May 24, 2016 by

DDoS Attackers on Hire for $5

 

Security researchers have uncovered a DDoS service which attackers are selling for as little as $5 for an entire hour of DDoS attacks upon a target.

Security researchers from a firm called Imperva have discovered a distributed denial of service (DDoS) attack being sold as a service for as little as $5 an hour on the marketplace Fiverr.

DDoS attacks are among the most disruptive cyberattacks around and could only be found on dark web domains for about $38 an hour, even as recently as a year ago.

As a facade, the providers of the DDoS attacks are offering them as a means for companies to test the strength of their own web servers.

In a blog, Imperva researchers wrote:

Today, DDoS-for-hire companies operate in broad daylight under the guise of “stresser” services. This whitewashed term implies that the service is meant to test the resilience of your own server.

In practice, few bother to ask for any proof of ownership, allowing you to “stress test” whomever you want—just as long as you continue forking over their subscription fees.

The objective, as described by the authors of the listing, is to help companies better prepare for an attack by the cybercriminals.

Related read: DDoS Extortionists Make $100,000 Without DDoS Attacks

Researchers at Imperva probed and queried each poster, asking the question:

Regarding the stress test, does the site have to be my own?

To this, most posters ignored the message. One poster bit and sought to communicate on Skype. It was here that he revealed the following:

Honestly, you [can] test any site. Except government state websites, hospitals.

While this proves that DDoSers have a moral compass, Imperva notified Fiverr of the “stress test” providers, to which the platform responded by removing at least three of the DDoS-for-hire posters. The poster who responded to Imperva researchers via Skype also saw his or her post taken offline.

Noting the actions of Fiverr, Imperva claims that the platform’s endeavor to curb such DDoS-of-hire attackers goes against their common acceptance by the online community.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

DDoS Attack Takes Down UK National Lottery Website

The UK National Lottery’s website and its associated mobile applications were knocked offline by...

Read more arrow_forward

DDoS Attacks Double with Corporate Data Under Threat

DDoS attacks are on the rise in 2017 with a third of all organizations facing at least one DDoS...

Read more arrow_forward

Lisa Bock on A New Twist on Ransomware - Internal DDoS

Lisa Bock is an associate professor of information technology at Pennsylvania College of Technology...

Read more arrow_forward