Slashdot Mirror
Israeli DDoS Provider 'vDOS' Earned $600,000 In Two Years (krebsonsecurity.com)
pdclarry writes: Brian Krebs writes that he has obtained the hacked database of an Israeli company that is responsible for most of the large-scale DDoS attacks over the past (at least) 4 years. The vDOS database, obtained by KrebsOnSecurity.com at the end of July 2016, points to two young men in Israel as the principle owners and masterminds of the attack service, with support services coming from several young hackers in the United States. Records before 2012 were not in the dump, but Krebs believes that the service has actually been operating for decades. The report starts by saying, "vDos -- a so-called 'booter' service has earned in excess of $600,000 over the past two years helping customers coordinate more than 150,000 so-called distributed denial-of-service (DDoS) attacks designed to knock websites offline -- has been massively hacked, spilling secrets about tens of thousands of paying customers and their targets." In regard to how long the service has been operating, Krebs believes the service has been operating for decades "because the data leaked in the hack of vDOS suggests that the proprietors erased all digital records of attacks that customers launched between Sept. 2012 (when the service first came online) and the end of March 2016."
Cool your jets there, skinhead. This is two out of 8 million people.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
The article does not claim to prove the offending service has been in operation for decades. Instead it, says this:
Although I can’t prove it yet, it seems likely that vDOS is responsible for several decades worth of DDoS years. That’s because the data leaked in the hack of vDOS suggest that the proprietors erased all digital records of attacks that customers launched between Sept. 2012 (when the service first came online) and the end of March 2016.
Krebs is using "DDoS year" metric to describe the scale of traffic involved. -PCP
the proprietors of vDOS are indeed living in Israel and in fact set the service up so that it was unable to attack any Web sites in that country
#Hitler2016
Not to mention Israel's a multicultural society that includes Christians, Muslims, and lots of other folks.
Yes...they do. The ones everyone really dislikes. Atheists.
Yeah. If I believed that Cinderella actually happened, I'd really hate people who didn't agree with me.
I do not want your cheap brainburning drugs. They are useless for work. And I am a working man today.
The summary isn't great, it seems to contradict itself a couple of times. If the site "erased all digital records of attacks that customers launched between Sept. 2012 ... and the end of March 2016", then how do you have data for "the past two years"? I skimmed the whole article and didn't find an answer to that one, my best guess is that they meant the attack data itself was erased, but the service requests, chat logs, etc that Krebs references were not erased.
Regarding the "operating for decades" vs "Sept. 2012 (when the service first came online)", it's because Krebs is writing about the aggregate amount of time wasted by the DDoS. He calls it "DDoS seconds" which he then rolls up to years. He is not suggesting the service has been operating for decades, but rather that in the past 5 years the service has caused the equivalent of decades worth of service disruption. (So if 30 hosts are disrupted for 2 hour, that's 60 hours of downtime total, or "DDoS 2.5 days", even though the DDoS attacks only lasted 2 hours and ran in parallel.)
The most interesting part of the article is that subscribing to the DDoS service was only $30/month. That sounds cheaper than paying for DDoS protection/mitigation services, and makes me wonder if vDOS will change their service into a protection racket (pay us to be on our "protected" list so other members can't DDoS you.)
A recursive sig
Can impart wisdom and truth
Call proc signature()
2 shekels have been deposited into your account
Poof! Welcome to slashdot my friend.
I think the "operating for decades" refers to the people and their DDoS activities and "sept. 2012" refers to the specific website they use to offer those activities.
Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
Sorry, my bad, you were right and the summary is truely that bad.
Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
Good work, you know how to right it wrong.
And I didn't know 5 years were enough to count as "decades".
ID: the nose did not occur naturally, how would we wear glasses otherwise? (apologies to Voltaire)
“The DDoS-for-hire service is hidden behind DDoS protection firm Cloudflare”
Nuff said.
This is not pedantry.
HBI's Law: Frequency of calling others Nazis is directly correlated with the likelihood of the accuser being Communist.
Now that these guys are exposed as living in a country supposedly with laws, what will happen to them.
They didn't steal or break any major infrastructure, but they did cause quite a bit of mayhem.
Perhaps a bit of computer timeout to provide time to think and retrain for something productive.
#'s 3, 10 and 17 from that list along with the closing explain why that's instantly downmodded from jews own laws.
