vDOS — a “booter” service that has earned in excess of $600,000 over the past two years helping customers coordinate more than 150,000 so-called distributed denial-of-service (DDoS) attacks designed to knock Web sites offline — has been massively hacked, spilling secrets about tens of thousands of paying customers and their targets. Ofer Gayer, Product Manager for DDoS at Imperva commented below.
Ofer Gayer, Product Manager for DDoS at Imperva:
“The scale of vDOS is certainly stunning but not its novelty or sophistication. This story is another example of a trend we have highlighted before: DDoS attacks can be accomplished with rudimentary tools by unsophisticated attackers. The fact that vDOS was able to run unchecked for so long is unfortunate. Hopefully the story from KrebsOnSecurity.com will mark the beginning of its end.”
As additional background:
Imperva last month released its 2015-2016 DDoS Threat Landscape Report, covering the period from April 1, 2015, through March 31, 2016, during which time Imperva mitigated an average of445 attacks targeting its customers per week.
Here are some of the key trends uncovered in this year’s findings:
- DDoS attacks increased by 211 percent year over year. This uptrend is fueled by DDoS-for-hire services.
- South Korea dethrones China as the main hub for DDoS botnet activity.
- Half of all targeted businesses were attacked more than once.
The research, charts and graphs are posted on the blog: https://www.incapsula.com/blog/2015-16-ddos-threat-landscape-report.html”