Hackers claim to rent a huge Mirai botnet with more than 400.000 infected bots, ready to carry out DDoS attacks.
For readers who are unfamiliar with the Mirai, we inform you that it is one of a kind maliciousy software that targets devices connected to the Internet (IoT – Internet of Things) and has been used about two months ago in one of the biggest DDoS attacks which are known to date.
Its victims include the French Internet Service Provider OVH (1.1 Tbps), the company Dyn which manages DNS service benefits (unknown size) up to the personal blog of journalist-researcher Brian Krebs (620 Gbps), who at that time had uncovered an Israeli DDoS lease service called VDOs.
In some spam spam messages sent via XMPP / Jabber yesterday, the two hackers advertise their own DDoS rental service, built on Mirai malware. They claim they have control over a Mirai botnet consisting of 400.000 devices.
The two hackers behind this botnet are called BestBuy and Popopret, and they are the same two hackers who were behind the GovRAT malware that was used to hack and steal data from countless Companies of the USA. It is also the core of a group of hackers who were active in the famous Hell hacking forum, which is considered the main meeting place for many elite hacks. More details about their previous efforts are available at InfoArmor report which was issued this autumn.
According to advertising του botnet και τι ο hacker Popopret has leaked in his conversations, customers can rent a desired amount of Mirai bots, but for a minimum period of two weeks.
The price is determined by the amount of bots (more bots more money), the duration of the attack (more money), and the cooldown (more time = discount).
Customers do not get a discount if they buy bigger bots, but they are discounted if they use long periods of rest.
As for the amount of the rental price, the hacker Popopret gave an order of magnitude for what it ranges: weeks". It obviously means $ 50.000-3600 and as you can see, it is not a cheap service.
Once the botnet owners have reached an agreement with the buyer, the customer gets a onion backend of the botnet, where he can connect via Telnet and start his attacks.
