The parent company of Rogue Media Labs is called Rogue Security Labs for a reason, because I would like to fancy myself a sort of “savant” when it comes to cybersecurity. In fact, throughout the past, groups such of Ghost Squad Hackers have literally demonstrated attacks which have taken down ProtonMail servers, yet which just harmlessly deflected off me. Over the course of the last 5 months I have literally absorbed thousands of Web Application Attacks from all around the world on both my websites, and haven’t had a single one of the websites I’ve built or protected hacked or crashed since July 2017 – all without unnecessary 3rd party services such as Cloudflare, Radware or Sucuri mind you.
However, that all changed this past weekend when a hacker known as “PopTart” of Pryzraky crashed Rogue Security Labs with a Layer 7 DDoS Attack the likes of which I have never seen before. And I say this because, just a couple weeks ago, I deflected a Layer 7 Attack DDoS Attack from PopTart seamlessly without an ounce of down time. But after some research and a bunch of custom additions, including his own programming, PopTart appears to have finally pulled it off. For this reason, I dare say that PopTart is the most dangerous ‘doser’ in the world right now – at least that I have seen.
For some perspective on this, PopTart originally crashed my site while I was away, on a hike through town – so I asked them to try and replicate while I was back home in front of my computer. I kid you not, even with all Tor nodes blocked, VPN traffic blocked, Proxy traffic blocked and all IPv2 Addresses from China, Indonesia, Brasil and the Netherlands blocked, on top of all my existing security measures in place, PopTart was still able to crash my site – there was nothing I could do. He is the first and only person in history to crash a Rogue Security Labs protected site, and believe me there have been plenty of suitors – not all of them enemies, either.
In an interview with Rogue Media Labs, PopTart claims to have hijacked a majority of the devices in his botnet off the ClearNet – almost none of them having anything whatsoever to do with the Internet of Things (IoT). For this reason, all of the traffic from his botnet registers as legitimate. For example, his botnet passed my bot blacklist rules, passed my hidden recaptcha challenge, and even operates through https as well as http/2. None of my security settings flagged his devices, because they all accessed the website as legitimate, non malicious connections. Only when they were on the website site was the malicious amplification delivered, a truly unique creation the likes of which I have never seen before. Consequentially enough, which is why I’m writing this article here today – to give credit where credit is due.
The whole ordeal serves as a reminder that security is a myth; security is only an illusion. No matter how good your security is, one day it will become outdated. Apparently the shelf life of my custom mitigations was 21 months. In the words of the great Arnold Schwarzenegger, “No matter how hard you are working, there‘s always someone out there somewhere working harder. No matter how smart you are, there’s someone out there smarter than you. And remember, every time you are resting, there is someone out there putting in hard work.” In that spirit, perhaps I too have gotten complacent.