Qurium, the Swedish media foundation and human rights watchdog leading the investigation into these DDoS attacks implicates FineProxy and RayoByte in facilitating the attacks.
On November 30, 2023, Rappler, the leading digital media company in the Philippines, found itself under a massive series of crippling DDoS attacks.
Qurium, the Swedish media foundation and human rights watchdog, leading the investigation into the recent DDoS attacks, has exposed the alleged participation of two major proxy providers, FineProxy and RayoByte, in facilitating the series of crippling DDoS attacks.
In a blog post published by Rappler, On December 5, 2023, the company experienced an unprecedented surge of over 40 million requests to its homepage within a span of one hour.
The investigation, conducted by Qurium, analyzed 90GB of access log data provided by Rappler and traced the malicious activity back to FineProxy and RayoByte.
According to a report published by Qurium, FineProxy, a Russian-based proxy infrastructure, has a history of involvement in numerous DDoS attacks against various organizations.
Despite being approached multiple times by Qurium, FineProxy showed little interest in resolving the issue and instead offered to disclose the client responsible for the attacks on the condition that Qurium remove all forensic reports involving their name.
It is worth noting that during the DDoS attack on Rappler, traffic peaked at a staggering 250,000 requests per second.
The assailants targeted Rappler's website with multiple waves of attacks, originating from both residential and data center connections.
Qurium's investigation exposed the complex web of networks associated with FineProxy and RayoByte.
Both proxy providers, despite claims of ethical standards, have allegedly tampered with geolocation data, associating their networks with fake locations to attract clients.
The report concludes that both FineProxy and RayoByte have designed their infrastructures to accommodate almost unlimited connections, enabling customers to automate tasks such as scraping and flooding sites with backlinks at high speeds.
This focus on serving clients engaging in potentially abusive SEO practices has led to the use of their infrastructures for conducting DDoS attacks.
For readers' information, Qurium specializes in investigating DDoS attacks with a mission to identify perpetrators and ensure accountability.
The organization has been actively investigating the recent surge in DDoS attacks targeting media and human rights organizations in the Philippines.
Qurium's noteworthy track record includes investigations into significant cyber incidents.
This includes their examination of weeks-long DDoS attacks on the Philippines Human Rights watchdog 'Karapatan.
In November 2023, Qurium exposed Chinese scammers exploiting cloned websites within an extensive gambling network.
The troubling findings call into question the responsibility and moral guidelines of proxy providers, which seem to shield users involved in harmful actions.
The disclosures concerning the absence of supervision and accountability among these providers are troubling, provoking deep concerns about their function in protecting the Internet.
This Cyber News was published on www.hackread.com. Publication date: Sat, 09 Dec 2023 15:13:09 +0000