Want To Nuke A Website? A Botnet For Hire
Apparently there's a botnet for hire.
Recently we reported that Hollywood and other international film studios are hiring "cyber hitmen" to take down websites playing host to illegal movies and music. These agencies use denial-of-service attacks to flood the offending servers until they're knocked offline. Sometimes said firms even swoop in an destroy the actual data, preventing further circulation.
Security firm Damballa is now reporting of another form of "cyber hitmen," however in this case the contract isn't based on taking down pirates. Rather, a commercial botnet has been established by a China-based managed services provider (MSP) for anyone wishing to take down a website using Distributed Denial of Service attacks.
"While DDoS-oriented botnets aren’t particularly new, our investigation and subsequent exposure of an MSP that specializes in offering a fee-based service sheds new light in to the growing commercialization of this criminal space," the security firm reports.
Dubbed as IMDDOS, this particular botnet was found to be growing at rates in excess of 10,000 additional victims each day. Initially the MSP registered the necessary domains back in March, and then began testing the botnet in April. The actual fee-based "service" went live shortly thereafter.
"This publicly available service, hosted in China, is available for lease to anyone willing to establish an on-line account, input the domain(s) they wish to attack, and pay for the service," Damballa reports.
Currently the firm is working with various authorities to shut down the components of the botnet that are accessible from the USA. Unwitting hosts of the botnet domains have also been notified and all appropriate information has been shared to contain--and ultimately dismantle--the botnet.
Damballa's full report can be downloaded here in PDF format.
- Apple Ending the iPhone 4 Free Case Program
- Samsung Galaxy Tab to Launch on September 16?
- Report: Nintendo 3DS Launching Nov. 20 in Japan
- PlayStation Move Hits Best Buy Shelves Early
- California Sheriffs Issue 'Pedo Bear' Warning
- Guy Makes YouTube Instant, Gets Google Offer
- Woman Addicted to Online Game Neglects Children and Leaves Bodies of Starved Dogs in Living for Two Months
- Non-EFIGA Territories May Get WP7 Limitations
- Chattanooga First to Receive 1Gbps Internet
- McAfee: Using ''Free'' In Search Attracts Malware
- iPhone 5 Will Use Qualcomm Chipset?
- VCast Apps Google/Verizon Romance Going Sour?
- Boy Banned from US After Drunk-emailing Obama
- Walmart Launches Post-pay Wireless Cell Service
- Amazon Makes Fun of iPad's Reflective Display
- Galaxy Tab, 6 WP7 Phones Launching Q4 on AT&T
- Consumer Reports Gives Apple Thumbs Down #2
- Mitsubishi to Sell 100-inch OLED TV This Month
- Flash Player Zero-Day Could Affect Android Too
I think Tom's is getting nuked now.
I just grinned. How do I get there and how much do I have to pay?
I think I want to pay to have it nuked...quality level is horrible. News is old and frankly, this is the most intresting thing posted in MONTHS.
DDOS TIME!
Seriously, joking here. But only about the DDOS.
Alms for the irritated? How about you? Care to help the collection to kill Myspace, Facebook, and Photobucket?
Thwarted by round-robin DNS?
What if you hire it to nuke its own domain? Does a black hole emerge?
What if you hire it to nuke its own domain? Does a black hole emerge?
Did you just divide by zero?
From China??!! Didn't see that coming...
Than china says: "It isn't us! It's the Taiwaneese guys." so now they can start a war. [jk]
Anyway, where else could you create such a huge botnet? 99% of the PCs there have some kind of gov. rootkit installed, so why not use that power to DDoS US websites?
Ermm.. Could someone hire them to take down the website hosted by that church group who's mantra is "Thank God for IEDs"?
ty
Now that's a great service!
It was only a matter of time.
They need to consider this vandalism and charge them accordingly with the crime(s).
hire itself to nuke itself and other malware website: that what we should do
Aren't DDOS attacks illegal in the US? Hiring someone to do something illegal, regardless of whether or not it's illegal where they live, is also illegal!
Aren't DDOS attacks illegal in the US? Hiring someone to do something illegal, regardless of whether or not it's illegal where they live, is also illegal!
But the crime is committed in china...
it's like an Iranian will hire some girl to walk around the US without an hair cover, its legal here and not there, yet the action of hiring is legal.
if this is known then it is illegal, a bot network is illegal to have and hiring them is considered paying for illegal services.
Think of it like buying illegal drugs, if the supplier gets caught then you may also get caught and arrested.
Hiring illegal services to attack other illegal services is also illegal.
think of it as if you owned an illegal drug company and another company was moving in on your turf and you hired a gang to kill the competition. you will still be arrested, not just for the illegal company that yo are running but for also hiring illegal services.
Well, but DDOS attacking is legal in china...
We're screwed.
But in all honesty, China is the land of immorals.
Let's pool our money, buy their services and kill the RIAA and such?
That's not the solution, you simpletons.
You wonder if you can hire them to nuke there own site.