DDoS attackers turning to simple 'booter' scripts, Prolexic warns

01. Mai 2012
Internet criminals are sidestepping the need to launch DDoS attack from large networks of malware-compromised bot PCs by using simpler server 'booter shells', mitigation firm Prolexic .

'Booter shells' or plain 'booters' are simple PHP, .ASP or Perl script template files planted on compromised servers to direct Get/Post commanded HTTP floods to overload target servers.

As Prolexic explains in its advisory, the approach has several advantages over conventional botnet DDoS attacks, starting with technical simplicity. Even non-technical users can place them on hosted or compromised servers, building a bot from individual servers with up to 1,000 times the capacity of a single PC.

It is also cheaper and quicker; there is no need to use complex malware and bot command and control infrastructure to create armies of zombies.

Many scripts are now available on the hacking underground and even Pastebin and no cost including several leading contenders - Greenshell, nBot and DeLiRiUm's DoS .ASP script - deconstructed some detail by Prolexic.

"Increased use of techniques such as booter shells is creating an exponential increase in the dangers posed by DDoS attacks," said Prolexic COO, Neal Quinn.

Zur Startseite