Mobile Ad Network Abused in DDoS Attack: CloudFlare

September 28, 2015


One of ’s customers was recently hit by a distributed denial-of-service (DDoS) attack that appeared to leverage a mobile ad network and malicious JavaScript.

JavaScript-based DDoS attacks have been classified as Layer 7 attacks because they rely on apparently legitimate HTTP requests. Experts have been warning about the possibility of such attacks since 2010, but they’ve recently become a reality and are becoming increasingly problematic.

In April, researchers revealed the existence of a new used by the government for censorship enforcement. The tool, dubbed “,” relies on malicious JavaScript injected into unencrypted traffic in order to launch DDoS attacks against targeted websites. A different leveraging JavaScript was reported last week when an Imgur vulnerability was exploited to disrupt the imageboard 8chan.

Read More