Biggest DDoS service hacked, data on users leaks

Two young Israeli hackers, with help from a few more from the US, probably made more than a million selling the service.

vDOS, arguably the biggest DDoS for rent service in the world, has been hacked, and the information about who used the service and against whom, leaked. The news broke out on Krebs On Security blog recently. Interesting details about the service were uncovered. 

For example, it was run by two hackers from Israel, with help from 'several’ young hackers from the United States.  Then, it was found that it had earned their owners $600,000 in two years, with the possibility of going over a million. Also, the entire database from September 2012, until March 2016, appears to have been erased. The servers used to launch these attacks were located in Bulgaria, and the service itself was cloaked by Cloudfare.  

A total of 277 million seconds of DDoS attack time was logged – some 8.81 years worth of attack traffic. If these figures sound surreal to you, it's because they are.  " That’s nearly nine of what I call “DDoS years” crammed into just four months,” it says in the KrebsOnSecurity blog.  This kind of compression was made possible because vDOS handles hundreds (If not thousands, as the blog says) of concurrent attacks on any given day. 

The owners are two young Israeli hackers going by the names P1st a.k.a. P1st0, and AppleJ4ck. They sell monthly subscriptions ranging from $20 to $200.   

“The extent to which the proprietors of vDOS went to launder profits from the service and to obfuscate their activities clearly indicate they knew that the majority of their users were using the service to knock others offline,” is one of the blog’s conclusions.   

Image Credit: Profit_Image / Shutterstock