Rapidttp.co.za So who is attacking us now |
This server has been running non-stop for 1200 days.(up to 18 Sept 2016)We have been under a variety of attacks from about four different groups over the past few years. Generally the attacks come from a large number of machines and they have a signature in the form of the method used for the attack and from these signatures one can group the identity of the different groups of attack sites. On the 2nd August 2016 we noticed attacks coming from a new group.These attacks added an extra 2000 different servers per day making about 25000 attacks per day. What was interesting is that Vietnam played a major part in the source of the attacks accounting for about 24% of all the attacks. Of these attacking sites 97.5% were already in the database and were being blocked. On a weekly basis, the distribution of countries involved in the attack were typically Country,# of servers involved,Percentage VN 3146 23.9% BR 1301 9.9% IN 1269 9.6% CN 1244 9.4% RU 879 6.7% KR 775 5.9% TR 423 3.2% DO 340 2.6% TW 307 2.3% AR 295 2.2% IR 207 1.6% US 186 1.4% CO 172 1.3% UA 164 1.2% PK 159 1.2%On the 13th September 2016 - six weeks after beginning, we received the following demands and the traffic from New World Hackers dissappeared for two days. We are, New World Hacking Groups We'll begin massive DDoS attack Today, you have 5 hours after reading your posts!!! 1 - We'll execute some targeted attacks and check your DDoS servers by the 500 Gbps attack power 2 - We can do multi-vector attacks Layer 3-7 TCP, UDP, SYN; NTP, DNS, SSDP - Amplification 3 - You do not help us antiddos, because we know your real IP address and it will always be able to find out 4 - Do not have time to change the hosting 5 - You can get away from the attack, if you pay 1.5 bitcoin to bitcoin ADDRESS: 1CB7Q8Mb77qSbkXnjynqGTjUTdFzFuV2EJ 6 - If you do not pay before the attack 1.5 bitcoin, the price will increase to 15 bitcoins 7 - Attacks every day will cost you 15 bitcoins 8 - We will continue to attack for a long time, as long as you do not pay!!! 9 - If you do not pay, we will destroy your business Transfer 1.5 bitcoin to ADDRESS: 1CB7Q8Mb77qSbkXnjynqGTjUTdFzFuV2EJ How to pay bitcoin? Google for the additional information! The Header for the message was Return-Path:After all the threats the New World Hackers resumed their attacks, but the key country involved now became Columbia CO 3467 28.1% VN 1669 13.5% BR 967 7.8% IN 701 5.7% KR 627 5.1% RU 607 4.9% CN 541 4.4% TW 388 3.1% TR 350 2.8% US 287 2.3% DO 195 1.6% RO 175 1.4% UA 142 1.1% AR 122 1.0% MX 117 0.9% In second week distribution was VN 4161 19.6% BR 2221 10.4% KR 1663 7.8% TW 1398 6.6% CN 1291 6.1% IN 1205 5.7% RU 1021 4.8% TR 985 4.6% RO 631 3.0% US 601 2.8% CO 556 2.6% MX 326 1.5% PL 324 1.5% UA 298 1.4% AR 289 1.4% In third week of attack distribution was VN 2340 11.0% BR 2323 10.9% CN 1813 8.5% TR 1393 6.6% IN 1392 6.6% KR 1326 6.2% RU 1232 5.8% TW 1125 5.3% US 695 3.3% RO 522 2.5% AR 462 2.2% MX 397 1.9% UA 391 1.8% PL 381 1.8% CO 334 1.6% In fourth week of attack distribution was VN 3414 14.8% BR 2458 10.7% UA 1990 8.6% TR 1475 6.4% TW 1225 5.3% IN 1143 5.0% RU 1139 4.9% CN 1064 4.6% KR 892 3.9% US 632 2.7% AR 539 2.3% RO 508 2.2% CO 429 1.9% PL 413 1.8% MX 385 1.7%
