11 August 2022

Pro-Ukraine cybercriminal forum offers DDoS attacks against orgs in Russia, Belarus


Pro-Ukraine cybercriminal forum offers DDoS attacks against orgs in Russia, Belarus

A new pro-Ukrainian and anti-Russian and anti-Belarus forum has been spotted which offers DDoS-for-hire services for a relatively small price.

Called “DUMPS Forum,” the new forum appears to have been launched in late May 2022, and like many other Russian-language cybercriminal forums it contains sections for trading illicit goods, carding, malware, and initial access to targeted networks, but its primary focus, as a statement on the site indicates, is to support the Ukrainian war effort against Russia.

According to the forum’s rules, all topics must be aimed towards activity directed against Russia and/or Belarus. For the most part, the activity centers towards sharing data leaks, forged and stolen identity documents, and anonymous and bulletproof hosting services.

The researchers at Digital Shadows noted that one of the most “popular” sections on the site is the Leaks section, in which users posted data stolen from Russia-based government and private organizations, including several well known and important Russian government institutions and utilities providers.

DUMPS Forum also advertises DDoS attack services, with prices ranging from $80 per hour or $500 for 24 hours for Layer 4 DDoS attacks to $600 for 24 hours for Layer 7 attacks.

“This is the only forum we’re aware of that is taking such a stance, which puts DUMPS Forum in a unique position, whilst also painting a target on its own back; if the forum develops into a well-known and successful project, it will likely become a target of counter activity from Russia-supporting cyber criminals,” the researchers wrote in their report.

“Any success achieved by DUMPS Forum will however attract unwanted attention; the ban on Russian citizens visiting the forum highlights that the forum is already on the radar of the Russian state. It is also realistically possible that the success of DUMPS Forum may inspire other services looking to play a part in the ongoing conflict.”

Back to the list

Latest Posts

Cyber security week in review: September 23, 2022

Cyber security week in review: September 23, 2022

The world in brief: Cryptomarket maker Wintermute robbed of $160M in a hack, old Python bug potentially affects 350,000 open-source projects, and more.
23 September 2022
Unpatched 15-year-old Python vulnerability puts at risk over 350,000 open-source projects

Unpatched 15-year-old Python vulnerability puts at risk over 350,000 open-source projects

The vulnerable Python tarfile module is found extensively in frameworks created by Netflix, AWS, Intel, Facebook, Google and other software.
22 September 2022
Malicious actors continue to abuse Google Tag Manager tool to install e-skimmers

Malicious actors continue to abuse Google Tag Manager tool to install e-skimmers

The researchers said they discovered three variants of malicious scripts hidden within GTM containers that function either as e-skimmers or as downloaders for installing e-skimmers.
21 September 2022