July 25, 2024 at 01:02AM
A recent distributed denial-of-service (DDoS) attack on a UAE financial institution, attributed to the pro-Palestinian hacktivist group BlackMeta, set records for its duration and volume. Lasting six days with 4.5 million requests per second, the attack marks a shift from standard hacktivist attacks. The group has also targeted organizations in the US, Israel, and other countries, profiting from its DDoS service.
The meeting notes highlight a recent distributed denial-of-service (DDoS) attack targeting a financial institution in the United Arab Emirates by the pro-Palestinian hacktivist group BlackMeta, also known as DarkMeta. This attack lasted six days, setting records for both its duration and the sustained volume of requests. The attack averaged 4.5 million requests per second and caused the share of legitimate requests to drop significantly.
Interestingly, the attackers used a cybercrime service called InfraShutdown, which allows them to target sites for a fee of $500 to $625 per week. BlackMeta has a history of similar attacks on organizations in Israel, the United Arab Emirates, and the United States. It’s motivated by a pro-Palestinian ideology, has an anti-Western stance, and is linked to Russia. The group uses Arabic, English, and Russian in its communications and targets critical infrastructure such as banking systems, telecommunication services, government websites, and major tech companies.
Moreover, there’s evidence suggesting that BlackMeta may be a rebrand of Anonymous Sudan, and it’s likely financially benefiting from its “hacktivism” through the InfraShutdown DDoS attack service it offers. The attack’s sustained nature and targeting of the application layer pose significant challenges for defending companies, as firewall and network protection are not sufficient to handle such attacks effectively.
These clear takeaways emphasize the growing sophistication and financial aspect of hacktivist cyberattacks, as well as the need for enhanced security measures to protect against sustained application-layer DDoS attacks.