DDoS Attack Tool: Underground Connections
Researchers at Arbor Networks' exposed the circulation of malware through the launch of a Distributed Denial of Service (DDoS) tool via underground criminals in spreading malware, reports CRN on August 17, 2011.
Initially, the researchers detected the tool, which is a newer version of the Russkill bot, or Dirt Jumper that was implementing the DDoS attacks against two web sites in Russia including a gaming website and a site used for selling a well known smartphone.
Researchers are conspicuous about this version to be the third version of Dirt Jumper. However, an underground forum pointed the use of Dirt Jumper v3 as a part of a DDoS-for-hire business on July 4, 2011.
The researchers also affirmed that this malware was also used during several attacks including a Russian gaming site, a large corporation's load balancer, and a damaging attack on a Russian electronic trading platform.
This malware infection initiates instantly with the loading of a file, vf4e2ad6800e566_2011723171112.exe which must be in operation even now posing a threat to many users.
In the words of Curt Wilson, Security Researcher at Arbor's Security Engineering & Response Team (ASERT), the malware came to fore while detecting a similar attack, as reported by CRN on August 17, 2011.
Wilson also affirmed that the Dirt Jumper tool is actively being traded through underground channels. He opined that underground forums will sell the access of this tool as it is a part of the thriving underground economy.
According to researchers though the tool is not directly linked to any criminal organization in particular, but it seemed that people had been acquiring it from an underground forum. Wilson also stated that although no criminal group is clearly attributed for this tool, the motive behind it was totally meant for criminal purpose.
Arbor also stated that several messages of the same kind existed on underground forums clearly indicating a clear market for DDoS services.
In the meantime, researchers also held the view that the proliferation of the Dirt Jumper is a clear indication of the attribution of the tools towards 'hacktivism,' extortion, and other criminal purposes.
Related article: DDoS Attacks In China Leave The Websites Wounded
» SPAMfighter News - 26-08-2011