TDoS-as-a-service ads pop up on publicly accessible forums
In the past, aspiring cybercriminals with no coding knowledge had to find a way into invite-only underground forums or had to spend hours in chat rooms to gain the trust of potential “colleagues” in order to acquire the tools they needed to have to start their life of cybercrime.
But, times have changed, says Webroot’s Dancho Danchev, and providers of malicious tools and services have obviously been forced to start offering their wares on publicly accessible forums in order to attract new customers.
The offers are various, and among them can also be found providers of so-called Telecommunications Denial of Service (TDoS) attacks.
These type of attacks are often mounted when cyber crooks syphon money out bank accounts via fraudulent transactions. If noticed by the bank or the client, they can be easily blocked or reversed before the money mules manage to extract the stolen money.
To prevent the customer contacting the bank by phone and vice versa, the criminals either mount the TDoS attacks themselves or retain the services of those who specialize in it.
But, there are also other potential buyers of such services – ones that these out-in-the-open ads target specifically, I suspect – otherwise legitimate companies that want to disrupt their rivals’ ability to do business by blocking their land and mobile lines.
And if the prices cited by the service discovered by Danchev are anything to go by, TDoSsing someone does not require that much money:
From 1 hour to 1 day – 3 USD per hour 1 number
From 1 day to 1 week – 40 USD per night 1 number
From 1 week to 2 weeks – 30 USD per night 1 number
From 2 weeks to 1 month – 25 USD per night 1 number
1 month – the price is negotiated individually
The service’s customers are offered a “test flood” for free to see how efficient it is, and can even pay in installments. The calls are made from a variety of numbers that don’t start with the same digits, so that the target can’t simply blacklist a specific range of numbers. Those that get blacklisted get replaced by new ones (“Phone of the victim will still be busy,” they claim).