'Organizers of a new botnet made up of infected home and small office
routers are brazenly selling denial-of-service attacks of once
unimaginable volumes for just $20 per target.
Calling itself Los Calvos de San Calvicie, the group is advertising
several services on this site. Among the services are distributed
denial-of-service attacks of 290 to 300 gigabits per second for $20
each. While a third the size of some of the biggest recorded attacks,
290Gbps is still enough to bring most sites down unless they seek DDoS
mitigation services, which in many cases cost considerable amounts of
money. Just five years ago, 300Gbps was considered enough volume to
shut down the Internet's core infrastructure.
Los Calvos de San Calvicie members have been spotted assembling a
botnet in recent days that very possibly has the firepower required to
deliver the potent attacks promised. According to Pascal Geenens, a
researcher at security firm Radware, the group is building the botnet
by exploiting two vulnerabilities: one in RealTek routers running
out-of-date firmware and the other in the Huawei HG532 router, where a
patch released in December has yet to be installed by many users. Both
vulnerabilities are also exploited by a different Internet-of-things
botnet known as Satori.'
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 858-5174