Biggest ever DDoS attack 💥 || Pig Butchering Scams 🐽
CyberInsights #81 - Cloudflare CDN thwarts the DDoS || Pig Butcher meets her match (pun unintended)
71 million request per second…
Cloudflare thwarts the largest ever http DDoS attack
CDN (Content Delivery Network) service provider Cloudflare reported the largest ever DDoS attack at 71 million requests per second.
A DDoS attack aims to bring down a computing service by sending it huge amounts of requests for services thereby crashing the system or overwhelming it to such an extent that legitimate requests get timed out. It is measured in requests-per-second.
Cloudflare reports that the size of DDoS attacks are increasing every year:
Take Action:
If you believe (translate to: your risk assessment shows) that you have a risk of DDoS attack, you should do the following:
Consider adopting a good CDN service (like Cloudflare, who wrote the blog about how they blocked the attack)
Consider solutions such as rate limiting in your firewall which can work to some extent
In your threat model while developing software, consider DDoS attacks if plausible. At the design stage, you can implement controls where the browser has to do more work than the server, thereby restricting DDoS to a large extent
If you are a part of national critical infrastructure, you should consider ISP based solutions for preventing volumetric DDoS attacks.
Pig Butchering Scams 🐷
A fancy name for social engineering.
I got interested in this news when a security researcher at Sophos was the subject of a social engineering attack. The story has a funny ring to it. The security researcher was fed an ‘investment opportunity’ scam. The Register reported it here on the happy occasion of Valentine’s day. ❤️. The suspect account is still active on Twitter, should you want to try your luck at being a pig butchering scam victim.
The Wired picked it up as well and reported it.
That’s when I started reading up on what a Pig Butchering Scam is. The term ‘pig butchering scam’ gained popularity during crypto scams promising manifold returns. The concept, however, is social engineering 101.
Take Action:
The only takeaway is learning the meaning of ‘pig butchering scam’ and finding out its origins. The rest, like I said, is social engineering 101.
ChatGPT says:
“"Pig butchering scams" are a type of fraud in which scammers target individuals, often in rural or agricultural areas, offering to buy live pigs for butchering at a premium price. The scam typically involves the scammer offering to purchase a pig from the victim, promising to pay a higher-than-normal price. The scammer then takes possession of the pig and leaves, supposedly to butcher it, but never returns to pay the victim.
Alternatively, the scammer may offer to sell the victim a live pig at a lower-than-normal price, but ask for payment upfront. The scammer then takes the money and never delivers the pig.
These types of scams often target vulnerable populations, such as elderly or low-income individuals, and can result in significant financial loss for the victim. It's important to be cautious when dealing with individuals or companies offering to buy or sell livestock, and to verify their credentials and reputation before engaging in any transactions.”