Why BGP Hijacking Remains a Security Scourge for Organizations Worldwide?


Border Gateway Protocol (BGP) hijacking, sometimes called prefix hijacking or IP hijacking, occurs when an attacker redirects web traffic away from its intended destination.
One such attack had lately impacted more than 200 of the world’s largest content delivery networks (CDNs) and cloud hosting providers.

The lesser-known BGP hijacking attack occurred late, affecting more than 200 of the world’s largest Content Delivery Networks (CDNs) and cloud hosting providers. The companies affected were those in the cloud services and CDN markets, including big names such as Google, Amazon, Facebook, Akamai, Cloudflare, GoDaddy, Digital Ocean and Joyent.

Typically, BGP is used to exchange routing information between different locations on the Internet. It is the language that is spoken by routers on the Internet to decide on the most optimal path to reach a destination. However, due to its ancient design and adoption of encryption or lack of automated verification method, BGP has caused hundreds of outages.

How does BGP hijacking work?
BGP hijackers, sometimes called prefix hijacking or IP hijacking, occur when attackers redirect web traffic away from their intended destination and instead send requests coming to the IP address under their control. It is an attack against routing protocols in which cybercriminals call their victims’ IP identities to commit malicious activities such as spamming, phishing and malware hosting.

In other words, this attack can be compared to sending a private user to the wrong address, which was provided by an importer to place an order. Once the information is emailed to the wrong address, the importer has it forever and can use it for its malicious purposes.

 

How prevalent is the attack?
  • One of the most remarkable incidents involving BGP hijack occurred in 2018 where the cybercriminals had used the technique to generate $29 million through fraudulent ad revenue. The attack, carried out by an ad fraud gang named ‘3ve’, took control of IP addresses belonging to the US Air Force and other reputable organizations.
  • In April 2018, attackers had rerouted almost 1,300 addresses from Amazon Route 53 with an aim to steal cryptocurrency. By subverting Amazon’s domain-resolution service, the attackers masqueraded as cryptocurrency website MyEtherWallet.com and stole about $150,000 in digital coins from unwitting end-users.
  • In July 2018, the BGP hijacking attack method was also used to target several payment processing companies in the United States and redirect users to malicious websites. The attackers had used rogue DNS servers to return forged DNS responses to users trying to access a certain website.
  • In 2019, the traffic going through a public DNS server run by the Taiwan Network Information Center (TWNIC) came under attack and was rerouted for several minutes to an entity in Brazil.

What does MANRS suggest?
Vigilance is the key to preventing such attacks. In 2014, the Internet Society launched a mutually agreed Norm for Routing Security (MANRS) initiative aimed at eliminating common routing threats, including BGP hijacking.

MANRS promotes four action points to reduce threats of route hijacking or other types of BGP attacks. These include:
  • Global validation – The service providers will have documented routing policies that are available publicly and communicate with their peers.
  • Filtering – One of these policies will ensure that only correct routes are announced.
  • Anti-Spoofing – Anti-spoofing filtering must be used to only allow the correct source IPs from entering their network.
  • Coordination – Service providers’ contact information must be publicly accessible and up to date.

Have any Question or Comment?

Leave a Reply

Your email address will not be published. Required fields are marked *

Contact me

If you need any kind of hacking tools and software, then contact me.

Swvid

Jdsingh group

Recent Posts

Categories

google Adsense

Hacking tools list

Binders (23):

amokjoiner
Bl0b B!nder 0.2.0 + USG
blackhole Binder
F.B.I. Binder
Predator 1.6
PureBiND3R by d3will
Schniedelwutz Binder 1.0
Simple Binder by Stonedinfect
sp1r1tus Binder 1.0
Tool-Store Binder 1.0
Tool-Store Toasty Binder 1.0
Yet Another Binder 2.0
Albertino_Binder
bl0b_bind
EESBinder10
Kbw-Binder
Public_27.12
Rapid_Binder_v_1.0
Sadaf_Binder
SaLiXeM_File_Binder
Sh!T_Multi_Binder_Free-
vBinder
yab201

“““““““““““““““““““““““““““““““

Cracking Tools (16):

Access Driver
Ares
Attack Toolkit v4.1 & source code included
Brutus
Golden eye 2005
HellLabs Proxy Checker v7.4.18
HostScan v1.6.5.531
Invisible Browsing v4.0
IPScanner v1.86
Net Tools Suite Pack Abril
NFO-Tools All In One
Patchs All In One 2005
Sentry20
SoftIce 4.05 -Win 2000-XP
VNC Crack
WWWHack

“““““““““““““““““““““““““““““““

Crypters (24):

Bifrost Crypter by ArexX 2
Cryptable Seduction 1.0 by DizzY
Crypter by Permabatt
Crypter bY YoDa
Cryptic 1.5
Daemon Crypt 2 Public
Deception 4 by [RaGe]
Destructor Crypter
EXECrypt 1 M0d by CARDX
Fuzz Buzz 1.2 by BulletProof
OSC-Crypter by haZl0oh M0d
Poison Ivy Crypt M0d by CARDX
SaW V1 Mod by LEGIONPR
Skorpien007 Crypter 3.1
Stonedinfect Crypter 1.0
Trojka Crypter 1.1 by tr1p0d
Builder
Carb0n_Crypter_1.8
Sick Crypter
Sikandar’s_Crypter_Version_1.0_Public
Simple+Crypter
Test1
Triloko_Crypter
XxVtecman9xX_Crypter

“““““““““““““““““““““““““““““““

DDosers (53):

assault_1.0
click_2.2
crazyping_1.1
death_n_destruction
donut_http_flooder_1.4
fed_up_2.0
firewall_killer_1.3
igmp_nuke_1.0
illusion DOS
krate_port_bomber
meliksah_nuke_2.5
nemesy_1.3
NetBot_Attacker 1.4 English
panther_2.0
spoofed_irc_nuker_1.3
~FuCk_It!~_DOS
ass4ult
b4ttl3p0ng
bd0rk’s DoS Killer
BFF_DoS_%28Ping%29_v1.0
BioHazard
clik2
CS_DoS
DDOS
denden_ddos
DoS 5.5 Fina Cold_Assassin69l
Dos Attacker Alpha 1.1
doshttp_setup
fortune
FUBAR
Hartz4Flooder_v0.2.
IFRAME_DDoS_v1.0
iGirls_DoS_Tool
IP Port Ddos
IRAN DoS
Longcat_TCP_HTTP_UDP_Flooder_v2.3_Final
MegaDeath
PM2
Private_ddos_tool_by_pureedee_v3.0
rDos
RocketV1_0
rpcnuke
ServerAttack
Site_Hog_v1_release
SMFH_DOS
SuPeRdDoS_1.0
Supernova 5
SYN-flood
t3c4i3_s_Dos_Tool_v2.00
Website_Crasherv4.7
XDos
zDoS

“““““““““““““““““““““““““““““““

Fake Programs (24):

Cod_Mw2_Keygen-Idecrypt
CoD-Mw2-Keygen
ddoser_3.6
Dice_RiggerDoXiE__1.2
emblem_crypter
FAKE_Steam_Keygen
FlexBot_Runescape
Flooder
Gamebattles_Credit_Adder
Microsoft_Point_Generator
MSDN_admin
MSN_Password_Cracker
Multi-Hacker
MW2_Serial_Generator
Norton_2010_Keygen
Paypal_Money_hack
PayPal_Money_Hacker
Poker_Hack
Rapidshare%20Extender
Runescape_Stat_Changer
teamviewer_patch
Windows_7_Serial_Generater
Windows_Activator
WoW_account_hacker
XBox_360_Account_Hacker

“““““““““““““““““““““““““““““““

Host Boosters (8):

BioZombie
dbot
DDoSeR_3.4
Host_Booter
Metus_GB_Edition
MeTuS-Delphi-2.8
X-R
z3r0xb0t_Final_Public_Release_[v2.0]

“““““““““““““““““““““““““““““““

Phishing Pages (56):

eBay.com
Fake Login Page(Tut)
Gmail.de
Playstation Underground
RapidShare.com
RapidShare.de
Abbey ( CC ) Phisher
Abbey Phisher
AceMailer-v1
Adult Friend Finder Phisher
AIM Phisher
Amazon Phisher
AnonymousMailer
astatalk Phisher
Chase Phisher
DeviantArt Phisher
Dynamic_RapidShare_Phisher_v0.8
E-Trade Phisher
facebook Phisher
FileFront Phisher
FreeWebs Phisher
Friendster Phisher
Gaia Gold generator Fake login
Gmail Phisher
GoDaddy Phisher
Habbo Phisher
Hi 5 Phisher
hotmail Phisher
HP ( Shop ) Phisher
IMVU Phisher
IP Hider
Jiffy Gmail Account Creator
MySpace Phisher
Nationwide Phisher
PayPal Phisher
Phisher Maker!
Phishing Letters
Photobucker Phiser
PornoTube Phisher
RapidExtract
Regions Phisher
Ripway Phisher
RuneScape Phisher
SendSpace Phisher
Skype Phisher
SourceForge Phisher
Steam Phiser
Tagged Phisher
Tarantula
thisis50 Phisher
Warez-bb Phisher
Wells Fargo Phisher
WoW Phisher
WWE Phisher
XboxLive Phisher
YouTube Phisher

“““““““““““““““““““““““““““““““

Remote Administration Tools: (86)

bn135
SubSeven 2.2
[BUGFIX]Schwarze Sonne RAT 0.8.1
[BUGFIX]SS-RAT 0.4 Final
A32s (fifth) RAT
Apocalypse144
Arabian-Attacker v1.2.2
Arabian-Attacker v1.4.0
Archelaus Beta
Arctic R.A.T. 0.0.1 Alpha
Beast v2.07
Bifrost12
Cerberus RAT 1.03.4 Beta
Cerberus
Char0n
CIA_v1.3
CyberGate v1.00.1
CyberGate v1.02.0
CyberGate v1.03.0
CyberGate v1.04.8
CyberGate_v1.01.8
CyberGate-v1.00.0
Daleth RAT 1.0(ss rat src)
DarkComet2RC1
DarkComet2RC5
DarkComet-RAT 2.0 Final RC2
DarkComet-RAT 2.0 Final
DarkComet-RAT 2.0 LAST BETA
DarkComet-RAT 2.0b 2
DarkComet-RAT 2.0b3
DarkComet-RAT Beta Test 01
DarkMoon v4.11
Deeper 1.0 Beta10 – Fix1
Deeper_1.0_Beta8
Deeper_1.0_Beta9
DRAT 2009 V4.0 Build 1201
DRAT 2009 V4.2 Build 1216
Golden Phoenix Rat 0.2
GraphicBooting RAT Beta v0.3
Lost Door 4.2.2
Lost Door V2.2 Stable Public edition
Lost Door v4.3.1
Lost_Door_V4.2_light
MiniMo v0.7a PublicBeta
MiniMo_v0.7a_PublicBeta
miniRAT 0.6 Beta
MofoTro
NetDevil_v1.5
NovaLite_final5
NyTrojan_RAT
Optix v1.33
Optix_v1.33
PaiN RAT 0.1 Beta 9
painrat0.1Beta9
PI2.3.2
Pocket RAT
Poison Ivy 2.3.2
ProRat_v1.9 SE
Schwarze Sonne 0.2 Final
Schwarze Sonne RAT 0.1 Final
Schwarze Sonne RAT 0.1 Public Beta 2
Schwarze Sonne RAT 0.1 Public Beta
Schwarze Sonne RAT 0.2 Beta
Schwarze Sonne RAT 0.7
Schwarze Sonne RAT 0.8
Schwarze_Sonne_0.5_Beta
Seed1.1
sharK_3
SharpEye-Rat1-0_beta2
solitude_1.0_cracked_by_DizzY_D
Spt-Net_[RAT]_v2.6
Spy-Net 2.7
SS-RAT 0.3 Beta
SS-RAT 0.5 Final
SS-RAT 0.6 Final_bugfix
SS-RAT 0.6 Public Beta
SubSeven_2.3
Turkojan4
Vanguard
Venomous Ivy
vibe1909_10giayFamatech.Radmin.v3.1.Remote.Control.Cracked-NoGRP
VorteX RAT
xHacker.3.
xtremeRAT
Y3kRat2k5RC10

“““““““““““““““““““““““““““““““
Scanners: (23)

