Many years ago, EFF co-founder John Gilmore and I were discussing the prevalence of botnets, which are commonly used to launch distributed denial of service (DDoS) attacks that overwhelm websites with floods of traffic; John said that if the botnets were really on the rise at the reported rate, we should expect to see a massive crash in the price of DDoS services, following simple supply/demand logic.
I thought the point was so good that I made cheap access to DDoS a plot point in my 2008 novel Little Brother.
Now, researchers from Incapsula have delved into the world of cut-rate DDoS providers, who market their services for $5 a pop on the website Fiverr. The DDoSers figleaf their offerings by calling them "stress testers" that website owners can use to determine whether their sites are configured to handle lots of traffic, but as the Incapsula team found, most will cheerfully attack sites other than your own (though one vendor said he wouldn't attack "government state websites, hospitals").
This just goes to show that even DDoSers have some moral compass, as well as a healthy fear of the government.
With the true capabilities of at least one of the “stress testers” confirmed, we reached out to Fiverr to let them know about the misuse of their service. They were very quick to respond with a promise to have their Trust & Safety team investigate further.
Two days later we saw the results of their efforts. Three of the stresser providers were removed, including our pal Scullzy.
Unmasking DDoS for Hire on Fiverr
[Igal Zeifman and Dan Breslaw/Imperva Incapsula]
The Right to Repair movement has introduced dozens of state-level laws that would force companies to support independent repairs by making manuals, parts and diagnostic codes available, and by ending the illegal practice of voiding warranties for customers who use independent repair services, but these bills keep getting killed by overwhelming shows of lobbying force […]
Equifax doxed virtually every adult in America as well as millions of people in other countries like the UK and Canada. The breach was caused by an acquisition spree in which the company bought smaller competitors faster than it could absorb them, followed by negligence in both monitoring and responses to early warnings. Execs who […]
The next version of Chrome will patch a bug that lets websites detect users who are in incognito mode by by probing the Filesystem API; they've also pledged to seek out and block any other vulnerabilities that will let servers detect users in incognito mode.
If you suffer from sleep disorders, there are a number of methods out there to mitigate them: Ambient noisemakers, relaxation tapes, sleep masks, you name it. One thing that doesn’t get tried is headphones, for good reason. Even the smallest earbuds are liable to wake you up if you roll over the wrong way. Now […]
Looking to upgrade that old laptop or tablet? Holiday sales may be way on the horizon, but there’s an even better way to get like-new tech for a steal. Here are 10 of our favorite deals on personal computers and gaming gear – refurbished, renewed or brand new. Acer Touchscreen 11′ Chromebook 16GB (Certified Refurbished) […]
Vape technology has been around long enough that vapers are starting to get picky about their gear. Luckily, so are we. From disposable models to cutting-edge touchscreen atomizers, there’s a vaporizer in this roundup to suit every taste. Hera 2 – World’s Most Advanced Dual-Use Vaporizer Choose between dry herb or oil extraction modes – […]