Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
A hacker is selling a reportedly booming distributed denial of service (DDoS) attack service and has taken to YouTube to pull new clients.
The service was first launched in January on Hack Forums and has so far recruited several large enterprises who have paid to have rival organisations attacked, the operator Gwapo told SC Magazine.
Gwapo (Filipino for 'handsome') would not reveal the identities of his large clients, nor the industries or countries in which they operate.
He also would not reveal the identity of two American girls who appeared full-faced in YouTube videos spruiking the service to "hackers". One of the girls appeared to be around 14 years old. The other was an older woman wearing a low-cut top.
In an instant message conversation via Skype, Gwapo said he serviced a "few huge companies daily" who were paying to have DDoS attacks made against their rivals.
However he added that he did not ask clients why they wanted to DDoS targets. "As long as they pay me, I will get the job done as long as I can."
Potential targets include large organisations, small websites and gameservers. A five minute demonstration was offered to "serious clients".
The service cost from $2 an hour depending on the size of the targeted webserver and the security around it, and could be paid by PayPal, BitCoin or credit card.
Gwapo boasted his sucess in a video uploaded to YouTube last month. In it, he is seen counting piles of Amercian cash allegedly made from the service.
He said the DDoS attacks were stable UDP and Syn floods made by his private HTTP botnet that contained seven exploits which he said was "very effective on most webservers like Apache , ngix , litespeed , IIS7" among others.
DDoS attacks types and orgins, mapped
In another YouTube video uploaded in March, he appeared to demonstrate a DDoS against an Eastern European anti-virus company ElementsScanner.
His own site, ddoes.com, was protected by CloudFlare, an anti-DDoS provider which formerly protected LulzSec's website from a barrage of cyber attacks.
In a thread on an underground hacker forum, his DDoS service received dozens of posts from happy clients.
"Gwapo is the king of DDoS. Powerful hits, legit provider, and always helpful!" read one response.
Botnets weren't needed to conduct successful DDoS. Anti-DDoS company Prolexic released an advisory overnight stating that DDoS booter scripts had made the attacks easier and cheaper to conduct.
It said the standalone files execute GET and POST floods via HTTP from comrpomised web servers.
"With booter shells, DDoS attacks can be launched more readily and can cause more damage, with far fewer machines. Web servers typically have [more than] 1000 times the capacity of a workstation, providing hackers with a much higher yield of malicious traffic" than typical botnets.
Gwapo's DDoS service was one of many similar paid cybercrime offerings. In January, SC revealed a service offering cut-rate traffic that was stolen and redirected from other websites using malcious iFrames.
Many other DDoS services existed on various cybercrime-friendly forums.
Copyright © SC Magazine, Australia
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.