Prolexic Reveals Security Flaws in Popular Dirt Jumper Toolkit

Security Researcher's team at Prolexic exposed a fault in the command-and-control infrastructure of one of the most important DDoS toolkits Dirt Jumper bot., which facilitates them to stop attacks.

The discovery facilitates the researchers to access the back-end servers which control the attack tool along with configuration server and enter the way that tool works and how attackers are utilizing it.

Dirt Jumper has been in use for quite some time with many separate iterations but it is not among the popular DDoS attack toolkits. The botnet developed from the bigger Russkill botnet and a variety of versions of the tool's dual code and back--end configuration files have been made public.

According to Prolexic, Dirt Jumper was originally authored by someone who uses the handle 'sokol' online and it is one of the most popular malware attack tools being used today. The author privately sold various versions of Dirt Jumper which were then leaked to public. Prolexic says the source code to build Dirt Jumper botnet that requires $5,000 and the consent of several authors using it to make by-product variations of their own and publish it online.

Unfortunately, Cyber security blogger, Brian Krebs became the latest and most well-known victim of the Max Flood variant of Dirt Jumper for few days starting from 27th July, 2012. Krebs described in a blog about how a weakness in the Dirt Jumper code helped him up his website.

Krebs also warned in his blog that according to figures of Arbor networks DDoS threats are increasing rapidly and are up by 82% since June 2011.

Infosecurity-magazine.com published a report on 15th August, 2012 quoting Chief Executive Officer of Prolexic Scott Hammack's comments on recently exposed vulnerability, proclaiming that it was their duty to share this susceptibility with the security community at large. He was also quoted saying DDoS attackers take pride in finding and utilizing limitations in the architecture and code of their targets. We have turned the tables and uncovered crucial drawbacks in their own tools with the help of this vulnerability report.

» SPAMfighter News - 8/24/2012