Wednesday, October 26, 2022

Inside the KillNet Crowd-Sourced DDoS Attack Campaign Targeting International Web Sites - An OSINT Analysis

I've decided to take a deeper look inside the currently ongoing crowd-sourced DDoS infrastructure platform known as KillNet where multiple pro-Russian groups including various Pro-Ukraine groups are basically soliciting users internationally to "donate" their bandwidth to a central command and control server under the operation of KillNet botnet operators that further orchestrate the actual Target List and the actual DDoS attack campaigns.

What's new here? Nothing really as crowd-sourcing DDoS attacks has been around for a while. It doesn't take a rocket scientist to entice a thousand users into installing a rogue and bogus crowd-sourced DDoS attack application under a central management command of KillNet who will be responsible for issuing managing and updating the Targets List that also includes the actual launching of the DDoS attack campaigns.

Sample screenshots include:






Sample URLs known to have been involved in the campaign include:
hxxp://killnethackers.com
hxxp://killnet.tilda.ws
hxxp://wawsquad.cf

Stay tuned!

No comments:

Post a Comment