The gloves are off in hacker land and it is making for very interesting, if not extremely disturbing, reading.
For the last two years there has been a highly shady ‘stress testing’ service called vDOS, which has been used more than 150,000 times to execute Distributed Denial Of Service (DDOS) attacks against websites on a rental basis.
That’s worth repeating another way round. 150,000 websites have been attacked and possibly taken off the air by a highly distributed Botnet based system that was operated on a pay per use basis. Perhaps some of the 150,000 sites were actually ‘stress testing’ activities rather than malicious activity, who knows?
Well as a matter of fact, it turns out that some people do know, and not only that but a complex Batman vs. Superman cyber struggle has been underway for some time.
vDOS were themselves hacked and the full details of the targets and paying customers extracted, and subsequently shared with a number of people including ‘krebsonsecurity.com’, who have detailed the full story here.
Following this hack, two individuals (Israeli 18 year olds) were arrested and bailed and, surprise surprise, krebsonsecurity.com has come under a monster…..you guessed it, DDOS attack, even though the vDOS site has gone off the air.
In a further scary demonstration of superpower skills, it has transpired that having come under attack from vDOS, a company called BackConnect security took extreme measures and used a BGP hijack (poisoning the Internets routing tables) to prevent vDOS from operating. Intriguing stuff.
The good news is that it looks like the bad guys, both the operators and the punters, have been caught bang to rights. It is only a matter of time before more collars are being felt! Bravo.
DDOS attacks are becoming a very popular way to hold organisations to ransom and we think it is very important to protect against them before it’s too late. If you would like to discus DDOS protection, BGP hijacking, or any other security related issue, please contact us at: 0207 517 3900 or email [email protected].