Beladen: 40,000 Website Attackers - Disappearance
(Page 3 of 4 )
There have been no reports of issues with the Beladen attacker since June 3. While no one is sure when the attacks first began, it is unlikely that they lasted much more than a week. This is very fortunate for the Internet community as a whole, as the number of users exposed was minimized.
The reason that there have been no issues since June 3 is that the Beladen domain no longer operates. While infected websites could still potentially direct users to Beladen, there is no longer any threat there. Because the threat no longer exists, the issue stopped gaining notoriety in online media. Therefore, it is hard to determine why Beladen is no longer operating. Hopefully it is permanently disabled and will not come back to infect more computers.
One of the reasons that Beladen was so dangerous was that it made use of an ambiguous domain controlled by random sub-domains. Each forward to the website would generate a random sub-domain (such as kbnas.beladen.com) that was one of any of six million combinations. If you attempted to find an IP address for the main domain, you would not get a meaningful response. Each of the sub-domains had its own unique IP address.
The nature of the ambiguous domains raises questions over how any government or security agency could target Beladen. There was no single target to focus on, so any actions would have found some other way to get at it than the domain. Hopefully this is exactly what happened -- a government security force tracked the threat and took care of it. Unfortunately, there is no way of knowing for now.
The other possibility is that this initial attack was just a test of new capabilities and the creators of Beladen have pulled back their operations for now to continue developing. While they will not likely use Beladen again (many of the security issues will have been addressed by development), they will be able to use the knowledge that they have gained to continue developing malicious software and attacks.
Regardless of the fate of the creators of Beladen, hopefully Internet security forces have spent ample time analyzing the Beladen attacks and devising new ways to protect against these types of intrusions in the future.
More Web Hosting Security Articles
More By Joe Eitel