Damballa Finds IMDDOS Providing Paid Services for DDOS Attacks
Damballa Inc., on September 13, 2010, declared that one new botnet had been found which provided services of DDoS (Distributed Denial-of-Service) attacks at a price specified to its clients. Said the company, the botnet is named IMDDOS.
It also said that controllers of the IMDDOS ran it out of China, while expanding it by adding approximately 10,000 infected PCs to it daily. Consequently, IMDDOS was now a huge botnet in action, Damballa said. Networkworld.com reported this on September 13, 2010.
Remarking about IMDDOS, Vice-President of Research Gunter Ollman at Damballa stated that the openly commercial character of the botnet made it prominent. Its (IMDDOS) operators had established one public website where interested parties could subscribe to obtain its DDoS service as well as execute assaults on targets, he noted. Networkworld.com reported this.
Continuing further about the website, it was revealed that there were different attack options and subscription plans offered on it. Moreover, it delineated suggestions as to how effective DDoS assaults could be launched using the service. Besides, there were also contact details on the website to provide customer and support services to clients.
Anybody who knew Chinese could enter into a contract, obtain the service and launch attacks on chosen targets at any place across the world, with little or no effort, described Ollman.
This became possible since the operators of IMDDOS invited clients through the QQ chat facility in Chinese for subscribing and taking down software which helped to use the botnet. Clients could hire the botnet in segments for an unpublicized fee, feed in a user id and password as well as the name of the host system and the port number they wished to attack.
Eventually, the malevolent botnet affected USA as one country on the Top Ten List of nations most impacted with the IMDDOS. So, during the 1st week of September 2010, Damballa reported that it coordinated with the agencies of law enforcement in USA for the takedown of the C&C servers of IMDDOS. However, beyond USA, there were more C&C servers, which ran active, and according to Ollman, the botnet was still compromising fresh computers.
Related article: Damballa Says, 2008 will be year of Targeted Attacks and Botnet
» SPAMfighter News - 22-09-2010