Alleged orchestrators behind DDoS attacks for hire website arrested

12 Sep 2016

The Israeli website vDOS, which orchestrates distributed denial of services (DDoS) attacks for a fee, has been “massively hacked”, revealing details on the thousands of people who paid for the service.

The DDos website – referred to as a booter service, doing the dirty work of others for a fee – has earned over $600,000 and coordinated more than 150,000 attacks over the past two years.

To put the scale of its efforts into context, within a four-month period from April to July this year, the site was responsible for generating nearly nine years, or 277m seconds, of attack time.

Last Thursday (8 September), the site was “massively hacked” following the discovery of a vulnerability in its systems. The hack revealed details on thousands of the site’s users, who used established financial payment services, including credit cards and PayPal, to pay for the DDoSattacks.

After published details about the founders of vDOS, a pair of 18-year-old Israelis – Itay Huri and Yarden Bidani – have been arrested by Israeli authorities following an investigation by the FBI.

Since the major hack against vDOS on Friday, the site appears to have been taken offline, in spite of the site being hosted across four servers located in Bulgaria.

A company called BackConnect Security is claiming responsibility for the hijack of vDOS’s site.

Alleged owners published paper on DDoS attack methods

Speaking with KrebsOnSecurity, BackConnect CEO Bryant Townsend said the decision to take down the website was a retaliatory action, following the discovery that vDOS was behind a massive attack launched against BackConnect on 8 September.

Both Huri and Bidani have been very active in the DDoS community, issuing a technical paper online detailing their method of DDoS attack.

While it remains to be seen whether the pair are indeed the proprietors of the DDoS for hire website, details released following last week’s hack revealed a relatively professional service with responsive customer support.

Based on details revealed during the hack of vDOS, support emails were set to be forwarded on to two email addresses: and

Keyboard image via Shutterstock

Colm Gorey was a senior journalist with Silicon Republic