The hackers they claim to rent a massive Mirai botnet with more than 400.000 infected bots, ready to carry out DDoS attacks.
For readers who are unfamiliar with the Mirai, we inform you that it is one of a kind maliciousυ λογισμικού που στοχεύει σε συνδεμένες συσκευές με το Διαδίκτυο (IoT – Internet of Things) and has been used about two months ago in one of the biggest DDoS attacks which are known to date.
Its victims include the French Internet Service Provider OVH (1.1 Tbps), the company Dyn which manages DNS service benefits (unknown size) up to the personal blog of journalist-researcher Brian Krebs (620 Gbps), who at that time had uncovered an Israeli DDoS lease service called VDOs.
In some advertising spam messages sent via XMPP / Jabber yesterday, the two hackers are advertising their own DDoS-for-hire service built on the Mirai malware. They claim to be in control of a Mirai botnet consisting of 400.000 devices.
The two hackers behind this botnet are called BestBuy and Popopret, and they are the same two hackers who were behind the GovRAT malware used to infringement and the theft of data from countless US companies. It is also the core of a group of hackers who were active in the famous Hell hacking forum, which is considered the main meeting place for many elite hacks. More details about their previous efforts are available at InfoArmor report which was issued this autumn.
According to the botnet ad and what Popopret hacker has leaked into his conversations, customers can rent a desired amount of Mirai bots, but for a minimum of two weeks.
The price is determined by the amount of bots (more bots more money), the duration of the attack (more money), and the rest time (more time = discount).
Customers do not get a discount if they buy bigger bots, but they are discounted if they use long periods of rest.
As for the amount of the rental price, the hacker Popopret gave an order of magnitude for what it ranges: "the price for 50.000 bots with an attack duration of 3600 seconds (1 hour) and 5-10 minutes rest time is about 3-4k per 2 weeks”. Apparently he means $3-4.000 and as you can see, it's not a cheap service.
Once the botnet owners have reached an agreement with the buyer, the customer gets a onion backend of the botnet, where he can connect via Telnet and start his attacks.