Some have hoped these guys will now get prosecuted in Israel. Doubtful. More likely, they will be joining a shadowy IDF unit, probably with a bump-up in pay (they didn't target their fellow chosen citizens, so no problem).
The summary is wrong. The author didn't say the service has been operating for decades. It said its likely to have been responsible for several decades' worth of attacks, which this service measured in seconds. Since the service allows many concurrent attacks, Krebs said that in four months time the site was responsible for 8 years ("DDoS years) worth of attacks.
...because you never know who you're dealing with.
Two notes: #1 - Plenty of Arabs live in Israel. #2 - I wouldn't refer to certain US citizens as "the Puritan Christians" either, because even when it's not entirely wrong, it may be kind of misleading.
I know the article refers to the cumulative attack time, but the summary is weird. I was thinking: "What was there to DDoS decades ago, and how did you do it back then?".
Including people who investigate and prosecute crimes of this kind.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
It's always helpful and constructive to look back thousands of years to find the reasons why your shitty racism is justified.
So, let's see how to distinguish between legitimate criticism and anti-semitism.
If someone says "Since they are in Israel, they won't get punished" (as some here did), that's criticism of Israel. It is incorrect criticism, devoid of any substantiation and relation to the truth, but it is a legitimate criticism. We can conduct a facts based discussion to sort out whether it is true or not.
If someone reflects from those two people to their entire nationality, not to mention entire religious group, with no bearing to any half reasonable reason to do so, that's racism.
You, dear frovingslosh, have made a racist comment as a first post, and got +4 insightful on it. Well done, Slashdot. Well done.
Shachar
you are just a sad little social justice warrior
You have no idea who I am, you sad little meth head.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
Any time I see dDos or vDos I think of things like Dr. Dos and look for screen shots.
*mows lawn with sharpened 8" and 5.25" floppy disks that are single sided*
And here's the truth.
Quick exert:
Shachar
I bet you lick Anders Breivik's photo every night before you tuck it into your panties.
From my own observations, the majority of Israelis are atheist.
Your use of 'misquote' proves this link's words do in fact exist in jew's talmud https://developers.slashdot.org/comments.pl?sid=9630813&cid=52853705/ . Talk giving it away! Want to be angry or call someone racist? Read that ok? Says it all.
Posting anonymously because my company is currently the target of such an attack and I don't our adversary information. The cost to defend against someone using their paid ($30/month) service would be around $6000/month from Akamai. If we were a website-only service, the cost would be much lower ($200/month) from Cloudflare.
He hid that in a hurry by minus moderation didn't he? Guess he doesn't like truth exposed. His "misquote" gave away what's in that link of massive racism and truth of it https://developers.slashdot.org/comments.pl?sid=9630813&cid=52853705/ and when you out smart the jew, not hard to do with truth and fact, they hide that truth and use subterfuge wording with oath breaking that link shows along with it to do it. Their history nation to nation, not all nazis, do the rest.
There are no non-jewish hackers. All Jews. Really.
For a company! The average /.er must be over half of that, >$150K/annum.
well if jews didn't do it then there would be no hate perpetuating hate takes exactly what ...anyone doing them wrong to people they might know, you just lent all the people that want to hate a tool to do so...perhaps jews and israel should make a serious example of them then the rest of the fucking world might think you are not above laws.
Until then go fuck yourself , you self righteous self serving cunt.
Fans of your renowned Hosts File Engine are in shock following this revelation of rabid anti-Semitism. They're speechless, I tell you!
Il n'y a pas de Planet B.
Huh, $300K/year for a high-profile startup? That's not very much.
Jews did. I just read it. Can you prove I posted it? No. In the end I pity jews actually! They do bring it on themselves. Anyone can read that link and decide for themselves.
See, as far as racism, which that link is clearly loaded with and yes, those are quotes from the jewish talmud?
Hey - I've heard "stupid polock" directed my way a few times in my life but I knew better (if not for us poles you'd all be saying "Allah Ackbar" or have your heads cut off etc.) - Poles & Greeks saved you from that.
APK
P.S.=> Zontar, do I have to post all the times you've trolled me too like threatening me "WATCH YOUR MAIL" -> https://slashdot.org/comments.pl?sid=4980459&cid=46704073/ sending me a POSTCARD as you did, which I STILL HAVE mind you, like the loon you are? apk
So we have the names, we know what they did and where they live. There is a money trail, so when are they extradited to the US?
