It's always easier to steal from thieves. That might be the premise of a thousand mystery novels, but it's also true in the world of internet crime after Kickass Torrents, one of the largest piracy websites online, was taken offline as part of a distributed denial-of-service attack.
DDoS attacks occur when a criminal or group of criminals direct the internet connection from thousands (or sometimes millions) of unwitting computers toward a single web address, overwhelming the page with traffic. The attack on Kickass Torrents began Saturday and has continued intermittently for users across the world, and HackRead.com reported Tuesday the attack has all the hallmarks of a test DDoS meant to assess whether Kickass Torrents has adequate defenses, or is is vulnerable to another attack in which the criminals can demand a ransom.
Kickass Torrents is consistently ranked among the top 100 most popular websites in the world and is believed to reap millions of dollars in revenue every year.
Kickass Torrents administrators initially confirmed to TorrentFreak the DDoS targeted the site's DNS servers, which make it possible for users to visit the site. Kickass proxies were also affected.
“DNS servers are central to the operation of the internet at large, and in many cases there is nothing standing between them and the raw internet,” Dave Larson, chief operating officer at Corero Network Security, said in an email. “Organizations need to ensure that their own operated DNS servers, as well as the services they contract for with third party providers, are defended by always-on, in-line, automatic DDoS defense systems that can meet this challenge with a real-time response.”
This attack comes after a series of ransom-motivated DDoS attacks against ProtonMail, Hushmail and a number of other encrypted email providers in November last year. Two suspected members of the ransom gang DD4BC (which stands for “DDoS for bitcoin”) were apprehended last week, though other groups have since imitated DD4BC's criminal methods.