In late 2016, a Turkish hacker attempted to encourage DDoS attacks by turning it into a game, offering points and prizes for hackers who attempted to shut down certain political websites. The hacker set up a platform, which translates to ‘Surface Defense’, which prompted other hackers to sign up and score points. One point could be gained by attacking a website for ten minutes, for example. Participants were given a tool called Balyoz (meaning Sledgehammer), which enabled them to launch DDoS attacks against certain sites. The points could be amassed and turned into a cyber hacking reward, including more powerful DDoS attacking tools and access to bots aimed at generating revenue from click fraud.
Rules were applied to promote ‘fairness’ in the competition, including the fact that Balyoz could only run on one machine, rather than on a bot.
Attacks were initially limited to 24 political sites, which relate to the Kurds, the Armenian genocide and Angela Merkel’s political party in Germany, the German Christian Democratic Party. However, security firm Forcepoint who uncovered the scam, said, “Users can also suggest new websites to add to the list of targets.” They added, “There is a live scoreboard for participants to see how they compare to other participants.”
Furthermore, Forcepoint noted a nasty double bluff from the forces behind Surface DEfense: when someone signed up to participate in the competition, along with the Balyoz attack tool, came a piece of malware designed to secretly install a Trojan on the participant’s own computer if they were subsequently banned from the competition. Forcepoint assessed that the goal was likely to enslave the computer into a botnet to launch additional DDoS attacks.
The hacker behind the DDoS platform was thought to go by the handle of “Mehmet” and according to Forcepoint’s investigation, seemed to be based in the Turkish city of Eskisehir. It was not clear how many participants he managed to recruit, or whether or not any of the target websites were actually taken down.
Gamers regularly carry out DDoS attacks as a way of gaining a tactical advantage within a game. It is almost expected within gaming culture that a player will knock other players offline using DDoS to gain a competitive edge, or perhaps to knock an entire service offline. The stakes are high for the gaming companies as they lose revenue, and these kinds of attack can often make the news, gaining notoriety for the hacker and a damaged reputation for the gaming service.