Link11 Insights Report on German DDoS Attacker ZZb00t released

The Link11 Security Operation Center (LSOC) has examined the high-frequency DDoS activities of an attacker acting under the pseudonym ZZb00t. Between April and May 2017, he attacked large logistics providers, online retailers and e-commerce service providers in Germany. His targets also included a postal service as well as providers of logistic and telecommunication services in the UK.

During his activities, ZZb00t, a self-proclaimed vulnerabilities hunter, exhibited signs of comprehensive attack know-how and caused most of his victims considerable damage. In June, Bielefeld (Germany) criminal investigators arrested the alleged perpetrator, who had been bragging of his activities to a large audience.

The ZZb00t special report analyzes:

• the perpetrator’s profile and motives his public Twitter communication
• his DDoS attack method and its impact
• his extortion attempts.

Since the beginning of this year, the LSOC has observed three dangerous DDoS attackers in Central Europe. Apart from ZZb00t, this includes Stealth Ravens and XMR-Squad. On the other end of the spectrum, there are attempts at extortion by hangers-on and copycats who are merely bluffing when they threaten attacks. For targeted companies, however, it is difficult to distinguish between serious threats and empty bluffs.

The Link11 report on ZZb00t’s DDoS attacks is available for download from the Link11 website. Also available for download without charge is the current Link11 DDoS report for Central Europe published by the LSOC on the Link11 website.

Share this post