The past few years have brought a proliferation of online services that can be hired to knock Web sites and individual Internet users offline. Once only found advertised in shadowy underground forums, many of today’s so-called “booter” or “stresser” services are operated by U.S. citizens who openly advertise their services while hiding behind legally dubious disclaimers. Oh, and they nearly all rely on Paypal
to receive payments.
Many of these booter sites are based on the same source code, meaning that any vulnerabilities in that code can be used to siphon data from the back-end databases of multiple, competing services. This happened in March to booter.tw
, a service that was used to launch a volley of attacks against this blog, among others.