In fifth week of attack distribution was VN 4369 18.3% BR 2617 11.0% UA 2045 8.6% TW 1501 6.3% TR 1436 6.0% RU 1170 4.9% IN 1047 4.4% CN 960 4.0% KR 625 2.6% US 555 2.3% AR 545 2.3% RO 539 2.3% CO 421 1.8% MX 343 1.4% PL 335 1.4% In six week of attack distribution was peak VN 2713 12.2% UA 2429 11.0% BR 1709 7.7% TR 1445 6.5% RU 1350 6.1% TW 1303 5.9% CN 1064 4.8% US 1036 4.7% IN 996 4.5% KR 542 2.4% RO 487 2.2% PL 478 2.2% AR 447 2.0% MX 343 1.5% FR 326 1.5% In seventh week of attack distribution was peak VN 3019 12.6% UA 2170 9.1% BR 1713 7.2% TW 1692 7.1% RU 1496 6.2% TR 1490 6.2% CN 1371 5.7% IN 1041 4.3% US 1006 4.2% KR 848 3.5% AR 551 2.3% RO 544 2.3% PL 467 2.0% MX 383 1.6% CO 371 1.5% In eighth week of attack distribution was VN 3418 18.5% TW 1541 8.3% BR 1474 8.0% KR 1036 5.6% RU 1021 5.5% CN 970 5.2% IN 922 5.0% TR 908 4.9% UA 690 3.7% US 455 2.5% RO 425 2.3% AR 349 1.9% PL 289 1.6% CO 287 1.6% MX 250 1.4%
In ninth week of attack distribution was VN 2980 16.0% BR 1611 8.6% TW 1607 8.6% CN 1152 6.2% RU 1043 5.6% TR 1001 5.4% IN 957 5.1% KR 579 3.1% US 503 2.7% RO 495 2.7% AR 472 2.5% UA 451 2.4% PL 348 1.9% MX 322 1.7% CO 312 1.7%
In tenth week of attack distribution was (fading starts) CN 1581 10.9% BR 1331 9.2% VN 1215 8.4% TW 967 6.6% RU 855 5.9% IN 792 5.4% TR 681 4.7% UA 491 3.4% US 471 3.2% AR 380 2.6% RO 344 2.4% PL 337 2.3% KR 316 2.2% CO 290 2.0% FR 254 1.7%
In eleventh week of attack distribution was (fading quickly) CN 1307 12.4% BR 1243 11.8% VN 833 7.9% TW 724 6.9% RU 533 5.1% IN 522 4.9% TR 462 4.4% US 353 3.3% AR 340 3.2% UA 301 2.9% RO 288 2.7% KR 248 2.4% PL 239 2.3% MX 221 2.1% FR 192 1.8%
In twelveth week of attack distribution was (Ukraine to the rescue) UA 1639 15.2% VN 1003 9.3% CN 911 8.4% BR 895 8.3% TW 679 6.3% RU 557 5.1% IN 473 4.4% TR 461 4.3% AR 348 3.2% US 322 3.0% KR 284 2.6% RO 276 2.6% PL 233 2.2% MX 186 1.7% FR 138 1.3% In thirteenth week of attack distribution was CN 1903 14.0% VN 1068 7.9% TW 952 7.0% BR 898 6.6% TR 873 6.4% RU 759 5.6% US 756 5.6% UA 748 5.5% IN 436 3.2% AR 401 3.0% RO 345 2.5% PL 319 2.4% MX 301 2.2% KR 293 2.2% TH 281 2.1% In fourteenth week of attack distribution was CN 1471 16.8% VN 956 10.9% BR 742 8.5% TW 714 8.2% RU 486 5.6% US 411 4.7% AR 303 3.5% IN 299 3.4% KR 294 3.4% TR 290 3.3% RO 259 3.0% UA 213 2.4% PL 161 1.8% MX 140 1.6% FR 129 1.5% We identify and classify EVERY attacker and block future attacks from that group of servers. Lists are availalble for interested parties For the past 18 years the server has been serving information from a stand alone webserver running a linux operating system. The server supplies about 3.2 million documents per annum in the form of HTML, PDF and JPG files. In the whole 17 years, on only about five occasions has it stopped and needed a reboot. Two of these stopages have happened in the past fifty months. The attacks are processed by software and barely 1% of machine resources are wasted on the project - However the data provided is extremely useful for mapping out the players. We identify every one of the servers involved in the attacks. In this attack year we have processed 2 million attacks per month from 200000 different servers.
less character endorsement rib anti agreement accept clearing sched co edia harmonised dumping ow rate exempt extra african media permit index
|