DDoS-For-Hire: A Full Blown Market


DDoS-for-hire has been around for a while.  Until recently, “booters” were known as paid online services used by gamers to initiate DDoS attacks against their opponents to gain a competitive advantage.

Now, DDoS attacks can be launched by anybody with a credit card and a motive. No longer exclusive to gamers and hackers, a competitive DDoS-for-hire market has expanded nearly to the point of commoditization.


  • Prices Are Decreasing – In the past, attacks cost hundreds of dollars. They are now offered in several models from weekly subscriptions to others that are only a few dollars per week.
  • Quality of Service Increasing – Interfaces to the services, usability and visibility are looking professional and entail significant investment. Service offerings also include support and ticketing systems.
  • Attack Sophistication Increasing – Both in terms of firepower and in terms of persistency of infections.

The DDoS-for-hire products are maturing into platforms that offer sophisticated financial fraud and spam capabilities, while providing customers with a cheap, high-quality service. Whether it’s financial gain, espionage, cyber war or hacktivism, attackers are finding reasons to uncover and exploit security vulnerabilities in servers and applications daily. The abundance of publicly exposed servers and routers with weak password and protection policies enables malware herders to quickly and inexpensively assemble a robot army.

Organizations should now, more than ever, deploy protection and mitigation technologies…and watch out whose wrath their activities awaken. Anybody who’s angry enough can easily rent themselves a vicious botnet for the low price of a coffee and sandwich.

A Case Study on Malware

A little more than a month ago, the Radware Emergency Response Team (ERT) noticed a significant increased usage of the Tsunami SYN Flood attack against a large customer. This was a strong indication of a service related robot.

Radware security researchers managed to obtain a sample of the malware binary used to generate these DDoS attacks. We then deployed the malware in an isolated and controlled environment to study its behavior and its different attack vectors.

During a period of 10 days (June 14-23, 2015), we monitored more than 2000 attacks against more than 60 different targets in 7 different countries.

Visit here to read the full case study and an analysis on the malware and incident.


  1. […] That said, creating a botnet can take a long time. Fortunately for cyber criminals, several underground ‘DDoS-for-hire’ services have popped up in recent years, making it possible to rent existing botnet infrastructures or even pay someone to launch an end-to-end attack on a target of their choosing. The cost? Only a few dollars per week – meaning anybody with a credit card and a motive can quickly and easily launch an attack. […]

  2. […] Cela dit, la création d’un réseau de zombies peut prendre beaucoup de temps.  Heureusement pour les cybercriminels, plusieurs services d’attaque par déni de service distribué clandestins ont fait leur apparition ces dernières années, de sorte qu’il leur est possible de louer des infrastructures de réseaux de zombies ou même de payer quelqu’un pour attaquer la cible de leur choix. Le coût? Seulement quelques dollars par semaine, ce qui signifie que toute personne ayant une carte de crédit et un motif quelconque peut rapidement et aisément lancer une attaque. […]


Please enter your comment!
Please enter your name here