Cryptolulz666 continues targeting Government websites with DDoS

Pierluigi Paganini December 16, 2016

 Cryptolulz666 is back targeting government websites to demonstrate that it is very simple for hackers to bring down them with DDoS attacks.

A few days ago a reported the attack conducted by the black hat hacker Cryptolulz ( ), a former member of the Powerful Greek Army, who hacked the website of Russian embassy of Armenia (www.embassyru.am). He hacked the website of Russian embassy of Armenia to create awareness amongst the authorities, the hacker confirmed me that he used a blind SQL Injection vulnerability.

Now Cryptolulz is back, he wanted to demonstrate that it is very simple for hackers, even small groups, to launch a massive DDoS attack against any target.

Yesterday he first launched a DDoS attack against the website http://italiastartupvisa.mise.gov.it/ belonging to the Italian Government.

It was just testing his own botnet, then later he targeted the website of the Russian Federal Drug Control Service liquidation commission.

The Russian website was down for several hours.

When I asked a comment he told me:

“from my perspective…. this is just low security, and for a government, it’s quite bad” said 

He confirmed me to be a youngster with a great passion for cyber security that aims to spread awareness on the risks.

He launched a DDoS attack leveraging on the NetBIOS amplification technique. NetBIOS is a protocol used in computer software to allow applications to talk to each other via LAN networks.

“A NetBIOS NBSTAT query will obtain the status from a NetBIOS-speaking endpoint, which will include any names that the endpoint is known to respond to as well as the device’s MAC address for that endpoint. A NBSTAT response is roughly 3x the size of the request, and because NetBIOS utilizes UDP, this can be used to conduct traffic amplification attacks against other assets, typically in the form of distributed reflected denial of service (DRDoS) attacks.states Rapid7.

The hacker scanned roughly 10 % of the Internet searching for potential bots to use in the attack and he found 2 million bots.
“which is pretty perfect for amp vectors..” he told me.

He confirmed me to have shut down the site of the Russian government with a single shot and maintained it down for hours.

In this specific attack he other two spoofing server in order to guarantee a stable malicious traffic against the target, and he made this with python scripts.

“I used another two spoofing servers to launch dos attacks with my self-coded python scripts.” he added.I did it to create awareness among the authorities and users of the website.

I did it to create awareness among the authorities and users of the website.
He confirmed me that he will target other government websites in next attacks, always for the same reason.

“you see the government don’t care about security so we gonna exploit it hard.”  added 

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Cryptolulz666, hacking)



you might also like

leave a comment