Why do I get the feeling that somewhere there is a high school computer lab which isn't sufficiently monitored?
Miscreant menaces Meetup, minuscule money mania mashed
Meetup.com has gone public with one of the most paltry ransom demands The Register has seen – but rather than pay up to end a distributed denial-of-service (DDoS) attack, the klatch organizer instead put up with its site being repeatedly hosed offline, we're told. The website said its woes began on Thursday when it received a …
-
-
Monday 3rd March 2014 23:29 GMT adnim
It's easy enough
to rent a botnet. And not exactly difficult to build one.
A high school computer lab is not required... An open wifi connection and a device with a spoofed MAC address is enough to avoid being traced and to send a target IP address to a C&C server. It only takes a few seconds to run a prepared script, it could be done whilst driving past without stopping.
No I didn't down vote you.
-
Tuesday 4th March 2014 06:38 GMT Wzrd1
Re: It's easy enough
"An open wifi connection and a device with a spoofed MAC address is enough to avoid being traced and to send a target IP address to a C&C server."
True enough, but if every ISP actually configured their network properly, such an attack would be more difficult to pull off with spoofing. A spoofed MAC address is one thing, but one has to have an IP. Many spoofers still spoof an IP that is not part of the ISP network, hence should not have routing accepted.
-
Tuesday 4th March 2014 10:37 GMT Vociferous
Re: It's easy enough
> not exactly difficult to build one
It's trivial to DDoS. You download the software, insert the IP or URL to hammer, and go. I said high school because like universities they often have gigabit networks, and unlike unversity students the culprit might feel that $300 was a lot of money. Plus the target was Meetup.
> An open wifi connection and a device with a spoofed MAC address is enough to avoid being traced and to send a target IP address to a C&C server
You are seriously overestimating the amount of effort (or planning) needed to DDoS a third-tier site like Meetup.
>I didn't down vote you
I don't mind downvotes. Until The Reg implements a "user X has replied to your post Y" function it's the best way to tell that a post may have garnered replies.
-
-
-
-
Tuesday 4th March 2014 06:41 GMT Wzrd1
Re: 'Give me your wallet'
"To think, the internet used to be such a nice place before the public and ad men were allowed in."
It's funny, I actually found a Viagra ad in my spam folder. I chuckled over it after I deleted the rubbish.
We used to build stories out of SPAM captured by our mail filters. Such as enjoying our all expense paid vacation in the Virgin Islands, enjoying the fruits of our Nigerian investments and enjoying our discounted Viagra, with assorted additions to make the story flow better, but all from that crap inundating our filters.
One finds stress relief somehow, as we can't shoot the bastards out of a cannon and into a midden heap.
-