A new pro-Ukrainian and anti-Russian and anti-Belarus forum has been spotted which offers DDoS-for-hire services for a relatively small price.
Called “DUMPS Forum,” the new forum appears to have been launched in late May 2022, and like many other Russian-language cybercriminal forums it contains sections for trading illicit goods, carding, malware, and initial access to targeted networks, but its primary focus, as a statement on the site indicates, is to support the Ukrainian war effort against Russia.
According to the forum’s rules, all topics must be aimed towards activity directed against Russia and/or Belarus. For the most part, the activity centers towards sharing data leaks, forged and stolen identity documents, and anonymous and bulletproof hosting services.
The researchers at Digital Shadows noted that one of the most “popular” sections on the site is the Leaks section, in which users posted data stolen from Russia-based government and private organizations, including several well known and important Russian government institutions and utilities providers.
DUMPS Forum also advertises DDoS attack services, with prices ranging from $80 per hour or $500 for 24 hours for Layer 4 DDoS attacks to $600 for 24 hours for Layer 7 attacks.
“This is the only forum we’re aware of that is taking such a stance, which puts DUMPS Forum in a unique position, whilst also painting a target on its own back; if the forum develops into a well-known and successful project, it will likely become a target of counter activity from Russia-supporting cyber criminals,” the researchers wrote in their report.
“Any success achieved by DUMPS Forum will however attract unwanted attention; the ban on Russian citizens visiting the forum highlights that the forum is already on the radar of the Russian state. It is also realistically possible that the success of DUMPS Forum may inspire other services looking to play a part in the ongoing conflict.”