Two Israeli nationals suspected of operating a highly profitable DDoS service were arrested last week in Israel following an investigation conducted by the U.S. Federal Bureau of Investigation (FBI).
Security blogger Brian Krebs reported on Thursday that the operators of a so-called booter service named vDOS had earned more than $600,000 in the past two years by launching 150,000 distributed denial-of-service (DDoS) attacks on behalf of their customers.
vDOS, whose DDoS services can be rented for between $20 and $200 per month, is believed to have been around since 2012. The service’s profits were at one time laundered through PayPal, until its operators switched to Bitcoin payments.
Krebs investigated the service and its operators after someone hacked vDOS and gained access to its databases, configuration files, and real IP addresses. Evidence uncovered by the journalist showed that two Israeli nationals named Itay Huri and Yarden Bidani were likely behind the booter.
Roughly coinciding with Krebs’ report, Israeli news websites announced that Huri and Bidani, both aged 18, had been arrested. The suspects were taken into custody on Thursday, after Israeli police was informed of their activities by the FBI.
On Friday, Krebs’ website was targeted in a DDoS attack that peaked at nearly 140 Gbps. It’s possible that the attack was conducted via vDOS by Huri and Bidani since both suspects were bailed on Friday.
Authorities seized their passwords and placed them on house arrest for 10 days. They have also been banned from using the Internet and any telecom equipment for 30 days.
Huri and Bidani, who are said to have used the aliases P1st and AppleJ4ck, don’t appear to have put too much effort into protecting their real identities, or to hide their interest for DDoS attacks. The two recently published a technical paper on DDoS attacks on the website of Israeli company Digital Whisper. Furthermore, Bidani’s personal Twitter profile lists vDOS as his website and shows a tweet about the Pentagon’s site being down due to a DDoS attack in March 2015.
The vDOS website, hosted at vdos-s.com, is currently offline. Krebs has learned that a security firm called BackConnect Security hijacked its Internet addresses in an effort to stop an attack aimed at its networks.
Related Reading: Two Men Arrested in U.S. for Hacking Emails of Top Officials
Related Reading: Nigerian Behind $60 Million Online Fraud Network Arrested
Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Verisoul Raises $3.25 Million in Seed Funding to Detect Fake Users
- Government Shutdown Could Bench 80% of CISA Staff
- Google Rushes to Patch New Zero-Day Exploited by Spyware Vendor
- macOS 14 Sonoma Patches 60 Vulnerabilities
- New GPU Side-Channel Attack Allows Malicious Websites to Steal Data
- Microsoft Adding New Security Features to Windows 11
- Sony Investigating After Hackers Offer to Sell Stolen Data
- 900 US Schools Impacted by MOVEit Hack at National Student Clearinghouse
Latest News
- Verisoul Raises $3.25 Million in Seed Funding to Detect Fake Users
- Lumu Raises $30 Million for Threat Detection and Response Platform
- Government Shutdown Could Bench 80% of CISA Staff
- Moving From Qualitative to Quantitative Cyber Risk Modeling
- Cisco Warns of IOS Software Zero-Day Exploitation Attempts
- Russian Zero-Day Acquisition Firm Offers $20 Million for Android, iOS Exploits
- Sysdig Launches Realtime Attack Graph for Cloud Environments
- Google Rushes to Patch New Zero-Day Exploited by Spyware Vendor
