Is this fiction or non fiction?

Feb 15 2023

Gone Phishing Banner

Welcome to Gone Phishing your daily newsletter that’s got more value than a dollar store.

Today’s hottest cyber security stories:

  • Indi-go figure: why’s your website still down, eh?
  • AdSense and Cyber-bility
  • Bugatti, eat your heart out! DDoS attack does 0-71 (million requests lol) in 1 second

HACKERS PUT CANADIAN BOOKSELLER INDIGO OUT FOR A WEEK!

This story’s fun as it’s like watching a hostage situation unfold in real-time. Don’t believe us? Click here (don’t worry, it’s safe! Though, that would be ironic of us, wouldn’t it?) to check the current status of Indigo’s website.

The popular on-and-offline Canadian bookseller, which also has physical stores, fell victim to a ‘cybersecurity incident’ an entire week ago and low and behold the website (at time of writing, at least) is STILL down.

Visit the page and you’ll be greeted by a polite explanation, in both English and French, of course. Jesus, imagine living in a country comprised of the two least compatible cultures on the planet. We jest; we jest.

In all seriousness, it is alarming that Indigo’s website, which generates roughly a third of its revenue (and is required for the physical stores to process card payments!), still hasn’t bounced back following last Wednesday’s attack.

“Technical difficulties”

Indigo firstly said that ‘technical difficulties’ (classic) with the website meant they could only accept cash payments instore and couldn’t process returns or online orders. This remains the case. The following day they realised (admitted?) they’d been hacked.

The reason we likened it to a Dog Day Afternoon type situation is because (and be warned, this is unconfirmed) many in the cybersphere are speculating that Indigo is currently in the nail-biting throes of a ransomware negotiation. Think Samuel L. Jackson and Keven Spacey but more neckbeards.

Ransomware attacks lock users out of their files and demand cash in return for re-access. Essentially, the sensitive/valuable data is held hostage. 

Luckily for customers, Indigo said: “Customer credit and debit card information was not compromised by our recent cybersecurity incident. We do not store full credit or debit card numbers in our systems.”

It seems like the hackers managed to get their grimy mitts on something valuable, though, if this is indeed a ransomware attack, as it appears to be. And they may be close to getting a payday out of Indigo.

Of course, you shouldn’t judge a book by its cover… Time will tell what’s really going down. Stay tuned.

ADSENSE NONSENSE INFECTS 10,000+ WORDPRESS SITES

Hackers looking to entice would-be victims with fraudulent ads leading to malware-infected websites have upped their game.

As many as 10,800 WordPress sites have been infected with dodgy links leading to malevolent (get it?) landing pages.

WordPress, which is owned by GoDaddy, identified and exposed the new phishing phenomenon itself via an exposé, published in November, 2022.

URL short-changed

Though admirable in their due diligence, the website hosting company may have underestimated the scale of the problem.

70 bogus domains mimicking URL shorteners have infected over 10,800 WordPress-hosted websites.

The goal of the exercise seems to be to build authority and, as such, legitimise the offending ads and links in the eyes of Google’s all-seeing, all-powerful algorithm. No mean feat.

Additionally, scammers are using fake URL shorteners to trick people who want to turn a long URL into a short one in thinking their using a reputable shortener, i.e., Bitly, Cuttly, or ShortURL but, in reality, direct visitors to sketchy Q&A sites.

Stay safe out there!

CALL GUINNESS! DDOS ATTACK ON CLOUDFLARE SMASHES RECORDS

Cloudflare, a web infrastructure company, is one of Gone Phishing’s internet-winners of the days, thanks to its heroic courage and resilience in the face of an unprecedented DDoS (Distributed Denial of Service) attack.

It valiantly thwarted a record-breaking attack that peaked at over 71 million requests per second (RPS).

The company was humble in its bragging. “The majority of attacks peaked in the ballpark of 50-70 million requests per second (RPS) with the largest exceeding 71 million,” the company said, calling it a “hyper-volumetric” DDoS attack.

Hyper-volumetric

Go ahead, Cloudflare. Enjoy your victory. Cyber-stories wherein the good guys win are few and far between these days, what with the ever-increasing occurrences of Ransomware attacks that present victims with a Sophie’s Choice of outcomes. As such, we want to celebrate.

Furthermore, this was also the largest HTTP (basically the programming language of the internet) DDoS attack reported to date, more than 35% higher than the previous 46 million RPS DDoS attack that Google Cloud mitigated in June 2022.

In your face, Google Cloud. There’s a new sheriff – I mean cloud-based web infrastructure company in town.

Cloudflare said the attacks singled out websites secured by its platform and that they emanated from a botnet comprising more than 30,000 IP addresses that belonged to “numerous” cloud providers.

Targeted websites included a popular gaming provider, cryptocurrency companies, hosting providers, and cloud computing platforms.

Yeah, maybe cancel that call to Guinness. We don’t celebrate scammers here. Cloudflare FOR THE WIN.

So long and thanks for reading all the phish!

footer graphic cyber security newsletter

Recent articles