Skip to main content

Want To Nuke A Website? A Botnet For Hire

Recently we reported that Hollywood and other international film studios are hiring "cyber hitmen" to take down websites playing host to illegal movies and music. These agencies use denial-of-service attacks to flood the offending servers until they're knocked offline. Sometimes said firms even swoop in an destroy the actual data, preventing further circulation.

Security firm Damballa is now reporting of another form of "cyber hitmen," however in this case the contract isn't based on taking down pirates. Rather, a commercial botnet has been established by a China-based managed services provider (MSP) for anyone wishing to take down a website using Distributed Denial of Service attacks.

"While DDoS-oriented botnets aren’t particularly new, our investigation and subsequent exposure of an MSP that specializes in offering a fee-based service sheds new light in to the growing commercialization of this criminal space," the security firm reports.

Dubbed as IMDDOS, this particular botnet was found to be growing at rates in excess of 10,000 additional victims each day. Initially the MSP registered the necessary domains back in March, and then began testing the botnet in April. The actual fee-based "service" went live shortly thereafter.

"This publicly available service, hosted in China, is available for lease to anyone willing to establish an on-line account, input the domain(s) they wish to attack, and pay for the service," Damballa reports.

Currently the firm is working with various authorities to shut down the components of the botnet that are accessible from the USA. Unwitting hosts of the botnet domains have also been notified and all appropriate information has been shared to contain--and ultimately dismantle--the botnet.

Damballa's full report can be downloaded here in PDF format.