The webserver which is hosting abuse.ch and ZeuS Tracker is currently under high system load due to a ongoing DDoS attack against the blog (abuse.ch). The DDoS has started yesterday 02:00 pm (UTC):
The origin seems to be the same as last time (see previous post “DDoS Angriff & Joe Job gegen abuse.ch (german)”). Fact is, that the bots are using the same user agents as during the attack last year:
If we google the user agent above we will find some interesting information about the origin of the DDoS attack:
Currently it seems that the DDoS mitigation was successfull so that abuse.ch is now up and running again (but unfortunately with a high response time because the DDoS attack still goes on). Let’s see what happens in the next few hour/days.