Analysis of the DDoS tools used in cyber attacks on American banks by religiously-motivated hackers Izz ad-Din al-Qassam Cyber Fighters indicates a “well-funded” effort, according to security experts.
As reported by CSO Online, analysts at security firm Prolexic Technologies were able to identify the DDoS toolkit “itsoknoproblembro” as the software behind attacks against Bank of America, Chase Bank, Wells Fargo and PNC.
It may have a hilarious name, but “itsoknoproblembro” is serious business:
The “itsoknoproblembro” toolkit is capable of simultaneously attacking components of a website’s infrastructure and application layers, flooding the targets with sustained traffic peaking at 70 gigabits per second. In addition, Prolexic found that traffic signatures were unusually complex and therefore difficult to reroute away from the targets.
The vendor, which declined to name the banks whose sites it tracked, said the attackers likely spent months probing the sites for the components most susceptible to a DDoS assault. They also were knowledgeable in the technology used to mitigate such attacks.
The CEO of Prolexic told CSO Online that these were “on the level of a Stuxnet type of attack.”
Stuxnet was a remarkable cyberespionage tool, reportedly jointly created by the U.S. and Israel, that struck a major blow to Iran’s nuclear program in 2010.
Even though Iran and the Cyber Fighters have denied being behind last week’s bank attacks, Prolexic found that “several large networks” of botnets were utilized in the attacks, indicating an operation beyond the resources of most small groups of independent attackers.