Dancho Danchev's Blog - Mind Streams of Information Security Knowledge: Inside the KillNet Crowd-Sourced DDoS Attack Campaign Targeting International Web Sites

Wednesday, October 26, 2022

Inside the KillNet Crowd-Sourced DDoS Attack Campaign Targeting International Web Sites - An OSINT Analysis

I've decided to take a deeper look inside the currently ongoing crowd-sourced DDoS infrastructure platform known as KillNet where multiple pro-Russian groups including various Pro-Ukraine groups are basically soliciting users internationally to "donate" their bandwidth to a central command and control server under the operation of KillNet botnet operators that further orchestrate the actual Target List and the actual DDoS attack campaigns.

What's new here? Nothing really as crowd-sourcing DDoS attacks has been around for a while. It doesn't take a rocket scientist to entice a thousand users into installing a rogue and bogus crowd-sourced DDoS attack application under a central management command of KillNet who will be responsible for issuing managing and updating the Targets List that also includes the actual launching of the DDoS attack campaigns.

Sample screenshots include:

Sample URLs known to have been involved in the campaign include:

hxxp://killnethackers.com

hxxp://killnet.tilda.ws

hxxp://wawsquad.cf

Stay tuned!

Dancho Danchev

Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com

Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

Wednesday, October 26, 2022

Inside the KillNet Crowd-Sourced DDoS Attack Campaign Targeting International Web Sites - An OSINT Analysis

No comments:

Post a Comment