Meetup.com has gone public with one of the most paltry ransom demands The Register has seen – but rather than pay up to end a distributed denial-of-service (DDoS) attack, the klatch organizer instead put up with its site being repeatedly hosed offline, we're told. The website said its woes began on Thursday when it received a …
Why do I get the feeling that somewhere there is a high school computer lab which isn't sufficiently monitored?
It's easy enough
to rent a botnet. And not exactly difficult to build one.
A high school computer lab is not required... An open wifi connection and a device with a spoofed MAC address is enough to avoid being traced and to send a target IP address to a C&C server. It only takes a few seconds to run a prepared script, it could be done whilst driving past without stopping.
No I didn't down vote you.
Re: It's easy enough
"An open wifi connection and a device with a spoofed MAC address is enough to avoid being traced and to send a target IP address to a C&C server."
True enough, but if every ISP actually configured their network properly, such an attack would be more difficult to pull off with spoofing. A spoofed MAC address is one thing, but one has to have an IP. Many spoofers still spoof an IP that is not part of the ISP network, hence should not have routing accepted.
Re: It's easy enough
You're usually behind a NAT gateway when connected to a wifi connection, so all you need is for the local router to accept your MAC address, which it has no reason not to.
The ISP network only talks to the local router, which has a correct IP and MAC address.
Re: It's easy enough
> not exactly difficult to build one
It's trivial to DDoS. You download the software, insert the IP or URL to hammer, and go. I said high school because like universities they often have gigabit networks, and unlike unversity students the culprit might feel that $300 was a lot of money. Plus the target was Meetup.
> An open wifi connection and a device with a spoofed MAC address is enough to avoid being traced and to send a target IP address to a C&C server
You are seriously overestimating the amount of effort (or planning) needed to DDoS a third-tier site like Meetup.
>I didn't down vote you
I don't mind downvotes. Until The Reg implements a "user X has replied to your post Y" function it's the best way to tell that a post may have garnered replies.
'Give me your wallet'
It's just coward-grade mugging. There's not even the skill, art or finesse of a good security breach, it's just thuggery.
To think, the internet used to be such a nice place before the public and ad men were allowed in.
Re: 'Give me your wallet'
"To think, the internet used to be such a nice place before the public and ad men were allowed in."
It's funny, I actually found a Viagra ad in my spam folder. I chuckled over it after I deleted the rubbish.
We used to build stories out of SPAM captured by our mail filters. Such as enjoying our all expense paid vacation in the Virgin Islands, enjoying the fruits of our Nigerian investments and enjoying our discounted Viagra, with assorted additions to make the story flow better, but all from that crap inundating our filters.
One finds stress relief somehow, as we can't shoot the bastards out of a cannon and into a midden heap.
Involve the cops pronto
Get the police involved, then agree to pay the money. Sort out some means of paying that is trivially traceable, and set Plod off to sniff down the blackmailers; pretty soon, exit crminial numpties stage left.
An alternative would have been ....
..... 'I will give you $500 for documented proof of who hired you' then hand over to the police if he agrees hopefully getting DDOS'r and his client in one.
- iPad? More like iFAD: This is why Apple ran off to IBM
- +Analysis Microsoft: We're making ONE TRUE WINDOWS to rule us all
- Climate: 'An excuse for tax hikes', scientists 'don't know what they're talking about'
- Analysis Nadella: Apps must run on ALL WINDOWS – PCs, slabs and mobes
- Major problems beset UK ISP filth filters: But it's OK, nobody uses them