An Ad for DDoS Services - Network, Phone, Competition

Published: 2008-11-19
Last Updated: 2008-11-20 03:57:24 UTC
by Lenny Zeltser (Version: 1)
1 comment(s)

The oldfashioned way to launch a network DDoS attack involved building one's own bot network that would flood the victim with unwanted traffic. However, the illicit marketplace for such services has matured, allowing a person to purchase DDoS services on demand, effectively renting a botnet for the event.

Here's one ad for such services. It's in Russian; the translation follows.


The ad scrolls through several messages, including:

"Will eliminate competition: high-quality, reliable, anonymous."
"Flooding of stationary and mobile phones."
"Pleasant prices: 24-hours start at $80. Regular clients receive significant discounts."
"Complete paralysis of your competitor/foe."

Perhaps the most interesting aspect of the advertised service is the offer to flood the victim's phones. We often think of network-based DDoS attacks, but phone-based DDoS could be as devastating. If the service can, indeed, target stationary (landline) phones, then we're not just talking about SMS-based floods. These would probably be actual phone calls, probably initiated using VoIP, maybe via stolen Skype accounts with dial-out credits. Anyone knows more about such phone attacks?

-- Lenny

Lenny Zeltser
Security Consulting - SAVVIS, Inc.

Lenny teaches a SANS course on analyzing malware.

1 comment(s)


At old $orkplace we had a Nortel team that regularly dealt with compromised PBX'. Usually discovered when they phonebill arrived and was in the order of $30000.

Not sure of the exact metrics of the calls, but they were usually to Russia, Brazil or China.

Part of DDoS or just regular calls stolen through the PBX? I don't know.

Diary Archives