Last night we saw a massive attack on a Georgian
blogger who goes by the name "Cyxymu".
The
attack included at least these components:
• DDoS
attack against Cyxymu's Twitter account
(http://twitter.com/cyxymu) • DDoS
attack against Cyxymu's Youtube account
(https://www.youtube.com/cyxymu) • DDoS
attack against Cyxymu's Facebook account
(http://www.facebook.com/cyxymu) • DDoS
attack against Cyxymu's Livejournal account
(http://www.livejournal.com/cyxymu and
http://cyxymu1.livejournal.com) • DDoS
attack against Cyxymu's Fotki account
(http://public.fotki.com/cyxymu/) • An
e-mail "Joe Job" campaign against Cyxymu
The effects
of some of these attacks are still visible. For
example, Livejournal and Facebook are still not
accepting connections to Cyxymu's pages.
Here's an example of what the Joe
Job e-mails looked like. They were not sent by
Cyxymu although they look like it.
Launching DDoS attacks against
services like Facebook is the equivalent of
bombing a TV station because you don't like one of
the newscasters. The amount of collateral damage
is huge. Million of users of Twitter, Livejournal,
and Facebook have been experiencing problems
because of this attack.
Whoever is
behind this attack, they had
significant bandwidth
available. Our best guess is that these attacks
were done by nationalistic Russian hackers who
wanted to silence a visible online opponent. While
doing that, they've only managed to attract more
attention to Cyxymu and his message.
Then
again, Cyxymu himself simply comments in his
Tweets that the attack was done by the Russian
KGB.
We're unlikely to ever know the
truth.
Updated to add: Added
info that Cyxymu's Fotki account was under attack
as well.
Updated to add: See the
comments section
for commentary from a person who worked at a radio
station that was bombed…