WEB HOSTING SECURITY

By: Joe Eitel	Search For More Articles! Disclaimer Author Terms
Rating: / 4
2009-10-07

Table of Contents:

Beladen: 40,000 Website Attackers

Effects

Disappearance

Security

	ADD THIS ARTICLE TO:
	Del.ici.ous	Digg
	Blink	Simpy
	Google	Spurl
	Y! MyWeb	Furl

Email Me Similar Content When Posted

Add Developer Shed Article Feed To Your Site

Email Article To Friend

Print Version Of Article

PDF Version Of Article

SEARCH WEB HOSTERS

TOOLS YOU CAN USE

Beladen: 40,000 Website Attackers - Disappearance

(Page 3 of 4 )

There have been no reports of issues with the Beladen attacker since June 3. While no one is sure when the attacks first began, it is unlikely that they lasted much more than a week. This is very fortunate for the Internet community as a whole, as the number of users exposed was minimized.

The reason that there have been no issues since June 3 is that the Beladen domain no longer operates. While infected websites could still potentially direct users to Beladen, there is no longer any threat there. Because the threat no longer exists, the issue stopped gaining notoriety in online media. Therefore, it is hard to determine why Beladen is no longer operating. Hopefully it is permanently disabled and will not come back to infect more computers.

One of the reasons that Beladen was so dangerous was that it made use of an ambiguous domain controlled by random sub-domains. Each forward to the website would generate a random sub-domain (such as kbnas.beladen.com) that was one of any of six million combinations. If you attempted to find an IP address for the main domain, you would not get a meaningful response. Each of the sub-domains had its own unique IP address.

The nature of the ambiguous domains raises questions over how any government or security agency could target Beladen. There was no single target to focus on, so any actions would have found some other way to get at it than the domain. Hopefully this is exactly what happened -- a government security force tracked the threat and took care of it. Unfortunately, there is no way of knowing for now.

The other possibility is that this initial attack was just a test of new capabilities and the creators of Beladen have pulled back their operations for now to continue developing. While they will not likely use Beladen again (many of the security issues will have been addressed by development), they will be able to use the knowledge that they have gained to continue developing malicious software and attacks.

Regardless of the fate of the creators of Beladen, hopefully Internet security forces have spent ample time analyzing the Beladen attacks and devising new ways to protect against these types of intrusions in the future.

Next: Security >>

More Web Hosting Security Articles
More By Joe Eitel

Comments On: Beladen: 40,000 Website Attackers

· Suggesting that people move to an OS with "less attacks" is just downright...

>>> Post your comment now!

WEB HOSTING SECURITY ARTICLES

- GFI Report Details Top 10 Threat Detections ...
- Sophos Releases Security Threat Report 2012
- Facebook Safety Tips for 2012
- Email Scam Hits Apple Users
- Tips for Mobile Security
- Tech Temptations to Avoid
- Firefox Silent Updates Bad for Security?
- Anonymous Not Attacking Facebook, Drug Cartel
- Hacking-Related News
- Malware to Become More Problematic
- McAfee`s List of Internet`s Most Dangerous C...
- Survey Finds Attacks on Social Networks Incr...
- A New Threat Makes its Way through Twitter
- Microsoft, Browser Security News
- Hackers Target Apple, Fox, Others

Find More Web Hosting Security Articles