Threat analysts from SecurityScorecard have compiled a list of IP addresses that have recently been actively used in DDoS attacks. In particular, these addresses are allegedly used by the pro-Russian hack group Killnet in attacks against Western targets.
The researchers are positioning this list as a free tool that should help organizations protect themselves from DDoS attack bots. The list was compiled shortly after the US government issued a warning that the pro-Russian group Killnet was actively attacking the US healthcare sector.
About a week ago, in their Telegram channel, the group actually claimed responsibility for these attacks.
The researchers note that while Killnet DDoS attacks typically do not cause serious damage, they can cause resource outages that can last from hours to days, which is especially dangerous when it comes to organizations in the healthcare sector.
In addition, analysts fear that Killnet attacks could support other pro-Russian hack groups, including ransomware. This could likely result in organizations targeted by Killnet being further targeted by ransomware, and could also be the target of ransomware DDoS attacks.