Deflect Labs

Deflect Labs Report #6: Phishing and Web Attacks Targeting Uzbek Human Right Activists and Independent Media

Key Findings We’ve discovered infrastructure used to launch and coordinate attacks targeting independent media and human rights activists from Uzbekistan The campaign has been active since early 2016, using web and phishing attacks to suppress and exploit their targets We have no evidence of who is behind this campaign but the target list points to […]
Read More

Deflect Labs Report #5 – Baskerville

Using Machine Learning to Identify Cyber Attacks The Deflect platform is a free website security service defending civil society and human rights groups from digital attack. Currently, malicious traffic is identified on the Deflect network by Banjax, a system that uses handwritten rules to flag IPs that are behaving like attacking bots, so that they […]
Read More

News from Deflect Labs: DDoS attacks against Caucasian Knot

Key Findings In November and December 2018, we identified 3 DDoS attacks against independent media website Кавказский Узел (Caucasian Knot) The first attack was by far the largest DDoS attack seen by the Deflect project in 2018, clocking over 7.7 million queries in 4 hours The three attacks used different types of relays, including open […]
Read More

Deflect Labs Report #4 – Anatomy of a booter

Key Findings We identified a DDoS attack against the Israeli human rights website www.btselem.org on the 2nd of November Attackers used three different type of relays to overload the website and were automatically mitigated by Deflect We identified the booter infrastructure (professional DDoS service) and accessed and analyzed its tools, which we describe in this article In […]
Read More

News From Deflect Labs: Botnet Targeting WordPress Websites

Key Findings We identified traffic from thousands of IPs trying to brute-force WordPress websites protected by Deflect using the same user-agent (Mozilla/5.0 (Windows NT 6.1; rv:52.0) Gecko/20100101 Firefox/52.0) since September 2017 We confirmed that it was not only targeting Deflect protected websites, but targeting also a large number of websites over Internet We analyze in […]
Read More

News From Deflect Labs: DDoS attacks against Vietnamese Civil Society

Key Findings We identified 10 different DDoS attacks targeting two Vietnamese websites protected by Deflect, viettan.org and baotiengdan.com, between the 17th of April and 15th of June 2018. These attacks happened in the context of an important lack of Internet Freedom in Vietnam with regular online attacks against activists and independent media. We sorted these […]
Read More

Deflect Labs report #3

Botnet attack analysis of Deflect protected website blacklivesmatter.com Seamus Tuohy and eQualit.ie View the report with 3D rendering (5mb) This report covers attacks between April 29th and October 15th, 2016. Over this seven-month period, we recorded more than a hundred separate denial-of-service incidents against the official Black Lives Matter website. Our analysis shows a variety […]
Read More

Deflect Labs Report #2

Botnet attack analysis of Deflect protected website bdsmovement.net This report covers attacks between February 1st and March 31st of six discovered incidents targeting the bdsmovement.net website, including methods of attack, identified botnets and their characteristics. It provides detailed technical information and analysis of trends with the introduction of the Bothound library for attack fingerprinting and […]
Read More

Deflect Labs Report #1

Botnet attack analysis covering reporting period February 1 – 29 2016 Deflect protected website – kotsubynske.com.ua This report covers attacks against the Kotsubynske independent media news site in Ukraine, in particular during the first two weeks of February 2016. It details the various methods used to bring down the website via distributed denial of service […]
Read More