Botnet operators are offering their botnets of thousands of infected machines to any bad guy who wants to take down a network or Website. Some are even offering free "demos" of their botnet-based DDoS capability to prospective customers, according to McAfee's Third Quarter Threats Report released today.
"We've been seeing botnets being used for DDoS for quite some time. What we are starting to see lately is more political hactivism in addition to taking down someone for the notoriety, is DDoS [services] being sold through underground markets to government organizations," says Sam Masiello, director of threat management for McAfee. "We saw that with the Korean DDoS a couple of months ago."
The Georgian blogger whose social networking profiles were attacked -- which led to a major site-wide outage on Twitter, as well as interrupted service on Facebook and LiveJournal -- was also the result of a DDoS-as-a-service scheme, he says.
McAfee didn't have any numbers on how much botnet operators or their subcontracting service providers make, but the DDoS-for-hire service model lets most anyone wage a DDoS attack if they're willing to pay for it.
The report shows one example of a DDoS service provider advertising its services in an underground forum: the service offers 10 Gbps-to-100 Gbps botnet of anywhere from 80,000 to 120,000 bots via IRC for a minimum of $200 a day. The service offers a free, three-minute demo as well for prospective buyers.
"Like we've seen with spam and viruses, DDoS is just another add-on [service] because of how large [these botnets are]," Masiello says.
McAfee's report also found that spam, malware, and Web threats have hit all-time highs: 92 percent of all email is spam, and 55 percent of all malicious URLs are hosted in the U.S. The full report can be downloaded here (PDF).
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.