DDoS Botnet Operators Arrested in China
Jessica Williams | Last Updated:
This week, Chinese authorities have begun a national sweep of criminal groups operating DDoS services in the country.
As of November, the specific botnet in question had more than 200,000 websites effectively under its control, basically making the operation deadly in terms of its ability to knock entire web services offline.
In China over the past few years, the DDoS scene has begun to heat up exponentially to the point of DDoS-for-hire services becoming wildly popular. The Chinese Government and authorities have thankfully rolled out a dedicated taskforce to take care of these ongoing issues, and as a result, have taken one of the most extensive DDoS operations out of the equation this week.
The Mirai IoT Source Code
Back in 2016, the Mirai IoT source code for botnets was released to the public, providing hackers and cybercriminals with the building blocks to create their own botnets, which can be almost limitless in size.
With these botnets in place, cybercriminals could then redirect vast amounts of web traffic to specific websites and online services, effectively straining their infrastructure and shutting down the site or service for a period of time.
Not too long after the botnet-building source code was released, security intelligence team CISCO Talos noted that there was a significant spike of DDoS-for-hire services coming out of China.
An Increasing Problem
Looking at current botnet operations and into the future, Chinese DDoS-for-hire operates have stepped beside the Mirai IoT Source Code and have moved on to taking advantage of exploits in websites, effectively enabling the use of these sites for attacks.
Due to the departure from the Mirai IoT Source Code, the number of Chinese botnets has grown considerably, to the point where there’s no way the problem can be ignored.
The dilemma is so severe, in fact, that the somewhat complicit Chinese authorities have begun prioritising these botnets and have arrested a number of perpetrators in the past few weeks alone.
In a coordinated investigation that came to a head this week, Chinese police arrested more than 41 suspected botnet operators and enablers throughout 20 cities in the country.
The authorities also seized a somewhat sizeable $1.4 million or 10 million yuan in suspected ransom payments or cash used to assist in operations.
Local media outlets have touted the botnet in question as being able to output attacks that reached around 200gbps, effectively large enough to cause significant damage to just about any business and website.
Other uses for the botnet service, beyond DDoS and for-hire attacks, included spam deployment along with malicious advertising and crypto mining, all of which are capable of disrupting business and harming Chinese consumers.
Protecting Your Devices
To be brief, DDoS attacks work by gaining control of thousands of unsecured devices and using their connection to the web to bombard businesses. Everything from smart lights, computers, televisions and more can be used in these malicious attacks without your knowledge.
Staying safe is somewhat simple; all you’ll need is a reliable VPN service masking all of your devices from hackers. Although this isn’t a surefire bet, you’re far less likely to see a botnet operator go to the trouble of working to bypass a VPN.
We suggest investing in a router-based VPN such as NordVPN, ExpressVPN or CyberGhost and protecting all of your devices at home and work with this VPN. You’ll be secure from DDoS attacks, and also have all of your browsing data anonymised to boot.