Earlier in the semester, this paper we presented proposed that the botmasters running Torpig operated it as a commercial service. While DDoS was probably only a small subset of the services Torpig’s botmasters offered, this article at TechWeekEurope looks into the whos and whys of commercial DDoS services. It has a couple pictures of advertisements offering DDoS to links of some ridiculous YouTube advertisements, both which are hilarious in a ‘I’m still in high school and think I am the 1337est ever’ sort of way. Most of the evidence feels anecdotal, but it seems likely enough.

So what kinds of people run botnet DDoS services? One interviewed DDoS provider claimed to be 17 and a computer science student, and his behavior (taking down a 1337 hax00r forum for thirty seconds to prove who he was) certainly makes him sound like he’s still in high school. The other interviewees were more careful about just who they were, though, so more professional criminals appear to offer these services as well.

Targets vary. Anonymous protests are often on the news, but ‘hacktivists’ aren’t the only DDoS customers. Gwapo’s DDoS services advertises that “rivals, haters, they are to go down” and “If you want your business competitors to go down”, you should hire them, indicating that individuals want to DDoS smaller websites for petty personal attacks or to take out a business competitor. DDoS dealers can also hold online businesses for ransom – pay up or get taken down. Therefore, just about anyone with an online presence could be a target.

Tags: Article

This entry was posted on Thursday, December 6th, 2012 at 5:16 pm and is filed under Articles. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.