On the 16th of November 2018, we identified a large attack against several websites protected by Deflect. This attack used several professional security audit tools like NetSparker and WPScan to scan the websites eltuz.com and centre1.com.
In this report, we look at the performance of the Deflect Labs’ new anomaly detection tool, Baskerville, in identifying a selection of the attacks seen on the Deflect platform during the last year.
The Caucasian Knot website joined Deflect on the 19th of October, under the barrel of a massive DDoS attack that had knocked their servers offline. Deflect logged over 7, 700, 000 queries to / on www.kavkaz-uzel.eu between 11h am and 3pm. This was by far the largest DDoS attack we have seen on Deflect in 2018.
On the 2nd of November 2018, we identified a DDoS attack against the Deflect-protected website www.btselem.org. B’Tselem is an Israeli non-profit organisation striving to end Israel’s occupation of the Palestinian territories. This attack is one of seventeen that we identified targeting the B’Tselem website in 2018.
We identified traffic from thousands of IPs trying to brute-force WordPress websites protected by Deflect using the same user-agent since September 2017, and confirmed that it is a large scale campaign against WordPress websites coming from a botnet, comprised mostly of systems in China.
We have been protecting two Vietnamese websites, viettan.org and baotiengdan.com on the Deflect platform. Over the past several months, we have seen a significant increase of DDoS attacks against these two websites.
This report covers attacks between April 29th and October 15th, 2016. Over this seven-month period, we recorded more than a hundred separate denial-of-service incidents against the official Black Lives Matter website.
This report covers attacks between February 1st and March 31st, 2016 of six discovered incidents targeting the bdsmovement.net website, including methods of attack, identified botnets and their characteristics.
This report covers attacks against the Kotsubynske independent media news site in Ukraine, in particular during the first two weeks of February 2016. It details the various methods used to bring down the website via distributed denial of service attacks. The attacks were not successful.