Brian Krebs delves into the world of "booter" services, low-level, amateurish denial-of-service websites where you can use PayPal to have your video-game enemies' computers knocked off the Internet by floods of traffic. Many booter services run off the same buggy codebase, and Krebs was apparently able to get inside the administrative interfaces for them and get some insight into their business.
One such is "Asylum," which appears to be run by Chandler Downs, a 17-year-old Chicago-area honor-roll student who reportedly made $35,000 in PayPal payments in exchange for denial-of-service attacks. Asylum even has an ad (narrated by an actor hired through the casual labor exchange site Fiverr) where, for $18/month, you can launch unlimited DoSes against "skids on Xbox live."
Young Mr Downs claimed that his service was not used to attack people, but only for legitimate stress-testing, then he changed his story and said he was only managing the service for someone else, and "You are able to block any of the 'attacks' as you say with rather basic networking knowledge. If you're unable to do such a thing you probably shouldn't be running a website in the first place."
Read the rest
Nixon noted that all of the packets incoming from the traffic she ordered to her test machines appeared to have been sent from spoofed IP addresses. However, when she used the “Down or Not?” host checker function on Asylum, the site responded from what appears to be the real Internet address of one of the servers that are used to launch the attacks: 22.214.171.124.