New JenX IoT DDoS Botnet Offered Part of Gaming Server Rental Scheme

LASER_oneXM

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
SanCalvicie.png


The operators of a gaming server rental business are believed to have built an IoT DDoS botnet, which they are now offering as part of the server rental scheme.

The prime and pretty obvious clue that ties this new IoT botnet — named JenX— with the gaming server rental service is the IoT's command-and-control server, located at skids.sancalvicie.com.

The botnet's C&C server is found on the same server and domain used by the gaming server rental business —San Calvicie (sancalvicie.com).

Botnet most likely used for DDoS-for-hire feature
Researchers from cyber-security firm Radware, who discovered this new botnet, say JenX is likely the botnet that powers a DDoS function included in one of San Calvicie's rental offers —named "Corriente Divina."

For $16, users can rent a GTA San Andreas multiplayer modded server, for $9 they can rent a Teamspeak server, and for an additional $20 users can launch DDoS attacks of between 290 and 300 Gbps, according to the San Calvicie site.


The San Calvicie service claims the botnet can carry out Valve Source Engine Query and 32bytes DDoS floods. They also advertise a "Down OVH" option, suggesting their botnet is large enough to cause problems even for the world's largest ISP and VPS providers.
Click to expand...
Not currently a threat
For now, Radware also points out the botnet is not a serious threat. "Unless you frequently play GTA San Andreas, you will probably not be directly impacted," Geenens said.

"The botnet is supposed to serve a specific purpose and be used to disrupt services from competing GTA SA multiplayer servers. I do not believe that this will be the botnet that will take down the internet," Geenens added.

"But it does contain some interesting new evolutions and it adds to a list of IoT botnets that is growing longer and faster every month! That said, there is nothing that stops one from using the cheap $20 per target service to perform 290Gbps attacks on business targets and even government related targets. I cannot believe the San Calvicie group would oppose to it."
Click to expand...
 
  • Like
Reactions: upnorth and harlan4096
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Like
Mozi malware botnet goes dark after mysterious use of kill-switch
Replies
1
Views
842
News Archive
ForgottenSeer 97327
F
Orchid
    • Like
New Mirai malware variant infects Linux devices to build DDoS botnet
Replies
5
Views
793
News Archive
MuzzMelbourne
MuzzMelbourne
MuzzMelbourne
    • Like
    • +Reputation
Mirai botnet targets 22 flaws in D-Link, Zyxel, Netgear devices
Replies
2
Views
1,379
News Archive
vtqhtr413
vtqhtr413

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top