A new type of DDoS attack has currently infected hundreds of web servers. Unlike traditional DDoS methods that capitalize on bot-infected PCs, the attackers have turned the web servers themselves into payload-throwing bots.
Imperva's Application Defense Center (ADC) uncovered the new generation of Distributed Denial-of-Service (DDoS) attack that appears to be more powerful, more efficient and less detectable than traditional methods.

Rather than use the server as a means of distributing Denial of Service (DoS) malware to PCs, the attackers infect the servers themselves with a malicious DoS application. Then, using a simple software program with a dashboard and control panel, the hackers configure the IP, port and duration of an attack. They simply insert the URL they wish to attack, click and go. Imperva was able to acquire the source code of this application and has screenshots which show it consisted of just 90 lines of PHP code.

The link for this article located at Security Park UK is no longer available.