With the help of Trojans, Disturbed Denial of Service (DDoS) attacks is launched against targeted systems. But is it just an attack or something more than that???
A disturbed Denial of Service (DDoS) attack overloads the target system with data, making the response from the target system either slowed or completely stopped. So to generate the required amount of traffic, a network of zombies and bot computers are put into use.
Relation Between DDoS, Zombie, and Botnets
There are different types of botnets or zombies like computers that are hacked by the attackers, with the usual viruses called Trojans. These hacked computers are remotely managed by hackers and curated to enhance the flow of traffic to develop the DDoS attack.
Such attackers auction and trade these botnets which give the control of the hacked system in the hands of multiple attackers/criminals, each one with varying reasons for attacking. Many attackers use all the botnets as a form of spam relay. On the other hand, some appear in the form of site download links, and others can come as scams or phishing.
How Does DDoS Attack Occur?
There are several ways to create a Disturbed Denial of Service (DDoS) attack. The common ones are SYN floods and HTTP GET requests. The latter one is quite popular and the attack was called MyDoom worm. It has attacked the site SCO.com. The virus has sent more than 64 requests per second from all the other infected systems. There was an estimation that many systems were infected by the virus, SCO.com was highly suspicious about and realized it later.
An SYN Flood is a kind of virus on the web. As a matter of fact, internet connectivity usually practices a three-way handshake and any client initially communicates with the help of an SYN. On that, they respond to the server comes with an SYN-ACK. And, again the client is requested to reply with ACK; here SYN Flood is forcefully stopped handshake.
An attacker with the use of a false IP address sends the SYN resulting in an SYN-ACK is being forwarded to non-requesting along with often non-existing IP addresses. After that, the server waits to witness the ACK response but receives nothing as the virus has blocked the handshake pattern. When there are huge numbers of stopped SYN packets, the resources of the servers gets diminished and the server falls prey to the virus called SYN Flood DDoS.
There are several other types of DDoS attacks, such as UDP Fragment attacks, ICMP Floods and the Ping of Death.