Recent DDoS-as-a-Service Platform Passion Used in Attacks on Hospitals

A new DDoS-as-a-Service platform called Passion was recently used by pro-Russian hacktivists to launch attacks against medical institutions in the United States and Europe. A DDoS attack is when malicious actors send a large number of requests and garbage traffic to a target server in order to overwhelm it and prevent it from responding to legitimate requests. DDoSaaS platforms rent out their available firepower to those looking to launch disruptive attacks, eliminating the need to build their own large botnets or coordinate volunteer action. These botnets are usually created by exploiting vulnerable IoT devices such as routers and IP cameras, uniting them into a large swarm that generates malicious requests towards a particular target. Radware discovered the Passion platform, and although its origins are unknown, it has clear ties to Russian hacking groups such as Killnet, MIRAI, Venom, and Anonymous Russia. The Passion Botnet was used in the attacks on January 27th, targeting medical institutions in the USA, Portugal, Spain, Germany, Poland, Finland, Norway, Netherlands, and the United Kingdom as retaliation for sending tanks in support of Ukraine, according to Radware researchers. The operators of the Passion DDoS platform first advertised their service at the beginning of January 2023, performing several defacements on Japanese and South African organization sites. The service operates as a subscription, where customers can purchase desired attack vectors, duration, and intensity. Passion offers the option of ten attack vectors, allowing subscribers to customize their attack as needed and even combine vectors to bypass mitigations implemented by the target. As for the cost of the service, a seven-day subscription costs $30, a month costs $120, while a full year sets back threat actors $1,440. Accepted payment methods include Bitcoin, Tether, and the Russian payment service QIWI. Passion uses the Dstat. Cc measurement service to showcase its L4 and L7 attack capabilities and effectiveness against DDoS mitigation providers like CloudFlare and Google Shield. In October 2022, a pro-Russian DDoS crowdsourcing project named DDOSIA was launched, paying volunteers who took part in attacks and awarding significant amounts to those with the highest contributed firepower. Passion is added to an already flourishing DDoS ecosystem, increasing the problem for organizations worldwide that are the recipients of these attacks.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 01 Feb 2023 17:58:02 +0000


Cyber News related to Recent DDoS-as-a-Service Platform Passion Used in Attacks on Hospitals

