DDoS for hire dstat.cc got seized

madtown769

https://web.archive.org/web/20240119015143/https://dstat.cc/

Using AWS Cloudfront? Really?

https://thehackernews.com/2024/11/german-police-disrupt-ddos-for-hire.html
https://fastnetmon.com/2024/11/05/german-police-shuts-down-ddos-service/

JabJab

18 visits
one post
DDoS for hire

GTFO

Levi

Opsec is not the strongest for most of cybercriminals. Usually trace back to the childhood when cracking activity started leads perpetrators to jail. Breadcrumbs. Follow the money. Dns history. Emails. Cockiness.

HostSlick

Old news

hostnoob

Are DDoS attacks still an issue?

Feel like I haven't heard of any big ones in forever, and I'm guessing even smaller websites are using things like Cloudflare or their provider's anti-DDoS services

MikeA

@hostnoob said:
Are DDoS attacks still an issue?

Feel like I haven't heard of any big ones in forever, and I'm guessing even smaller websites are using things like Cloudflare or their provider's anti-DDoS services

Yes, it's just that DDoS mitigation is so much more accessible and affordable now for end users.

SilverCreek

@hostnoob said:
Are DDoS attacks still an issue?

Feel like I haven't heard of any big ones in forever, and I'm guessing even smaller websites are using things like Cloudflare or their provider's anti-DDoS services

An issue? Not really, DDoS mitigation is so widely available it won't hurt much. Annoying? Maybe, depends on who you ask. They do eat bandwidth though, so volume filtering these days is a must for any provider in my opinion. Unfortunately it's still relatively cheap for people to do volumetric flooding, like this we received the other day:

Sure, it's not much, but if your host only has, say a 10Gbps circuit, they're toast with that flood in volume.

(Side-note: You can tell they're using a time-limited booter when it's almost 1/2/3/4/5min exactly, maybe 10 minutes exactly.)

Levi

Ddos as a flood attack is long time not popular. But, ddos as a tool for probe for vulns are a real pita.

sillycat

@Levi said: Opsec is not the strongest for most of cybercriminals.

What are you talking about? Seizing a domain just requires a court order.

@Levi said: Ddos as a flood attack is long time not popular.

You clearly have no idea what you're talking about.

kait

@sillycat said: You clearly have no idea what you're talking about.

Saarrrrr, https://www.ddosforhi.re/ amazing domain.

Levi

@sillycat said:

@Levi said: Opsec is not the strongest for most of cybercriminals.

What are you talking about? Seizing a domain just requires a court order.

@Levi said: Ddos as a flood attack is long time not popular.

You clearly have no idea what you're talking about.

You have problems with understanding text. Sorry, no discussions with you until improved.

alfirous

@sillycat said:

@Levi said: Opsec is not the strongest for most of cybercriminals.

What are you talking about? Seizing a domain just requires a court order.

The person behind the service was also arrested. So OpSec is relevant here.

alfirous

@Levi said:
Opsec is not the strongest for most of cybercriminals. Usually trace back to the childhood when cracking activity started leads perpetrators to jail. Breadcrumbs. Follow the money. Dns history. Emails. Cockiness.

Remind me of the Breach forum shenanigans that had reincarnation multiple times and still got arrested.