Prolexic Issues Threat Advisory on HOIC

(Ping! Zine Web Hosting Magazine) – Prolexic Technologies, the global leader in Distributed Denial of Service (DDoS) protection services, today released a threat advisory for the High Orbit Ion Cannon (HOIC), an increasingly popular attack tool that can target up to 256 web addresses simultaneously. As a public service, full details of the HOIC threat, including recommended protection strategies, are available at

“A DDoS attack can come from anywhere, anytime. It can be an act of revenge for a real or perceived slight, a political statement or completely random. No business is immune to becoming a target,” said Paul Sop, chief technology officer at Prolexic.

“As the world’s most advanced experts in DDoS protection and mitigation, we feel it is our duty to arm the public with the tools and information they need to protect themselves from emerging DDoS attack tools such as HOIC,” he said.

The Prolexic Security Engineering and Response Team (PLXsert) continuously reviews and analyzes DDoS attack patterns and emerging trends to develop the intelligence and tools to prevent and combat DDoS attacks. HOIC DDoS protection strategies have already been put in place for Prolexic’s customers. In addition, as part of its public mission, PLXsert issues quarterly attack reports, as well as periodic threat advisories.

Considered the next generation replacement for the Low Orbit Ion Cannon (LOIC) flood attack tool, HOIC also includes support for booster files – customizable scripts that randomize attack signatures and make attacks more difficult to differentiate from legitimate traffic.

“On its own, the HOIC tool is limited. It still requires a coordinated group attack to bring a site down,” said Neal Quinn, VP of Operations at Prolexic. “But with the booster scripts – which are already circulating widely among hacker circles – a group attack gains the advantage of stealth. It becomes much more difficult to identify and mitigate, prolonging the outage caused by the attack.”

The DDoS underground has been urging participants to abandon the LOIC tool in favor of HOIC, making it likely that HOIC-based attacks will become increasingly common.

“The ability to hit up to multiple targets simultaneously (instead of just one with LOIC), and the use of randomization to evade detection, makes HOIC a threat to any business with a presence online,” Quinn said. “Businesses should take steps now to protect themselves, either by following our recommendations or subscribing to a DDoS protection service.”

Prolexic Threat Advisories

Designed to provide early warnings of new or modified DDoS attack signatures and scripts recently observed by PLXsert, each threat advisory contains a detailed description of the type of attack, a list of attack signatures, and the specific network infrastructure or application that it targets. In addition, Prolexic’s DDoS mitigation experts also offer insight into the nature of each attack type and provide specific warnings about how the attack will affect businesses and enterprises of different sizes and infrastructures. PLXsert also provides threat remediation tips to help subscribers not only recognize the new attack signatures, but also proactively defend against them. The latest threat advisories, including HOIC and Dirt Jumper, are available to the public at

About the Prolexic Security Engineering & Response Team (PLXsert)

PLXsert monitors malicious cyber threats globally and analyzes DDoS attacks using proprietary techniques and equipment. Through data forensics and post attack analysis, PLXsert is able to build a global view of DDoS attacks, which is shared with customers. By identifying the sources and associated attributes of individual attacks, the PLXsert team helps organizations adopt best practices and make more informed, proactive decisions about DDoS threats.

Details of Prolexic’s mitigation activities and insights into the latest tactics, types, targets and origins of global DDoS attacks are provided in quarterly reports published by the company. A complimentary copy of Prolexic’s Q411 Global DDoS Attack Report is available at

About Prolexic

Prolexic is the world’s largest, most trusted Distributed Denial of Service (DDoS) mitigation provider. Able to absorb the largest and most complex attacks ever launched, Prolexic restores mission critical Internet facing infrastructures for global enterprises and government agencies within minutes. Fourteen of the world’s 20 largest banks and the leading companies in e-Commerce, SaaS, payment processing, travel/hospitality, gaming and other at-risk industries rely on Prolexic to protect their businesses. Founded in 2003 as the world’s first in-the-cloud DDoS mitigation platform, Prolexic is headquartered in Hollywood, Florida and has scrubbing centers located in the Americas, Europe and Asia. For more information, visit