9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
10 months ago Esecurityplanet.com
Why every company needs a DDoS response plan - Today's DDoS attacks are not what they were even a few years ago, and we continue to see DDoS attacks that are framed as the largest in history. As a result, large organizations need adaptive, multilayered defense capabilities that can respond just ...
3 months ago Helpnetsecurity.com
The Rise of DDoS Attacks in Q3, 2023: Are You Prepared? - The Indusface AppSec Q3, 2023 Report reveals a staggering 67% surge in DDoS attacks compared to the previous quarter, highlighting a concerning trend with profound impacts on various industries. Over 41% of websites have shown signs of DDoS attacks ...
9 months ago Cybersecuritynews.com
Recent DDoS-as-a-Service Platform Passion Used in Attacks on Hospitals - A new DDoS-as-a-Service platform called Passion was recently used by pro-Russian hacktivists to launch attacks against medical institutions in the United States and Europe. A DDoS attack is when malicious actors send a large number of requests and ...
1 year ago Bleepingcomputer.com
The State of DDoS Attacks: Evolving Tactics and Targets Businesses Must Be Aware Of - Now, these attacks are becoming more dangerous, targeted, and detrimental as they evolve. As DDoS attacks become more sophisticated, adversaries are able to hone in on the most vulnerable targets, ranging from small- and medium-sized businesses to ...
9 months ago Cyberdefensemagazine.com
How to Prepare for DDoS Attacks During Peak Business Times - One common tactic that many security practitioners have witnessed is carrying out distributed denial-of-service attacks during peak business times, when companies are more likely to be short-staffed and caught unawares. While DDoS attacks are a ...
9 months ago Darkreading.com
Hospitals Must Treat Patient Data and Health With Equal Care - COMMENTARY. Hospitals are in the crosshairs: As collectors of some of the most personal and sensitive data available, hospitals are a prime target for hackers and cyberattacks. Patient data needs to be treated with as much care and sensitivity as the ...
8 months ago Darkreading.com
Cybersecurity and Infrastructure Security Agency Reports Minimal Impact of Killnet Distributed Denial of Service Attacks on American Hospitals - The Cybersecurity and Infrastructure Security Agency (CISA) reported that it had assisted numerous hospitals in responding to a series of distributed denial-of-service (DDoS) attacks last week, which were launched by a pro-Kremlin hacking group known ...
1 year ago Therecord.media
Security Series: Protecting the Edge Against DDoS Attacks with a Simplified Integrated Solution - An unprecedented increase in distributed-denial-of-service attacks in recent years has resulted in lost revenue and productivity, increased ransomware costs, and impacted service-level agreements for network operators. According to Zayo Group's ...
9 months ago Feedpress.me
VPN to protect against DDoS attacks on Twitch - Swarming or DDoS attacks pose a threat to streamers. Your data goes through a secure server, making it harder for attackers to target your actual IP address. A distributed denial-of-service attack globally harasses and attacks legitimate users and ...
9 months ago Itsecurityguru.org
Pro-Russian DDoS Attacks Alarm Denmark and US - Distributed denial-of-service (DDoS) attacks by pro-Russian hacking groups have caused alarm in the US and Denmark after several incidents affected websites of hospitals and government offices in both countries. On Tuesday, Denmark announced that it ...
1 year ago Therecord.media
In Cybersecurity and Fashion, What's Old Is New Again - While distributed denial-of-service attacks and zero-day threats are nothing new in cybersecurity, they're still happening regularly for a simple reason: They work. In early November 2023, OpenAI blamed a DDoS attack for intermittent ChatGPT issues, ...
9 months ago Darkreading.com
Essential DDoS statistics for understanding attack impact - The impact of DDoS attacks extends far beyond mere inconvenience, as they can result in financial losses, compromised data, and erosion of customer trust. Understanding the nature and consequences of DDoS activity is essential for organizations and ...
9 months ago Helpnetsecurity.com
Cyberattacks on Hospitals Are Likely to Increase, Putting Lives at Risk, Experts Warn - Cybersecurity experts are warning that hospitals around the country are at risk for attacks like the one that is crippling operations at a premier Midwestern children's hospital, and that the U.S. government is doing too little prevent such breaches. ...
7 months ago Securityweek.com
Understanding the Escalating Threat of Web DDoS Tsunami Attacks - Whether it's hacktivists conducting cyberwarfare or ransom-seeking criminals targeting vulnerable firms in financial services, retail, energy, or transportation, a new breed of destructive distributed denial of service attack - the Web DDoS Tsunami - ...
9 months ago Cyberdefensemagazine.com
DDoS Attacks on Rappler Linked to Proxy Service Providers in US and Russia - Qurium, the Swedish media foundation and human rights watchdog leading the investigation into these DDoS attacks implicates FineProxy and RayoByte in facilitating the attacks. On November 30, 2023, Rappler, the leading digital media company in the ...
10 months ago Hackread.com
How to Prevent DNS Attacks: DNS Security Best Practices - To protect against attack, best practices must be applied to protect the DNS protocol, the server on which the DNS protocol runs, and all access to the DNS processes. Implementing these best practices will not only protect DNS but also network ...
10 months ago Esecurityplanet.com
Capital Health Hospitals hit by cyberattack causing IT outages - Capital Health hospitals and physician offices across New Jersey are experiencing IT outages after a cyberattack hit the non-profit organization's network earlier this week. The healthcare system manages two hospitals, an outpatient facility in ...
10 months ago Bleepingcomputer.com
SW Ontario hospitals confirm patient data compromised in cyberattack - As the fallout from last week's cyberattack against five southwestern Ontario hospitals continues to spread, the organizations confirmed Tuesday that patient information was stolen and they now fear the blackmailers might publish it online. TransForm ...
10 months ago Windsorstar.com
LockBit targets hospitals - We did not see much research released on ransomware this week, with most of the news focusing on new attacks and LockBit affiliates increasingly targeting hospitals. These attacks include ones against Yakult Australia and the Ohio Lottery by the new ...
9 months ago Bleepingcomputer.com
87% of DDoS Attacks Targeted Windows OS Devices in 2023 - Computers and servers became the primary target of attacks, making up 92% of DDoS attempts, compared to only 68% in the previous year. Attacks are also becoming shorter and less frequent, but more powerful. While the overall count in attack frequency ...
5 months ago Darkreading.com
Hackers are Launching DDoS Attacks During Peak Business Hours - Many security practitioners have seen distributed denial-of-service attacks carried out during peak business hours, when firms are more likely to be understaffed and caught off guard. DDoS attacks are a year-round threat, but we've seen an increase ...
9 months ago Cysecurity.news
Russian Hacktivists Target US and Dutch Hospitals - Russian hackers have claimed responsibility for a cyberattack that took more than a dozen US hospitals' websites offline on Monday morning. Killnet, a pro-Russian hacking group infamous for DDoS attacks over the last year, claims to have taken down ...
1 year ago Heimdalsecurity.com
Recently patched CUPS flaw can be used to amplify DDoS attacks - As Akamai security researchers found, a CVE-2024-47176 security flaw in the cups-browsed daemon that can be chained with three other bugs to gain remote code execution on Unix-like systems via a single UDP packet can also be leveraged to ...
6 days ago Bleepingcomputer.com
Hospitals ask courts to force cloud storage firm to return stolen data - Two not-for-profit hospitals in New York are seeking a court order to retrieve data stolen in an August ransomware attack and now stored on the servers of a Boston cloud storage company. Carthage Area Hospital and Claxton-Hepburn Medical Center have ...
9 months ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)