News from Deflect Labs

Introducing Baskerville (waf!)

Baskerville is a machine operating on the Deflect network that protects sites from hounding, malicious bots. It's also an open source project that, in time, will be able to reduce bad behaviour on your networks too.

Deflect Labs Report #6: Phishing and Web Attacks Targeting Uzbek Human Right Activists and Independent Media

By: Etienne On: May 09, 2019 Threat Intel, DDoS, Advocacy, Deflect Labs, Deflect, News from Deflect Labs Comments Disabled

Key Findings We’ve discovered infrastructure used to launch and coordinate attacks targeting independent media and human rights activists from Uzbekistan The campaign has been active since early 2016, using web and phishing attacks to suppress and exploit their targets We have no evidence of who is behind this campaign but the target list points to […]

News from Deflect Labs: DDoS attacks against Caucasian Knot

By: dmitri On: March 19, 2019 DDoS, Advocacy, News from Deflect Labs Comments Disabled

Key Findings In November and December 2018, we identified 3 DDoS attacks against independent media website Кавказский Узел (Caucasian Knot) The first attack was by far the largest DDoS attack seen by the Deflect project in 2018, clocking over 7.7 million queries in 4 hours The three attacks used different types of relays, including open […]

Deflect Labs Report #4 – Anatomy of a booter

By: Etienne On: January 09, 2019 DDoS, Deflect Labs, Deflect, News from Deflect Labs Comments Disabled

Key Findings We identified a DDoS attack against the Israeli human rights website www.btselem.org on the 2nd of November Attackers used three different type of relays to overload the website and were automatically mitigated by Deflect We identified the booter infrastructure (professional DDoS service) and accessed and analyzed its tools, which we describe in this article In […]

News From Deflect Labs: Botnet Targeting WordPress Websites

By: Etienne On: October 15, 2018 DDoS, Deflect Labs, Deflect, News from Deflect Labs Comments Disabled

Key Findings We identified traffic from thousands of IPs trying to brute-force WordPress websites protected by Deflect using the same user-agent (Mozilla/5.0 (Windows NT 6.1; rv:52.0) Gecko/20100101 Firefox/52.0) since September 2017 We confirmed that it was not only targeting Deflect protected websites, but targeting also a large number of websites over Internet We analyze in […]

News From Deflect Labs: DDoS attacks against Vietnamese Civil Society

By: Etienne On: September 07, 2018 News from Deflect Labs, DDoS, Deflect Labs, Deflect Comments Disabled

Key Findings We identified 10 different DDoS attacks targeting two Vietnamese websites protected by Deflect, viettan.org and baotiengdan.com, between the 17th of April and 15th of June 2018. These attacks happened in the context of an important lack of Internet Freedom in Vietnam with regular online attacks against activists and independent media. We sorted these […]