Hacker Attack Takes Down Social Networks

From USA Today:
Social networks Twitter, Facebook and LiveJournal on Thursday morning were overwhelmed by denial-of-service attacks disrupting access to more than 300 million users. Botnets — thousands of infected home and workplace PCs — flooded the websites with nuisance requests, thus cutting off access to anyone else.

Security experts can't say if the attacks were related. Twitter users around the globe could not Tweet for at least three hours. Access was restored in much of the U.S. by 1 p.m. Eastern, but Twitter could not be reached via iPhone or in Eastern Europe through much of the day, says Stephan Tanase, a senior analyst at Kaspersky Lab. "This was definitely a pretty heavy attack," says Tanase.

The attacks may have been related to the ongoing political conflict between Russia and Georgia. They started with hackers using a botnet to send a flurry of spam e-mail messages that contained links to pages on Twitter, Facebook and other sites written by a single pro-Abkhazia activist, according to Bill Woodcock, research director of the San Francisco-based Packet Clearing House, a nonprofit that tracks Internet traffic.

Facebook reported degraded service for some of its 250 million users, while LiveJournals says its 21 million users were cut off for an hour.

Nothing on this scale has been seen since February 2000, when a 15-year-old Montreal youth, known as Mafiaboy, directed a bot network to cut off access to Yahoo, eBay, Amazon.com, Etrade, ZDNET and CNN. Upon being arrested, Michael Calce, now a security consultant, said he did it for bragging rights.

Last month, a denial of service attack cut off access to several government and commercial sites in the U.S. and South Korea, raising speculation that North Korea was responsible. The attacker oddly erased the hard drives of the 40,000 bots used in the attack, rendering the computers useless.

Roger Thompson, a senior researcher at antivirus company AVG, says a vigilante may have been trying to "get the attention of the world on the botnet problem." Estimates vary, but some 40% of Internet-connected computers may be under the control of criminals who can easily use them for a variety of criminal pursuits.