50 ‘hacktivist’ amateur DDoS tools analysed

Network security vendor Arbor Networks has published a visual review of DDoS tools that are used by ‘hacktivist’ collectives - groups that hack into computers and organisations as a form of political protest.

These tools have attained popularity as many allow anyone with an internet connection to launch DDoS attacks.

In a blog post entitled titled Attack of the Shuriken: Many Hands, Many Weapons, the company has examined more than 50 popular DDoS attack tools, including single user flooding tools, small host booters, shell booters, remote access trojans (RATs) with flooding capabilities, simple DDoS bots, complex DDoS bots and commercial DDoS services.

“Our research shows that even many of the less sophisticated tools have remote access trojan functionality to perform password theft, download and execute other malware, sniff keystrokes and other malicious activities,” said Curt Wilson, a member of Arbor’s Security and Engineering Response Team (ASERT).

“In addition to the threats to confidentiality, actual incidents have shown that simple flooding tools such as a host booter can take down enterprise-class firewalls from either side of the firewall due to state table exhaustion.”