Prolific hacking group UGNazi has taken down a string of sites including US based HostGator in live tests of a new Denial of Service (DoS) attack tool.
The tool, dubbed #TheHolocaust, targeted undisclosed vulnerabilities and had crippled HostGator in seconds from a machine with 2Gb of Ram, via a 10Mbps/2Mbps link, the group told SC Magazine.
HostGator and payments company wepay.com remained offline this afternoon.
The DoS tool was written in Python and C++ and targeted vulnerabilities that would be easy to patch, group member the ‘Godfather’ said in an email.
“We do not want to show the DOS Tool #TheHolocaust to the public yet as it is in development,” they said.
“It affects the connection of the [targeted] server, as well as the [targeted] webserver.”
UGNazi achieved infamy when it hacked cloud provider WHMCS through a social engineering attack against HostGator.
The alleged perpetrator, member Cosmo, was arrested by the FBI but allegedly told Softpedia that he was released.
UGNazi in a later hack changed the DNS records of image board 4Chan pointing visitors to the hacking group’s Twitter account.
The latter hack was made by accessing the personal Gmail account of CloudFlare’s chief executive Matthew Prince. The DoS protection company said the hackers navigated past Google’s two factor authentication exploiting a now fixed “subtle recovery flaw” and bypassed his AT&T’s voicemail PIN.
UGNazi claimed that hack was worse than what the CloudFlare led on and told Softpedia that they “got into their main server” and accessed customer account information including name, IP address and payment data.
Copyright © SC Magazine, Australia
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @itnews.com.au to your white-listed senders.