on your company.

<img alt="" src="https://lh6.googleusercontent.com/LTfbzdCCucs3QK63kdFw4f5esQTGm1qjlBYPBoBOhgxw22gJTkWQMmeXhO8wgVYeC-kkiA-qkQsDngA6qtb1kclyZrZxi067af-IxWBOJF84T4u_KOBEy3y98ZcVxKSCP4UwgcMR=s0" />

<ul>
	<li>Constantly up-to-date:</li>
</ul>

your security system should contain the latest fixes and updates so that it is efficient. You are not safe unless your security keeps up with the ongoing evolution of cyber threats

<ul>
	<li>Expert support and tailored approach:</li>
</ul>

there is no standard solution for a security system of an organization. It all depends on your IT architecture: how frequently you connect to third parties, whether you use cloud solutions etc&hellip;

<ul>
	<li>Economy of scale:&nbsp;</li>
</ul>

DDoS security services operate numerous servers all over the world which make up a global mitigation network. One company won&rsquo;t be able to afford such a network, whereas DDoS protection services use the same mitigation network to protect various clients, thus dividing the network&rsquo;s operational costs between the clients.

<ul>
	<li>Innovative approach:</li>
</ul>

State of the art DDoS protection services use sophisticated machine learning algorithms to monitor and filter incoming traffic. This is only one particular result of an ongoing research and development process fostered by the IT security companies. No e-commerce company or online service can invest in such research on their own; that&rsquo;s why it is quite logical to use third-party DDoS-protection services.

Keksec Cybergang Debuts Simps Botnet for Gaming DDoS

Read also articles: