Hide and Seek Iot Botnet Increasing Infection Capabilities with New Vectors



The Hide and Seek IoT botnet has been updated to act against the Android devices and the criminal group behind its advancement and development has been seen to include a new functionality in recurring incremental optimizations to the fundamental engine.

The Android infections appear to be caused not by focusing on specific vulnerabilities, rather concentrating on maltreatment of the Android Debug Bridge (ADB) option. As a matter of course this is turned-off however at times users might need to turn it on.

The IoT botnet has been spotted to have added around 40 000 gadgets to its stockpile, the infected devices are for the most part from China, Korea and Taiwan. Numerous Android devices are currently part of the home infrastructure — phones, tablets, televisions and various peripherals. This is the motivation behind why attacks utilizing it are exceptionally viewed as critical.

Its samples concentrate on the devices that have set the ADB option on either as a matter of course or by the users themselves. At the point when this capacity is empowered the devices are uncovered as this opens a network port accessing remote connections. Malignant administrators have been spotted to perform unauthenticated login endeavors — utilizing either default passwords or 'brute forcing the devices'.

The attacks likewise prompt the conclusion that the criminal collective behind the botnet is always attempting to update its features. The tremendously expanded number of infected devices is apparent that the botnet is gaining more energy. Botnets are known to be quite efficient when it comes to launching conveyed denial-of-service attacks (DDoS) which can render sites and PC systems non-working.

Chief Security Researcher at Bitdefender Alex Balan said that the botnet's purpose for the time being gives off an impression of being to increase its size and nothing more.
Despite the fact that it bolsters directions for data exfiltration and code execution the researchers have not seen them to be utilized by the botnet and additionally, there is no module for propelling dispersed denial-of-service attacks, an essential technique for botnet monetization.


Major cryptocurrency exchange Bitfinex hit by cyber attack, pauses trading


The fourth biggest cryptocurrency exchange in the world, Bitfinex, shut down briefly on Tuesday morning after a DDoS (distributed denial-of-service) attack on its trading platform.

It started in the morning when the company paused operations for an “unplanned maintenance”, assuring users that all funds were safe, after which they went back live in a couple of hours.


Two hours later, trading was once again down and the exchange tweeted that its platform was “under extreme load”.


While the first outage was caused due to an issue with one of their infrastructure providers, according to the company, the second outage followed soon after and was claimed to have been caused by a DDoS attack, causing an “extreme load on the servers”.

“We are adjusting the DDoS protection measures to fend off the attack and be able to relaunch. Currently we are running tests to make sure we can safely restart operations,” the company reported on its website after the attack.

According to data from CoinDesk, Bitcoin prices fell almost 2 percent after the attack, hitting a low of $7,373.47 a coin at one point.

According to a report by CNBC, a Bitfinex spokesperson said, "The attack only impacted trading operations, and user accounts and their associated funds/account balances were not at risk at any point during the attack.”


Medical Devices Now Vulnerable To Cyber Attacks




It is no denying the Fact that with the advancement in technology and evolution in time tons of changes have been made as well as acknowledged by millions of individuals all around the world, as these progressions have contributed in making their daily lives all the more simpler and comfortable.
One such essential change is the one made in the medicinal field, now medical gadgets of all kinds have the network and connectivity that enormously increases their effectiveness and usefulness, making it significantly less demanding for patients to be monitored.

However, with the way digital attacks are on the rise, a significant number of these attacks may often feel like life and demise circumstances. Be that as it may, with such huge numbers of crucial medical devices requiring network connectivity, some of them may really be targets of lethal attacks. 

Disavowal of administration i.e. service attacks and hackings are two of the most serious dangers confronting the medicinal device industry and the patients, that these propelled medical devices are intended to secure and protect.

The astounding dangers related associated with medical gadgets is very much delineated by the case of implantable cardioverter defibrillators, or ICDs, which are embedded so as to keep a person's pulse controlled and to convey a  life-saving shock in patients who are at high risk of heart failure. ICDs are potentially powerless to a type of digital attack that is firmly identified with DDoS attacks thus, rather than utilizing a system of Internet-connected devices to overpower a target, an assault on an ICD would require only one internet connection.

Vulnerability is that of Insulin over-load. The creators of an insulin pump, in October 2016, made the novel stride of informing clients of a potential security weakness. In the wake of getting data about the defenselessness, Johnson and Johnson and Animas cautioned clients that an attacker, even a remote one, could possibly trigger insulin infusions by mocking the meter remotely, with the risk of eventually causing a hypoglycaemic response in the patient which could be a serious health hazard for a diabetic patient.

Medical imaging gadgets are likewise in danger of cyber interference, the sort that could cause a patient serious harm. The researchers at the Ben-Gurion University of the Negev in Israel found that attackers could be able to expand the level of radiation discharged amid a scan to the point that it could cause ailment, damage or possibly even radiation overdose to a patient.

Nevertheless the message with regards to the medical devices is the same as that of any sort of devices with network or internet connectivity: security should be organized and prioritized better. The device makers should focus on creating devices that focus on playing out the tasks that they had been intended to perform.

This is reasonable, however with the intrinsic vulnerabilities of these gadgets and the hazardous disavowal of administration attacks and hackings that are conceivable as a result of them, security should be the essential need of the hour.


DDoS-for-Hire website taken down in global collaboration of law enforcement agencies


Webstresser.org, a popular DDoS-for-Hire website service on Wednesday was taken down by authorities from the US, UK, Netherlands, and various other countries in a major international investigation and arrests have been made.

The website is blamed for more than four million cyber attacks globally in the past three years and had over 134,000 registered users at the time of the takedown.

The operation, dubbed “Operation Power OFF,” targeted Webstresser.org, a website service which launched DDoS attacks all over the world at the buyer’s bidding. It involved law enforcement agencies from the Netherlands, United Kingdom, Serbia, Croatia, Spain, Italy, Germany, Australia, Hongkong, Canada, and United States of America, coordinating with Europol.

The domain name was seized by the US Department of Defence.

The website allowed criminals to buy attacks on businesses and was responsible for cyber attacks all over the world, including a British suspect who used the site to attack several high-street banks last year, causing hundreds of thousands of pounds of damage.

“As part of the operational activity, an address was identified and searched in Bradford and a number of items seized. NCA officers believe an individual linked to the address used the webstresser service to target seven of the UK’s biggest banks in attacks in November 2017,” UK’s National Crime Agency said in a statement.

The site was one of the various websites operating openly as a “stresser” service that offered to test a company’s cybersecurity defenses. According to investigators, the gang behind the website sold cyber attacks for as little as $14.99.

Seven suspected administrators have been arrested over the last few days or subjected to searches by authorities. and computers have been seized in UK, Holland, and elsewhere.

Law enforcement also took “further measures” against frequent users of the service, details of which have not yet been disclosed.

“By taking down world’s largest illegal DDOS seller in a worldwide joint law enforcement operation based on NCA intelligence, we have made an unprecedented impact on DDOS cybercrime,” said Gert Ras, Head of the National High Tech Crime Unit at the Dutch National Police. “Not only were the administrators of this illegal service arrested, but also users will now face prosecution and civil liability for caused damage.”


Dutch Tax Authority and Banks Face DDoS Attacks

The national tax office in the Netherlands and several of the country’s largest banks were hit by a distributed denial-of-service (DDoS) attack on Monday.

The tax office said that its website had gone down for 5-10 minutes after the attack.

ABM Amro, ING, and Rabobank are some of the major banks affected by the DDoS attack which disrupted online and mobile banking services over the weekend.

The attacks led to banks’ services being down for hours at a time.

"We are now working on an alternative access route to the site, it is not yet possible to say how long this will take," Rabobank said.

"Since the big DDoS attack on ING in 2013, everything seemed to be in order. There is now clearly something we need to respond to, and we are discussing this with the banks," a spokesperson from the Dutch central bank, DNB, had to say.

Spokesperson for the Tax Authority, André Karels said that no data had been leaked and that the attack is under investigation by the National Cybersecurity Services.

DDoS attacks work to bring down websites by sending a lot of traffic to one server at the same time. While such attacks itself cannot cause a breach in networks or data to be leaked, they are often used as distractions by hackers trying to penetrate a network.

Kazakhstan Banks hit by massive DDoS attack



According to local media, several banks in the country have faced a massive DDoS(Distributed Denial of Service) attacks over the past few days.

The attack traffic came from several countries at the same time.  As a result, bank websites were unavailable for a certain time. One of the affected bank is HomeBank.

"The bank's specialists recorded yesterday a large-scale DDoS attack in the form of false requests simultaneously from a huge number of IP addresses that block the operation of the portal."  The Homebank posted in the Qazkom's Facebook Page.

"To ensure the protection of the site and your accounts, the bank's specialists take the necessary technical measures to neutralize the actions of hackers, therefore we apologize if there will be delays in conducting operations or the site will be temporarily unavailable." The Bank apologized for the inconvenience.

Kaspi bank said that their servers and services are not affected by the attack. The bank said they are actively monitoring and working to prevent such attacks.  Other Banks including HalykBank, People's Bank also claimed that their servers are not affected by this attack.

Just a few days ago, the Committee of National Security of the Republic of Kazakhstan stated that Banks hide the information about hacker attacks to maintain the Bank's reputation. In 2017, six Banks have suffered a phishing attack, and only one of them asked KNB to help.

- Christina
 

Hackers' attempt to bring down Rostelecom failed



At the end of August, a powerful DDOS attack was launched against Rostelecom, a largest Internet provider in Russia.  According to the local news report, the experts from the company managed to detect and defend the attack within 8 minutes.

If the attack was successful, it coulld disrupted the usage of 170,000 customers and disrupted the work in Kirov region.  Moreover, this attack would have done economic and reputation damages for the Rostelekom.

It is to note that "Rostelecom" is serving a large number of users: about 130,000 people use the Internet, 44000 use the interactive TV, another 300000 use telephony. The customers not only include normal users but also a corporates which includes largest ones.

"Our company has powerful monitoring tools, we can identify these attacks, reflect them and, in most cases, determine where the attack has been initiated. Generally, the purpose of these attacks is to create problem for service provider and users, limiting their access to the Internet, in order to cause commercial and reputation risks.", The technical Director of "Rostelecom" in Kirov region, Alexey Dolzhenkov said.

It is still unknown who is behind this attack, the experts are gathering evidence of the attack.

- Christina


Lizard Squad disrupt National Crime Agency website

The website of National Crime Agency (NCA), a national law enforcement agency in the United Kingdom which replaced the Serious Organised Crime Agency, was temporarily down on Tuesday morning by attackers.

According to a news report published in The Guardian, the attackers did this as a revenge for arrests made last week. Four days ago before the attack, six teenagers were released on bail on suspicion of using hacking group Lizard Squad’s cyber-attack tool to target websites and services.

They arrests were in an operation codenamed Vivarium, coordinated by the NCA and involving 
officers from several police forces.

Those who were arrested: an 18-year-old from Huddersfield; an 18-year-old from Manchester; a 16-year-old from Northampton; and a 15-year-old from Stockport, were arrested last week, while two other suspects, both 17, were arrested earlier this year, one from Cardiff and another from Northolt, north-west London.

However, all of them have been bailed, while a further two 18-year-olds – one from Manchester and one from Milton Keynes – were interviewed under caution.

“The six suspects are accused of using Lizard Stresser, a tool that bombards websites and services with bogus traffic, to attack a national newspaper, a school, gaming companies and a number of online retailers,” the report reads.

The NCA spokesperson told The Guardian that the NCA website is an attractive target. Attacks on it are a fact of life. DDoS is a blunt form of attack which takes volume and not skill. It isn’t a security breach, and it doesn’t affect our operational capability.

“At worst it is a temporary inconvenience to users of our website. We have a duty to balance the value of keeping our website accessible with the cost of doing so, especially in the face of a threat which can scale up endlessly. The measures we have in place at present mean that our site is generally up and running again within 30 minutes, though occasionally it can take longer. We think that’s proportionate,” he added.



DDOS, APT attacks on Corporate and Banks


With spate of Distributed denial of service attacks and APT attacks on Banks and corporates, Anti DDOS mitigation vendors and ISP are joining together to fight the menace of DDOS attacks.

A few vendors work with ISP to mitigate the threat, working on putting up monitoring agents on every ISP(hardware box) which is connected to mitigation cloud.
A Bank official told on conditions of anonymity "ISP quickly responds to DDOS attack and mitigates for the customer. But comes to them with a Fat Proposal. Customers need to pay a standard amount ever year to get a protection.  In addition to this amount, they have to pay extra money every time they get hit.  The billing can run into lakhs for banks/corporate who take DDOS mitigation."
Another bank official confided that they have asked for a standard quote per year(ISPs are yet to respond).

Smaller vendors cannot tackle DDOS attacks. It has to be anti ddos companies with ISP which can handle this.

Some corporate and Banks are going in for a solution - They place their main websites and Mobile portal behind a Cloud Based WAF/Anti DDOS mitigation service. At the corporate end, they have a firewall and IPS making sure that no direct connection from the Internet is possible to their ISP Pipe. Does this solve the problem is yet to be seen.

"Advanced Persistent threat are followed by DDOS attacks, this is done to to erase any tracks of compromise on firewall, router, Intrusion Prevention Systems" says J Prasanna, Director, Cyber Security & Privacy Foundation Pte Ltd, a singapore based Cyber security certification organization.

The corporate/Banks are seeing only the DDOS and putting DDOS mitigation in place. It has to be checked to see if there is any compromise on data, criminal compromise from banks/corporate. The criminals could have gained access to the data or network and remain stealth for a long time", says Mr. Sreeram, Director, AVS Labs Pte Ltd, Singapore(organization which does consulting and services on cyber security).

The main problem for organizations is there are many vulnerabilities on systems which are undetected for a long period of time. The vulnerabilities could remain on the application software code written by software programmers or it could be in operating system, networks and other critical system level application. The black hat hackers(APT attackers) could exploits these vulnerabilities generally called 0-day vulnerability which could be used to enter into the systems.

Most of these organization need a "0-Day Vulnerability Assessment & Penetration Testing" and "APT Analysis" to find any Security breach". Normally not every one can do this because you need the best talents on board like "bounty hunters" who do vulnerability finding for fortune 500 companies. But that is no it - " Most bug bounty hunters cant find beyond web vulnerabilities", These auditors/assessors need the 0 day exploits and also knowledge of how APT attacks work. Most organization which perform regular Vulnerability Assessment and Penetration testing and even who do ISO 270001 certification implementation don't have capability to handle Zero-day or APT assessments.

Is a corporate with ISO 270001 standard implementation safe? A quite survey taken for 25 organizations show that almost all had standards implemented and they all experienced data theft. Some of corporate CISOs don't want to accept APT attacks, most of this information of compromise never reaches the management.

All the attacks happened at technical level, because of poor technical controls or products like antivirus/firewall/intrusion prevention not doing what they said they will do.

Do we still trust the ISO270001 implemented in corporate or the products they are using inside to save our data!

Anonymous hackers taken down Canadian government websites

Anonymous hacking group hacked the several Canadian government websites and servers on Wednesday, in retaliation for a new anti-terrorism law passed by Canada’s politicians.

The sites which were affected by this cyber attack includes general website for government services, canada.ca, Canada’s spy agency, the Canadian Security Intelligence Service (CSIS).

According to the cabinet minister, Tony Clement, who is responsible for the Treasury Board, the attack has affected the email and the internet access. He confirmed this on his Twitter account.

 A video  has been posted on YouTube by Anonymous citing that the anti-terrorism law violated human rights and targeted people who disagree with the government.

The new Bill C-51, or the Anti-terrorism Act, 2015, would give new powers to CSIS and federal agencies to increase surveillance and share information about individuals.

Talking to the reporters of the guardian, the public safety minister, Steven Blaney, denounced the cyber attacks, “there were many other democratic ways for Canadians to express their views, and  the government was implementing efforts to improve its cyber security.”

Distributed Denial of Service(DDOS) attacks

A well-known Indian security news portal was targeted on May 21st morning by a DDOS attack. 2 hours before the attack the company tweeted "NSA planned to hijack Google App Store and plant malware on all Android Apps" and provided a news link. Whether the DDoS attack and this tweet are connected is an interesting speculation.

But the larger and more critical question is the vulnerability of digital assets. One would naturally assume that they had a robust defensive strategy in place. But, the DDoS attack which has brought down the portal suggests otherwise.

There has been series of hack and DDOS attacks on major corporate, Telecommunication and net banking portals.

“Today the digital assets of a knowledge or service based company has more value than its tangible physical assets. It’s imperative that they think beyond ready made security tools from the market and move towards employing security professionals who can provide customized security audit. “ says J.Prasanna of Cyber Security and Privacy Foundation.

"Even going to the police will be of not much help since these attacks are sophisticated and originate from different geographies. Very few have the forensics capability to make a credible case in a court." says SreeRam, the Police KravMaga instructor who is also part of a singapore based security company.

Both agree that … “with India's increasing clout in world trade and balance of power tilting gradually towards Asia, asymmetric warfare tactics like cyber terrorism will be relied more frequently to dent the credibility of the nation. As on date, India does not seem to have the aggressive posture as a deterrent.”

CVE-2014-0050: Apache Tomcat vulnerable to Denial of service attack

If you are a developer, you should always be careful when writing loops especially an endless loops [ for(;;) or while(true) ] which are coded to be stopped by an 'if' statement.

Security researchers from TrustWave have explained how an endless 'for' loop resulted in a denial of service vulnerability that could allow attackers to launch DOS attacks against websites hosted on Apache Tomcat servers.

The vulnerability(CVE-2014-0050) is located in Apache Commons FileUpload file.  The 'for' loop in the file is coded in such a way that it will be stopped by raising an exception or by returning a value. 

An attacker can send a malformed 'Content-type' header for a multipart request which could result in an infinite loop.

Multipart is often used in HTTP request for uploading files.  Values in the multipart requests are separated by a magic line called "boundary".  Boundary is a random string which will be defined in the 'content-type' header.

By sending a boundary value longer than 4091 characters and 'body' longer than 4096 characters, the 'for' loop won't be stopped by both 'if' statement.

TrustWave researchers managed to send four times a request containing more than 4091 characters in the boundary field that forces vulnerable tomcat server into an infinite loop.  As a result, the tomcat server will end up in consuming all available CPU resources until it is stopped.

Anonymous hacktivists launch DDOS attack against GCHQ website


It seems like Anonymous hackers have launched a Distributed denial of service(ddos) attack against GCHQ website.

The attack just came after Edward Snowden leaked a document which revealed that British Spy Agency (GCHQ) carried out ddos attacks to disrupt the anonymous hacktivists' communication channel.

Some anonymous hacktivists also claimed to have successfully disrupted the website of GCHQ.  Netcraft confirmed that gchq.gov.uk today has experienced 'noticeable performance issues'.  Netcraft says the attack could be originated from Romania.

"Curiously, a much larger amount of downtime has been observed from Netcraft's Romanian performance monitor since the leaked slides were made public."Netcraft post reads.

"That could indicate much more extreme DDoS mitigation techniques are being applied to these requests, and this in turn suggests that if an attack is occurring, perhaps Romania is one of the countries from which the attacks are being launched."

400Gbps NTP-based DDOS attack hits CloudFlare - largest DDOS attack in History

Until a week ago, it was believed that Distributed denial-of-service(DDOS) attack against Spamhaus is the largest one in the history.  Now, an even bigger DDOS attack has been recorded by the Content delivery Network CloudFlare.

Matthew Prince, CloudFlare CEO, said in twitter that very big NTP reflection attack was hitting them and appears to be bigger than the Spamhaus attack from last year.

According to Matthew, the attack reached 400Gbps which is 100Gbps higher than the ddos attack targeting Spamhaus. 

CloudFlare said all websites have returned to production.

Founder of a French hosting firm OVH also said their network received more than 350Gbps traffic, but it is not clear whether it is related or not.

Last month, CloudFlare also wrote an article detailing about the Network Time protocol(NTP) based DDOS attacks that caused trouble for some gaming web sites and service providers.

NTP protocol is UDP-based protocol runs on port 123 which is used by Internet connected computers to set clocks accurately.  A system will synchronize with the server and receives the current time.

Experts says this protocol is prone to amplification attacks because it will response to the packets with spoofed source IP address "and because at least one of its built in commands will send a long reply to a short request. That makes it ideal as a DDoS tool."

List of open NTP servers on the Internet allows attackers to launch Denial of attack against any target network. 

Hackers launched DDOS attack against EA Origin Server & Steam server

The Steam server was unavailable to users for an hours after the site being targeted with a distributed denial of service (DDOS) attack.

Two twitter accounts @chFtheCat and @LARCENY_, have taken credits for the Steam’s service outages. The accounts also claimed to have taken the Battle.net server offline.

"The reason for me attacking these games, is because games are bad for the soul (<3 Jesus) my kids were poisned by games." One of the tweets of @LARCENY_ reads.

Another Group called DERPTrolling has taken credits for taking EA's Origin Online gaming service offline that left users unable to login.

"We're working to resolve connectivity/login issues affecting various platforms/games. Thank you for your patience. Updates when available^EX" EA Support account posted a tweet regarding the issue.

NatWest online banking service hit by DDOS attack


A cyber attack to disrupt online banking services of Natwest left the customers unable to access their accounts online.  The website suffered a distributed denial of service(DDOS) attack.

"Due to a surge in internet traffic deliberately directed at the NatWest website, some of our customers experienced difficulties accessing our customer web sites this evening. " Mirror quoted as Natwest spokesperson saying.

"We have taken the appropriate action to restore the affected web sites.  At no time was there any risk to customers.  We apologise for the inconvenience caused."

This is not the first time the Natwest website under a cyber attack.  Earlier this month, all of RBS and NatWest's systems went down for few hours.

It is still unknown who is responsible for this cyber attack.  Bank customers started to blame the Bank for not able to access their accounts. 

Agency claims NSA.gov down because of "Internal Error"

National Security Agency (NSA) website is down for several hours. There had been speculation on the internet that website is down because of denial of service attack from Anonymous.

However, the Agency denied it was under DDOS attack and says it is just "Internal Error" during a scheduled update..


"The issue will be resolved [Friday] evening. Claims that the outage was caused by a distributed denial of service attack[DDOS] are not true." An NSA spokesperson told ABC News.




#OpSaudi : Anonymous launched cyber attack on Saudi Government site


Saudi branch of Anonymous hacktivist has launched cyberattack on Saudi Government websites , the operation has been named as "#OpSaudi". Few government websites are facing heavy Distributed-denial-of-service(DDOS) attack from the Anonymous.

The affected government sites include Saudi Arabia and the Ministry of Foreign Affairs(mofa.gov.sa), The Ministry of Finance(mof.gov.sa), General Intelligence Presidency(gip.gov.sa ).


gosi.gov.sa, Riyadh Region Traffic(www.rt.gov.sa), hrc.gov.sa are also being targeted by the hackers.

The Anonymous saudi also claimed they have gained access to the server of Qassim Region Traffic website(q-t.gov.sa/h.asp) and deleted the database. 

General Directorate of Education in Jeddah website fell victim to the cyber attack.  Hackers identified and exploited the SQL Injection vulnerability in feenakhair.jedu.gov.sa.

"saudi people like slave for the gov , and 2 days ago a saudi prince kidnapped a girl & raped her . then killed her and throw her body naked" Anonymous Saudi stated as reason for the cyber attack. 

DDOS attack brings the Internet to its knees

The fight between a spam fighting company called "Spamhaus" and a web hosting company called "Cyberbunker" has slowed down a majority of the internet by making DNS resolving slow.



The reason behind the attack is that Spamhaus added the IP addresses of cyberbunker to its "spam" list due to Cyberbunker allowing almost any sort of content to be hosted hence also maybe the source for spam. So Cyberbunker attacked back and this attack also affected normal internet users.

The attack was possible because of the large number of vulnerable DNS servers that allow open DNS resolving.Simply put an attack exploiting this type of vulnerability makes use of the vulnerability of the DNS server to increase the intensity of the attack 100 fold.

The origins of these type of attacks goes back to the 1990's to an attack called "smurf attack"

But now the attack method has become more efficient and uses DNS amplification to flood the victim with spoofed requests which are sent to the DNS servers by using a botnet of compromised computers.The attack at its peak reached a speed of 300 Gbps making it the largest DDOS attack in history.

Cyberbunker which claims itself to be a supporter of free speech and defender against the "big bullies" seems to have now have stooped down to their level of using aggressive offensive methods that affect the normal functioning of the internet.This is not the way to go !

The people who run DNS resolvers are also equally responsible for these attacks as its their vulnerable servers that make these attacks possible, the internet community should come up with a PERMANENT solution to this problem.

Please read cloudflare's blog post for a detailed analysis : http://blog.cloudflare.com/the-ddos-that-almost-broke-the-internet

Massive Cyber attack Shut down Knight Center's websites for Two weeks

The websites of the Knight Center for Journalism in the Americas and the International Symposium for Online Journalism hit by massive cyber attack that left the sites down for last two weeks.

“The malicious cyber-attack was enough to shut our websites down, but not to enough to shut us up. We rapidly created WordPress blogs to continue our regular and unique report on Journalism in the Americas,” said professor Rosental Alves, founder and director of the Knight Center for Journalism in the Americas at the University of Texas at Austin.

“We have no idea why someone would want to attack our sites"said professor Alves.

They noticed that the origin of the cyber-attack was in computers located in Russia.

According to the Knight center news report, the attack was taken place on March 11. Those affected websites are now back online.

"We had to shut down the sites, while the University of Texas IT department conduct its work to clean the sites and make sure increase its security levels.We are happy to be back with our normal presence on the Web,” said professor Alves.