A hacked DDoS-on-demand site offers a look into mind of “booter” users

A leaked database from a hacked denial-of-service site has provided some insight on what sorts of targets individuals will pay to knock offline for a few dollars or bitcoin. And it's safe to say that a significant percentage of them are not the brightest stars in the sky. To get an idea of who would use such a service and for what purposes, Ars analyzed the data from a recently-hacked DDoS for hire site: LizardSquad's LizardStresser.

"Booter" or "stresser" sites offer users the ability to pay for distributed denial of service attacks against a target, and these sites promise to try to disguise the nature of the attack with the fig leaf of being legitimate load testing sites. That wasn't so much the case with LizardStresser, the botnet-for-hire set up by the distributed denial of service crew known as LizardSquad. The group used its Christmas week DDoS attacks on Microsoft's Xbox Live network and Sony's Playstation Network as a form of advertising for the new service.

Since then, attacks on gamers have made up a significant percentage of the LizardStresser's workload. While more than half of the attacks launched by customers of the service have been against Web servers, a significant portion have targeted individuals or small community gaming servers—including Minecraft servers.

Read 12 remaining paragraphs | Comments