In hacking and programming culture, a script kiddie is a derisive term used to describe people who use existing computer scripts or code to hack into computers because they lack the expertise or desire to write their own. The Urban Dictionary dismisses them as “generally… teenagers who want the power of the hacker without the discipline or training involved”, adding “anyone who follows this route aspires to be a blackhat, but most refuse to even dignify them with this term; “blackhat” generally implies having skills of your own”.
Researchers believed that script kiddies were behind the massive DDoS attacks against DNS provider, Dyn, in 2016. The attacks caused disruptions for various major websites, including Amazon, Twitter, PayPal and Netflix. They involved Mirai botnets, which deployed hundreds of thousands of IoT devices to launch the attacks, following the leak of the Mirai malware source code online. Cybercriminals can create large botnets using IoT devices due to the fact that many connected devices, such as IP cameras, DVRs and routers, have low security and vulnerabilities, making them liable to be hacked.
Various groups tried to take responsibility for the DDoS attacks, including hactivists New World Hackers and WikiLeaks who said their supporters were behind them; however, security researchers generally thought they were launched by script kiddies, in particular, members of the HackForums website.
The infrastructure used in the Dyn attacks was also employed to unsuccessfully take down a major video game company.
In an after-action analysis of the Mirai botnet attacks on Dyn, cybersecurity firm, Flashpoint said: “The technical and social indicators of this attack align more closely with attacks from the Hackforums community than the other type of actors that may be involved, such as higher-tier criminal actors, hacktivists, nation-states, and terrorist groups.” They explained their rationale in part in this way: “These other types of threat actors are unlikely to launch such an attack without a clear financial, political, or strategic objective, and they are very unlikely to launch an attack against a video game company.”
“Participants in the Hackforums community have been known to launch DDoS attacks against video game companies to show off their credentials as hackers of skill, or to ‘troll’ and gain attention by causing disruption to popular services,” the company added.