Radware experts say Passion, a new DDoS attack platform, has been used by pro-Russian hacktivists to attack medical facilities in the US and Europe.
Let me remind you that we also have this article: First death due to ransomware attack: German hospital patient dies. You may also be interested in this information: US authorities say Russian hackers attacked US defense contractors.Also information security specialists reported that Russian Hackers Launched a Massive Spear-Phishing Campaign.
Researchers have linked Passion to hack groups such as Killnet, MIRAI, Venom, and Anonymous Russia.
According to Radware, operators of the Passion DDoS platform launched their service in early January 2023, starting with several defacements of the websites of Japanese and South African organizations.
It is reported that the service works on a subscription basis, and “clients” can pay for the desired attack vectors, given their duration and intensity. In total, ten attack vectors are available in Passion’s arsenal, allowing hackers to customize their campaigns and combine vectors to bypass victim protection:
- HTTP Raw;
- Crypto;
- UAM Browser;
- HTTPS Mix;
- browser;
- bypass;
- DNS l4;
- Mixamp l4;
- OVH-TCP l4;
- TCP-Kill l4.
Passion is $30 for a seven-day subscription, $120 for a month, and $1,440 for a full year. Platform operators accept Bitcoin, Tether and transfers through the QIWI payment system for payment.
The report also notes that Passion uses Dstat.cc metrics to demonstrate its capabilities and the effectiveness of L4 and L7 attacks against protections such as CloudFlare and Google Shield.
