Gwapo’s DDOS Service

This ad was brought to my attention during a talk by the excellent James Lyne at the RSA Conference in London.

The mind boggles.

5 thoughts on “Gwapo’s DDOS Service

      • You sure about that?

        Services *like* that exist, certainly, but I am all but certain that this particular advert is a spoof.

        Among other things, if it were real, I’d expect the contact methods in the video to be, in a word, different. I have a very hard time believing that the mainstream communication services listed in all that contact info in the video (Live, Skype, Yahoo, etc.) would all leave the relevant accounts alone for any significant amount of time once anyone reported this to them. We’re talking major AUP violations here.

        An actual DDOS service would almost certainly employ significantly more fault-tolerant methods for first-time customers to reach them, ones that would be much more effectively anonymous for the contactee. To get ahold of us, enter this code phrase and a temporary webmail address we can use to contact you in such-and-such an IRC channel, or post it on such-and-such a usenet group, and we’ll get back to you promptly. Send us email at this address that’s hosted at an ISP in Almaty or Lagos or some place like that, where we can easily keep the entire ISP staff and their upstream effectively bribed for a couple hundred bucks a month, or this other email address that’s hosted by an ISP in Sweden that for ideological reasons will back us (even though they know very well we are up to no good), until somebody finally gets a court order, which will take at least a month maybe more like a quarter of a year. Stuff like that. So they don’t have to redo the video with new contact information every six hours.

        • Pretty sure, for a couple of reasons. Firstly, it was presented as genuine at a security conference by a high-up guy from Sophos (James Lyne) who seems to know what he’s talking about. Secondly, if you search YouTube, you can find several more ads of the same sort, e.g.
          https://www.youtube.com/watch?v=aCacibJa0Ps
          which bear all the hallmarks of some random person being paid to read a script. That doesn’t feel like parody.

          Also, there’s even a video of them demoing the system:
          https://www.youtube.com/watch?v=-Kh0nqYjykI