Compromised servers to launch DDoS attacks

2010-05-11

John Leyden, The Register, is reporting that hackers have begun using compromised servers instead of client PCs to launch more powerful denial of service attacks. According to database security firm Imperva, hundreds of web servers are infected with a DoS application that transforms them into zombie drones. These zombie servers are controlled using a simple web application consisting of just 90 lines of PHP code.

Leyden writes that servers are harder to compromise than desktop PCs, but once compromised these servers offer more horsepower with attacks that are more difficult to detect. Imperva's CTO, Amichai Shulman stated that denial of service attacks from compromised servers are ongoing, "Now that a network of server bots has been created, it will be quite easy for them to 'rent' them out or increase their activity. Companies should regularly monitor their Google presence to look for evidence of being compromised."