Akamai experts have discovered a new Dark Frost botnet that specializes in DDoS attacks against gaming industry companies.
According to experts, the botnet was created based on the source codes of Gafgyt, QBot, Mirai and other similar malware stitched together, but has currently infected only hundreds of devices.
So, as of February 2023, the botnet included 414 machines with various architectures, including ARMv4, x86, MIPSEL, MIPS and ARM7. The malware is believed to have been active since at least May 2022.
Let me remind you that we also wrote that Cloud9 Botnet Attacks Chrome with Malicious Extensions, and also that Botnet KmsdBot Attacks Gaming Companies and Luxury Car Manufacturers.
The targets of the Dark Frost botnet operator include game companies, game server hosting providers, online streamers and other members of the gaming community with whom the attacker interacted and conflicted directly.
Akamai, who reverse-engineered the botnet, estimates its potential at around 629.28 Gbps through a UDP flood attack.
The attacker also created a Discord channel to facilitate ransomware attacks and stated that he intends to turn Dark Frost into a DDoS attack service for hire.
Experts say that Dark Frost is a prime example of how easy it is for novice cybercriminals with basic programming skills to jump into action using already available malware and cause significant business damage.