Don't fight for your country, if your country does not fight for you.
Is that APK being a big old racist, then? Well we live and learn.
Yes, I know this guy called Jesus who went into a building and shut down all the ATMs. If that isn't a denial of service, I don't know what is!
Whoever coined the "vDOS" name missed out on a great opportunity. It should have been DDoSaaS.
Still upset that your side LOST WW2?
Get thee to HELL. Socialist SHlTler needs new company.
Whatever. I see a lot worse here https://developers.slashdot.org/comments.pl?sid=9630813&cid=52853705/ & I'm not the author of that - afaik & have read, the jews are.
* Honestly? They create their own issues from what I see. Convince me otherwise (Or are the French, Poles, Egyptians, Spanish along w/ the Germans all 'wrong' here? THAT is the TRUE question - they didn't want them around anymore!)
APK
P.S.=> What I find quite unbelievable is that the USA is no longer that (not once I saw "FREE SPEECH ZONES") - Yet those writing stuff like what's in that link TRY to say "Anti-Semitism"? Please... apk
CloudFlare is hosting many of these DDoS services to start with, including the one in this article. Check out this recent list of DDoS/"Stresser"/"Booter" websites proudly hosted by CloudFlare:
alphastress.com, anonymous-stresser.net, aurastresser.com, beststresser.com, boot4free.com, booter.eu, booter.org, booter.xyz, bullstresser.com, buybooters.com, cnstresser.com, connectionstresser.com, crazyamp.me, critical-boot.com, cstress.net, cyberstresser.org, darkstresser.info, darkstresser.net, databooter.com, ddos-fighter.com, ddos-him.com, ddos.city, ddosbreak.com, ddosclub.com, ddostheworld.com, defcon.pro, destressbooter.com, destressnetworks.com, diamond-stresser.net, diebooter.com, diebooter.net, down-stresser.com, downthem.org, exitus.to, exostress.in, free-boot.xyz, freebooter4.me, freestresser.xyz, grimbooter.com, heavystresser.com, hornystress.me, iddos.net, inboot.me, instabooter.com, ipstresser.co, ipstresser.com, jitterstresser.com, k-stress.pw, layer-4.com, layer7.pw, legionboot.com, logicstresser.net, mercilesstresser.com, mystresser.com, netbreak.ec, netspoof.net, networkstresser.com, neverddos.com, nismitstresser.net, onestress.com, onestresser.net, parabooter.com, phoenixstresser.com, pineapple-stresser.com, powerstresser.com, privateroot.fr, purestress.net, quantumbooter.net, quezstresser.com, ragebooter.net, rawlayer.com, reafstresser.ga, restricted-stresser.info, routerslap.com, sharkstresser.com, signalstresser.com, silence-stresser.com, skidbooter.info, spboot.net, stormstresser.net, str3ssed.me, stressboss.net, stresser.club, stresser.in, stresser.network, stresser.ru, stresserit.com, synstress.net, titaniumbooter.net, titaniumstresser.net, topstressers.com, ts3booter.net, unseenbooter.com, vbooter.org, vdos-s.com, webbooter.com, webstresser.co, wifistruggles.com, xboot.net, xr8edstresser.com, xtreme.cc, youboot.net
If CloudFlare would stop providing bulletproof hosting for criminals and spammers, the internet would be a better place. But CloudFlare apparently loves its criminal customers. DDoS purveyors, terrorist websites, malware distributors, CloudFlare seems to welcome them all to its hive of scum and villainy. Maybe it's time to revive the concept of the Usenet Death Penalty and apply it to all traffic to and from CloudFlare. They're the sewer of the internet and should be null routed and de-peered.
See also: CloudFlare Watch
#SHITler2016
I have to laugh @ you with your "WATCH YOUR MAIL" -> https://slashdot.org/comments.pl?sid=4980459&cid=46704073/ sending me a POSTCARD as you did, which I STILL HAVE mind you, like the loon you are? LMAO!
* You're a whacko...
APK
P.S.=> NO questions asked... apk
It's scary how much damage to a business one could do with just peanuts worth of money ...
Essentially one could ruin a small business quite efficiently with a cheap DDoS if the business was reliant on their site and could not protect themselves ... :O
So, a Nazi objects to my sig. Sure, that's going to make me stop! Thank you, Adolf!
Go fuck your mother one more time. You obviously need at the friends you can get.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."