A TURKISH HACKING GANG is taking an unusual approach to funding denial of service attacks, and is soliciting for, and offering hackers rewards for taking down chosen pages.
This is unusual, as far as we know, and it has led to the creation of comment from the security industry. Often these things do.
The BBC reports that the hacking gang scores attacks on a system and then gives attackers access to other hacking tools. It sounds like a great working system, but of course it isn't really because this is all about taking down websites.
Security firm Forcepoint is the better source on this (PDF), and it says that the service is offered on Tor and uses something called Sledgehammer to lay a smackdown on pages. Other security firms have been quick to embrace what Forcepoint has found and point fingers.
"Since Sledgehammer is a tool created by a group of Turkish descent, it's expected that the targets of their wares are would be those they oppose," said Travis Smith, Senior Security Research Engineer at Tripwire.
"Even though the gamification of the DDoS tool allows individuals from around the world to participate in the attack, the targets are controlled by a centralized command and control server."
Others are less impressed, but still interested. "This is not a game changer but a natural evolution of hackers learning and improving on how to monetize their assets and use them for ad hoc purposes, in this case DDoSing a select group of targets," said Marc Gaffan, general manager for the Incapsula service at Imperva.
"The novel part of this is the platform that has been developed to solicit and monitor those that participate in the DDoS activities to ensure they are doing what the masterminds want them to do and in the way they want them to execute the attacks (down to the precise technology they want them to use). The platform itself, if redistributed, could become the new standard for crowdsourcing DDoS attackers." µ
Someone could be in for a NASty surpise
An assault course on the senses
Boasting Bionic boosting