The group called IHTeam has unveiled a way to use Google's server infrastructure to perform distributed denial-of-service attacks without the need for high bandwidth.Specifically, it is using the infrastructure of servers dedicated to its social network (Google+), which are used as a proxy to download files. The use of these Proxy servers can be done using two different URLs:
* https://plus.google.com/_/sharebox/linkpreview/?c=&t=1&_reqid=&rt=j
* https://images2-focus-opensocial.googleusercontent.com/gadgets/proxy?url=&container=focus
In this way, automating the parallel request of several of these URLs through a script, such as the one available on the authors' page, could generate a large traffic to the server that you want to attack.
This, added to the large bandwidth that Google has, would make it easier to provoke distributed denial-of-service attacks, without the need for a large infrastructure. According to the tests carried out by this team, an attacking computer with a bandwidth of 6 Mbps has achieved through these requests that Google generates traffic on the attacked server of up to 96 Mbps.
Another advantage of using this method is that by making the requests through the first URL, the IP addresses of the computers that are attacking that will appear in the log files of the target machine, will be those of the Google machines.
According to IHTeam, they themselves contacted Google's security center on August 10, and from what appears on their blog, they have not yet received any response.
Source: Hispasec
