Chinese smartphones used to mount a huge DDoS attack

In a true Skynet manner, thousands of smartphones in China were used, without their owners’ knowledge, to mount a huge attack against a web site.

A total of 650,000 smartphones were used to hit a site with about 4.5 billion separate requests for data in one day.

How was this possible? Using lots of ads infected with malicious code which the smartphones unknowingly accepted. The ads were placed in apps popular in China, says CloudFare, a security company that noticed the attack.

CloudFare didn’t name the site that got attacked.

"It seems probable that users were served advertisements containing the malicious Javascript," wrote Cloudflare security analyst Marek Majkowski in a blogpost.

Majkowski says he can only speculate how so many users got infected. “There is no way to know for sure why so many mobile devices visited the attack page, but the most plausible distribution vector seems to be an ad network,” he writes.

“It seems probable that users were served advertisements containing the malicious JavaScript. These ads were likely showed in iframes in mobile apps, or mobile browsers to people casually browsing the internet.”

A lot of sites host auctions for their ad space – whoever bids highest gets the space. By bidding high, the cybercriminals seem to have won the right to get their adverts in front of lots of people, he said.

"Attacks like this form a new trend," said Mr Majkowski. "They present a great danger in the internet - defending against this type of flood is not easy for small website operators."