HackerTrans
TopNewTrendsCommentsPastAskShowJobs

lucastech

no profile record

Submissions

The bots that keep on giving

wxp.io
2 points·by lucastech·anno scorso·1 comments

comments

lucastech
·21 giorni fa·discuss
Looks cool, how do you integrate it into your agent to keep the context in sync?
lucastech
·8 mesi fa·discuss
pretty crazy to see these sorts of worms, I think it's probably a good thing that we start to examine the "supply chain" of open source software and figure out ways to prevent this sort of attack.

Timing was definitely smart on the part of the attacker, heading into Thanksgiving in the US means a lot of people in vacation mode, probably not even realizing this is happening right now.

This should really be front page here
lucastech
·8 mesi fa·discuss
This is awesome, I've used offload media for years, but they've been getting more and more annoying about their plugin trying to convert to using their cdns and upgrading to their premium plugin.

I've wanted to explore R2 (I use S3/Cloudfront today) and this looks like a great way to do so!
lucastech
·9 mesi fa·discuss
I wrote about this back in July when this "gang" first started hitting some sites I host: https://wxp.io/blog/the-bots-that-keep-on-giving

they use a mixture of colo (M247, Datacamp, HostRoyale, Oxylabs, etc) and international residential. I suspect the latter are where those residential app proxies come into play (bright SDK, etc). Oxylabs is also a well known proxy provider, which makes me think they're the gateway into all of these IPs.

Definitely interesting times to try and host a web server!
lucastech
·9 mesi fa·discuss
Yeah, there are some botnets I've been seeing that are much more stealthy, using 900-3000 IP's with rotating user agents to send enormous amounts of traffic.

I've resorted to blocking entire AS routes to prevent it (fortunately I am mostly hosting US sites with US only residential audiences). I'm not sure who's behind it, but one of the later data centers is oxylabs, so they're probably involved somehow.

https://wxp.io/blog/the-bots-that-keep-on-giving
lucastech
·9 mesi fa·discuss
Meta Ireland is just as bad, I've noticed a lot of Tencent from SG.
lucastech
·9 mesi fa·discuss
I wrote about this a few weeks ago, because it really is quite insane.

I wish AWS would curtail abuse from their networks. My hope is to build some tools to automate detection and reporting of this sort of abuse, so we can force it into AWS's court.

https://wxp.io/blog/abuse-from-amazon-ip-networks-never-end
lucastech
·9 mesi fa·discuss
I remember dealing with a large credential stuffing attack at a marketplace right after we announced our series B ~2018. We developed some tools to keep them out through pattern matching, but it was not easy and it took some time to develop those tools.

Best companies to work with were spycloud.com and sift.com.

spycloud actually specializes in identifying leaked credentials, which are what attackers use in the credential stuffing list they go through, so you could identify "stuffable" credentials prior to the attack happening, which is nice.

sift was great at helping to just identify fraud in general, so if an account did quietly get compromised, we could identify it before the transaction was finalized.
lucastech
·anno scorso·discuss
I've been trying to track down the source of 500+ IPs that routinely hit websites that I'm hosting. Definitely interested in hearing if anyone else has experience this as well. Cloudflare does not appear to block this type of attack
lucastech
·anno scorso·discuss
I have to say, Visual Basic 4.0 changed my life when I was introduced to it at the age of 12. I had written Basic before that, but being able to build drag and drop create a GUI on top of my code was what really hooked me on programming. I built and sold my first desktop application at 14 that I wrote by myself in VB6 and used VB6 for all of my jobs through 21 when I had to upgrade a VB6 application to C#.net.

I often harp on how much I wish someone would build a simple GUI for the modern desktop or web environment, instead of spending ages fighting css and javascript for even the most basic layouts. Visual Basic just removed all of the complexity, nothing filled that gap before VB or after VB. Sadly, even VB these days is a mess ever since winforms stopped being the primary target interface.

Thank you for what you built, I've been writing code for 26 years now as a direct result of it.
lucastech
·2 anni fa·discuss
I really like this idea. I've wanted to build something to bring startup/remote work people in my area together for a while. I bought a few domains but couldn't figure out the hook. Smart idea to build it as part of the HN userbase, since that is the userbase you want for something like this!

Great work