The customer is a religious entity which was targeted by an hacktivist group for its “doctrine” and “concepts”. According to some sources, the attack also appears to have been triggered by a security firm report explaining its ability to protect the customer from DDoS attacks. The attack campaign lasted for three days and comprised of five attack vectors; one of the attack vectors was particularly exotic using a HTTP fingerprinting attack vector.
There were four attack vectors in this attack campaign:
- Attack Vector I: PSH+ACK Garbage Flood port 80
- Attack Vector II: SYN Flood to port 80
- Attack Vector III: IP fragment flood to port 80
- Attack Vector IV: HTTP fingerprinting