The Russian DDoS One: Booters to Botnets

2014-12-12 by Dennis Schwarz

The Russian DDoS One or RD1 is an informal grouping of threat actors that focus on providing DDoS booter services on Russian language underground forums.

Besides the advertising, contact information, and the occasional drama, most of the business of Russian DDoS booters is done in private and difficult to attribute. This includes the back-end infrastructure that performs the DDoS attacks. To shed some light on the latter, this presentation will take a closer look at some of these RD1 threat actors, their booters, and their supporting DDoS botnets.

Bio
Latest Posts

Dennis Schwarz

Research analyst at Arbor Networks

Dennis Schwarz is a Research Analyst on Arbor’s ASERT Team. His duties include analyzing emerging threats to Internet security, reverse engineering malicious code and communications protocols, developing policies for attack mitigation, and contributing to the continual improvement and automation of Arbor’s internal threat analysis software infrastructure. Prior to Arbor, Dennis was an Intrusion Analyst with Dell SecureWorks where he analyzed and escalated network intrusions and malware infections for a large set of clients of all shapes and sizes. He holds a B.S. in Computer Science from Eastern Michigan University.

Latest posts by Dennis Schwarz (see all)

The Russian DDoS One: Booters to Botnets - 2014-12-12

2014, Presentation