Advanced IP Scanner
Advanced Port Scanner
Bitching Threads
BluePortScan
LanSpy
NeoTracePro
NetScan Tools
ProPort
Putty_0.6
SuperScan [Fav]
Trojan Hunter 15
ZenMap – NMap V5.21 [Win]
angry_ip_scanner
bitchinthreads
bluesprtscn
bobup
DD7s_Port_Scanner
HLDL-5967freeipscanner
ProPort
superscan4
te_port_scanner
TrojanHunter15
xss_scanner

“““““““““““““““““““““““““““““““

Sniffers: (2)

Cain & Abel Self Installer [WinXP]
WireShark Self-Installer [Win32]

“““““““““““““““““““““““““““““““

SQL Injection Tools: (14)

Vbulletin 3.6.5 Sql Injection
GYNshell.php
Havij_1.08
Hexjector v1.0.7.3SE
MySQLi_Dumper_v.1.2_BIN
Pangolin_Professinal_Edition_v3.0.0.1011
SPInjv1.2
Sql Hack pack -Updated
sql.txt
SQL_Exploiter_Pro_2.15
SQL_Injection_Tool_v2.1a
SQLDEFACER
V3MoHackzSQLExplt
yourleetdefacepage.html

“““““““““““““““““““““““““““““““

Stealers: (75)

1337 SteamACC Stealer Private
Allround Stealer
Armageddon Stealer 1.0 by Krusty
bl0b Recovery 1.0
Blade Stealer 1.0 PUBLIC
Codesoft PW Stealer 0.35
Codesoft PW Stealer 0.50
Dark Screen Stealer 2
Dimension Stealer 2 by Gumball
FileZilla Stealer 1.0 PUBLIC
FileZilla Stealer by Stonedinfect
Firefox Password Stealer – Steamcafe
Fly Stealer 0.1
Fudsonly Stealer 0.1
Hackbase Steam Phisher 1.2 BETA
Hackhound 0.0.1.4
Hackhound Stealer
HardCore Soft 0.0.0.1
ICQ Steal0r
IStealer 4.0
IStealer 6.0 Legends
Keyloggers
LabStealer by Xash
Multi Password Stealer 1.6
Papst Steale.NET
Pass Stealer 3.0
Pesca Stealer 0.2
pixel Stealer 1.3.0 SC
pixel Stealer 1.4.0
ProStealer
Public Firefox 3 Stealer
Pure-Steam 1.0 CS
Pw Stealer by Killer110
PWStealer 2.0
Remote Penetration 2.2
SC LiteStealer 1
SimpleStealer 2.1
SPS Stealer
SStealer by till7
Steam Stealer 1.0 by ghstoy
Steam Stealer by till7
Stupid Stealer 6 mit PHP Logger
System Stealer 2
The Simpsons Stealer 0.2
Tool-Store FileZilla Stealer 1.0
Trojan Horses
Ultimate Stealer 1.0
Universal1337 – The Account Stealer
Universal1337 2
Universal1337 3
Viotto Keylogger 2.0
[Release]Hackhound_Stealer
1337_SteamACC_Stealer_Private
AuraStealer
BKL_Public_Edition_v2.0
Builder
Dark_IP_Stealer_-_by_mana5olia
Dark_Screen_Stealer_V2
FF_Stealer_steamcafe
iStealer_3,0
iStealer_4.0
istealer_5.0
iStealer_6.3_Legends
jps18
LabStealer
lps
Midnight_Stealer_1.5
Multi_Password_Stealer_1.6
PassStealer_v3.0
PWstealer_v2.0
Ref_Stealer_-_99__FUD
Remote_Penetration_v2.2
SimpleStealer_v1.2.4.1
Universal1337_V2
UNLIMITED_PW_STEALER_0.4

“““““““““““““““““““““““““““““““
Virus Builders: (10)

DELmE’s Batch Virus Generator v 2.0
DrVBS
hellp2p
In_Shadow_Batch_Virus_Gen_-_5.0.0_-_MOD
Kill_Switch
Nathans_Image_Worm
Pokes-Worm-Gen-2
Power Of Batch.txt
Tera_Bit
vbswg2
Virus-O-Matic

“““““““““““““““““““““““““““““““

Vulnerability Scanners and Exploiters: (2)

Metasploit Framework V3.4.0 [Win]
Nessus [Win32]

*********************************************************************************************************
*********************************************************************************************************