Hackers Release SSL Overloading DDoS Tool

Hackers have released a new denial of service tool that is capable of bringing down SSL servers.

According to an article on Computer World, the tool, called THC-SSL-DOS, was released by the hackers after the tool was leaked online sometime back.

The hackers have unleashed the tools because they don't want the ‘fishy' security in SSL protocol to go unnoticed. The Hacker's Choice (THC) group said that it wanted to force the industry to fix the security on the protocol in order to make the platform safe for the users.

"We are hoping that the fishy security in SSL does not go unnoticed. The industry should step in to fix the problem so that citizens are safe and secure again," the group said.

"It still works if SSL renegotiation is not supported but requires some modifications and more bots before an effect can be seen. Taking on larger server farms who make use of SSL load balancers required 20 average size laptops and about 120kbit/sec of traffic," they added.

The group also added that it was surprised that SSL renegotiation was enabled in so many servers across the world, despite the obvious threat to the platform.