Skip to main content

Want To Nuke A Website? A Botnet For Hire

Recently we reported that Hollywood and other international film studios are hiring "cyber hitmen" to take down websites playing host to illegal movies and music. These agencies use denial-of-service attacks to flood the offending servers until they're knocked offline. Sometimes said firms even swoop in an destroy the actual data, preventing further circulation.

Security firm Damballa is now reporting of another form of "cyber hitmen," however in this case the contract isn't based on taking down pirates. Rather, a commercial botnet has been established by a China-based managed services provider (MSP) for anyone wishing to take down a website using Distributed Denial of Service attacks.

"While DDoS-oriented botnets aren’t particularly new, our investigation and subsequent exposure of an MSP that specializes in offering a fee-based service sheds new light in to the growing commercialization of this criminal space," the security firm reports.

Dubbed as IMDDOS, this particular botnet was found to be growing at rates in excess of 10,000 additional victims each day. Initially the MSP registered the necessary domains back in March, and then began testing the botnet in April. The actual fee-based "service" went live shortly thereafter.

"This publicly available service, hosted in China, is available for lease to anyone willing to establish an on-line account, input the domain(s) they wish to attack, and pay for the service," Damballa reports.

Currently the firm is working with various authorities to shut down the components of the botnet that are accessible from the USA. Unwitting hosts of the botnet domains have also been notified and all appropriate information has been shared to contain--and ultimately dismantle--the botnet.

Damballa's full report can be downloaded here in PDF format.

  • sabot00
    I think Tom's is getting nuked now.
    Reply
  • Gin Fushicho
    I just grinned. How do I get there and how much do I have to pay?
    Reply
  • joz
    I think I want to pay to have it nuked...quality level is horrible. News is old and frankly, this is the most intresting thing posted in MONTHS.
    DDOS TIME!

    Seriously, joking here. But only about the DDOS.
    Reply
  • azconnie
    Alms for the irritated? How about you? Care to help the collection to kill Myspace, Facebook, and Photobucket?
    Reply
  • spectrewind
    Thwarted by round-robin DNS?
    Reply
  • Demonslay335
    What if you hire it to nuke its own domain? Does a black hole emerge?
    Reply
  • cpburns
    Demonslay335What if you hire it to nuke its own domain? Does a black hole emerge?
    Did you just divide by zero?
    Reply
  • From China??!! Didn't see that coming...
    Reply
  • ricardok
    Than china says: "It isn't us! It's the Taiwaneese guys." so now they can start a war.
    Anyway, where else could you create such a huge botnet? 99% of the PCs there have some kind of gov. rootkit installed, so why not use that power to DDoS US websites?
    Reply
  • stingstang
    Ermm.. Could someone hire them to take down the website hosted by that church group who's mantra is "Thank God for IEDs"?
    ty
    Reply