Two hackers are renting access to a massive Mirai botnet, which they claim has more than 400,000 infected bots, ready to carry out DDoS attacks.
Mirai is rather good at breaking things. It has previously taken down the French Internet service provider OVH, managed DNS service provider Dyn and the personal blog of security journalist Brian Krebs.
Things got worse when the creator open-sourced Mirai, so other crooks could deploy their own botnets. Now there are multiple Mirai botnets popping up all over the web, as small-time crooks try to set up their personal DDoS weaponry.
Now in a spam campaign carried out via XMPP/Jabber started yesterday, two hackers, BestBuy and Popopret, have begun advertising their own DDoS-for-hire service, built on the Mirai malware.
They claim to be in the control of a Mirai botnet of 400,000 devices, albeit we couldn't 100 percent verify it's the same botnet observed by 2sec4u and MalwareTech (more on this later).
They are offering a minimum period of two weeks on their botnet.
"Price is determined by amount of bots (more bots more money), attack duration (longer = more money), and cooldown time (longer = discount)," Popopret told Bleeping Computer.
The price for 50,000 bots with attack duration of 3600 secs and 5-10 minute cooldown time is approx 3-4k per two weeks.
It is rather expensive, so it is probably cheaper to splash out on a box of chocolates, a 10 euro bottle of wine and just pretend you care.