NEWS FROM THE LAB - Thursday, October 21, 2004

DDoS attack against El Reg Posted by Mikko @ 16:47 GMT

El Reg
We've received a report or two from administrators who've spotted weird traffic in their network: machines sending large amounts of data to TCP port 80 at address

Turns out this is the website of one of the premier online publications in the net: The Register. Incidentally, they've been hit by a distributed denial-of-service attack since yesterday.

So far, we haven't been able to secure a sample of the offending piece of malware from the affected computers, but we'll continue investigating. In the meanwhile we urge administrators to check their firewall logs for similar activity. And please pass any suspected programs for our analysis to samples@f-secure.com.