The message rar attachment contains an executable file: the malware itself. Stolen data is exfiltrated with smtp.
DDoS cyber-attacks are very useful to block communications. UK police successfully tested them against criminals
DDoS attacks, one of the favorite methods of cyber criminals worldwide, can also be used for good deeds. Not only against traditional criminals, but also to fight terrorism. This is because this kind of attack ultimately “blocks” the targeted systems. Exploited machines can include static desktop computers and mobile devices, such as laptops, tablets, smartphones, and other networked resources. Everything depends on what the hackers intend to do with their target. For instance, DDoS attacks proved to be particularly useful to block communications for one or more specific mobile phones. This approach usually results in serious problems for organized crime and terrorism, as their activities heavily depend on communication. In this regard, UK police successfully used a DDoS-style attack against drug dealers. The cops, as a post on “Motherboard” says, managed to disrupt service on suspected drug dealer’s phones, stopping de facto their supply chain.
Terrorists are increasingly resorting to technology for their activities. Sometimes, the same technology can be turned against them
DDoS cyber-attacks can make the difference in the fight against terrorism as well. Think about the attacks through remote-controlled explosive devices, in which mobile phones are used as detonators. Nowadays, in a situation of possible danger, the response is usually to jam all communications in the area of interest. This procedure, however, affects every device in that area. On the contrary, a DDoS approach provides the opportunity to isolate only “suspicious” devices. This would increase the chances of success, without inconveniencing other surrounding devices in the process. This kind of attack would keep the terrorists from using their smartphones as remote triggers. Furthermore, it would not be necessary for an EOD expert to risk his life to defuse a bomb. This technique, however, has some weaknesses too. First, as a necessary condition, the device to target must be connected, or have some kind of access, to the Internet. It is also appropriate an early identification of the devices to hit with the cyber aggression in order to avoid errors that could cost dearly.
With DDoS cyber-attacks, smartphones and the Web can become the worst enemies of jihadi terrorism
DDoS cyber-attacks targeting smartphones are proving very useful in counter-terrorism procedures, not only in extreme situations. In fact, as it is already happening with organized crime, these attacks can be used to block external communications for one or more subjects. In the specific, a DDoS attack can delay a specific event or circumstance, or isolate a target from a distance. This is particularly useful when the target has to use a mobile device not only to make phone calls. We are thinking about jihadist propaganda specialists charged with the task of creating or relaunching contents from the Web, and disseminating them as quickly and effectively as possible. To this end, they need the Web. In order to post messages, photos and videos on the social media, in fact, they need access to a network. In this case, a DDoS attack, or a DDoS-style attack, could provide a solution to stop them.