Select Page

The threat actors behind the DDoSia attack tool have come up with a new version that incorporates a new mechanism to retrieve the list of targets to be bombarded with junk HTTP requests in an attempt to bring them down.

The updated variant, written in Golang, “implements an additional security mechanism to conceal the list of targets, which is transmitted from the [command-and-control] to the users,” cybersecurity company Sekoia said in a technical write-up.

DDoSia is attributed to a pro-Russian hacker group called NoName(057)16. Launched in 2022 and a successor of the Bobik botnet, the attack tool is designed for staging distributed denial-of-service (DDoS) attacks against targets primarily located in Europe as well as Australia, Canada, and Japan.

Lithuania, Ukraine, Poland, Italy, Czechia, Denmark, Latvia, France, the U.K., and Switzerland have emerged as the most targeted countries over a period ranging from May 8 to June 26, 2023. A total of 486 different websites were impacted.

Python and Go-based implementations of DDoSia have been unearthed to date, making it a cross-platform program capable of being used across Windows, Linux, and macOS systems.

images from Hacker News