Regular web users unwittingly launch DDoS attacks on Ukraine

A malicious script hijacks browsers

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Web users are being unwittingly recruited for distributed denial of service (DDoS) attacks against multiplewebsitesbelonging to the Ukrainian government and local non-profits.

As reported byBleepingComputer, an unknown threat actor has managed to compromise a number ofWordPresswebsites, and embed a uniqueJavaScriptcode, which sends an HTTP GET request to a total of ten websites.

When someone visits one of these sites, theirbrowseris forced to execute the code. The objective of the campaign is to overload the websites with fake traffic and take them offline.

We’re looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn’t take more than 60 seconds of your time. Thank you for taking part.

Click here to start the survey in a new window«

Abusing civilians

The people whoseendpointsare being used for this attack almost certainly don’t know they are part of an attack. Besides slowing down their browsing a little, there’s no indication of the browser essentially being hijacked.

Bleeping Computerfurther explains that every request to the websites utilizes a random query string, so that the request doesn’t get served through Cloudflare or a similarCDN. Instead, it’s directly received by the targetserver.

Ukrainian websites aren’t the only victims of the attack, though. BleepingComputer found that the same script is being used to mount attacks against roughly 70 Russian websites too. The difference is that, in this case, the individuals are aware they are partaking in a DDoS campaign.

Ukrainian ISP suffers ‘massive cyberattack’>Russia-Ukraine war pushes OneWeb into the arms of rival SpaceX>Qualcomm stops selling chips to Russian firms

The war between Russia and Ukraine has spilled from the physical realm into cyberspace. Earlier this week, one of Ukraine’s Internet Service Providers (ISP), Ukrtelecom, reported suffering a “major” cyberattack, which brought internet connectivity in the country down to almost a tenth of its pre-war levels.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

The ISP later announced that the attack had been thwarted, but connectivity for civilians is likely to remain patchy, as the ISP wants to ensure that the government and military have stable access, before restoring it for the rest of the citizens.

ViaBleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics