DDoS attacks have become an increasingly common annoyance for online gamers. These attacks occur when hackers use a network of compromised computers, known as a botnet, to flood game servers with traffic, making them inaccessible to players. In recent years, the problem has grown as hackers have started selling their botnets and spamming tools, allowing even inexperienced individuals to launch DDoS attacks.
Dr. Scott J Shapiro, a Professor of Law and Philosophy at Yale Law School, explores the dark history of the internet in his book Fancy Bear Goes Phishing: The Dark History of the Information Age, in Five Extraordinary Hacks. The book traces the illicit activities that have taken place on the internet through five major attacks on digital infrastructure.
Not all Denial of Service (DoS) attacks use botnets. The Syrian Electronic Army (SEA), the online propaganda arm of the Bashar al-Assad regime, hacked into the domain registrar Melbourne IT in 2013. By altering the DNS records, they redirected users typing the nytimes.com domain to the SEA’s website. This showed that DoS attacks can be carried out without the use of botnets.
Botnets, on the other hand, have often been associated with spamming. They enable hackers to send thousands of spam emails from geographically dispersed zombie computers. The Russian Grum botnet, for example, generated $2.7 million in three years by sending over 18 billion spam emails a day from infected computers. Blocking botnets is challenging because it requires adding thousands of servers to a block list, which is time-consuming and costly.
However, botnets are not limited to spamming. They can be used for various purposes, thanks to their controllable nature. Botmasters, those in control of botnets, can issue instructions to each bot, enabling them to collaborate on different tasks. This makes botnet malware a versatile tool for cybercriminals. Botmasters can use their bots to implant malware on vulnerable machines, send phishing emails, or engage in click fraud, among other activities. Click fraud, in particular, is lucrative, with the ZeroAccess botnet earning $100,000 a day from it.
Botnets are also commonly used in powerful DDoS attacks. In February 2000, a hacker known as MafiaBoy used a botnet created by commandeering computers in forty-eight universities to crash major websites such as Fifa.com, Amazon.com, and Yahoo!. His actions prompted a nationwide manhunt, and he was eventually caught and sentenced to juvenile detention. Similarly, the VDoS crew, a group of Israeli teenagers, launched DDoS attacks for money and developed the concept of DDoS as a service. They offered subscription-based plans for using their botnet to launch attacks, ranging from daily quotas to unlimited attacks.
The rise of DDoS as a service has democratized DDoS attacks. Anyone, regardless of technical knowledge, can now subscribe to a booter service and launch attacks on websites by simply typing in the domain name. This accessibility has made DDoS protection a necessity for individuals and businesses on the internet. Even booter services themselves require DDoS protection, as evidenced by VDoS hiring a major DDoS mitigation company, Cloudflare.
DDoS as a service is part of a larger trend known as “malware as a service,” which allows individuals to pay for the use of malware without requiring technical expertise. This trend has made inexperienced users more vulnerable to scams, as fraudsters advertise booter services on public discussion boards and accept payment without launching the promised attacks. It is important to note that these boards are accessible on the Clear Web, not the Dark Web, which requires the use of special networks like Tor.
In conclusion, DDoS attacks continue to pose a significant challenge to internet users, and the rise of DDoS as a service has made it even easier for individuals to carry out these attacks. Understanding the history and mechanics of these attacks is crucial for developing effective protection measures and combating cybercrime on the internet.