Russian officials are claiming their Central Election Commission's website repelled a distributed denial of attack last Sunday during the country's national elections, which incumbent President Vladimir Putin predictably won in a landslide victory.
In a statement reported by Kremlin-controlled media outlets, election chief Ella Pamfilova said the Russian Central Election Commission's website was bombarded with malicious traffic, generated by IP addresses from 15 different countries, on Mar. 18 between 2 a.m. and 5 a.m. local time.
U.S. and global intelligence agencies have repeatedly accused Russia of sponsoring offensive cyberattacks and cyber espionage activities against Western nations for years, including DDoS attacks, intrusions into critical infrastructure and hacking the Democratic National Committee. While it's certainly possible a rival country could have responded in kind by targeting Russian elections, it's also conceivable that Moscow officials fabricated or exaggerated an attack as part of a disinformation or propaganda campaign.
Chris Boyd, malware analyst at Malwarebytes, told Newsweek that Russia's actual voting process takes place entirely offline, and would not have been affected.
PutinStresser.eu emerges
If the alleged election DDoS attackers truly wanted to give Putin something to stress over, perhaps they should have used PutinStresser.eu, a new DDoS-as-a-service tool that, according to an advertisement posted this month on Pastebin, can generate 350Gbps, per stress, via DNS amplification attacks.
According to a new report from Radware, the ad also boasts that the tool can execute the new memcached amplification attack that's allowed attackers to create record-breaking amounts of malicious traffic against sites such as GitHub in February and March. It also offers DNS, NTP, SNMP, TCP XSYN, XACK, XMAS, and GRE-based attacks, as well as attacks that specifically target TeamSpeak servers and gaming platforms such as the Valve Source Engine, Minecraft, Counter Strike, Steam and San Andreas Multi-Player.
The actor behind the tool, who goes by the handled Milw0rm, is also advertising the tool's features on YouTube and on a GitHub page that is openly hosting the install scripts, added Pascal Geenens, Radware security researcher, in an email interview with SC Media.
Radware reports that the developers behind the tool are charging would-be attackers anywhere from $10 per month for a 600-second attack time with the ability to run one concurrent attack, to $400 per month for 3.5 hours of attacks and six concurrent attacks.
PutinStresser.eu also offers live chat and customer support, as well as tools for resolving IP addresses, checking on the status of attacked websites, and finding the IP addresses of services protected behind Cloudflare.
Prices for DDoS attacks
PutinStresser.eu is obviously just one of many DDoS-as-a-service tools currently available on the internet. With that in mind, a report issued today by cloud security company Armor states that attackers can purchase a DDoS attack on a specific organization for as little $10 per hour, $200 per day, or $500-$1,200 per week.
Other services and tools found for sale online that were listed in Armor's Black Market Report included:
- Account Hacking Program: $12.99
- Hacked Instagram Accounts in Bulk, 1,000 - 10,000 accounts: $15 - $60
- Blow-Bot Banking Botnet: monthly Basic rental $750, monthly full rental $1,200
- Disdain Exploit Kit: $80 per day, $500 per week, $1,400 per month
- Stegano Exploit Kit (for multi OS platforms), Unlimited Traffic: $2,000 per day, $15,000 per month
- Microsoft Office Exploit Builder: Lite exploit builder $650, full version $1,000
- WordPress Exploit: $100
- Password Stealer: $50
- Android Malware Loader: $1,500
- ATM Skimmers: Wincor, Slimm, NCR, Diebold $700 - $1,500
