Hey guys: less QQ, more pew pew

Real hackers have yet another reason to cringe about the Internet’s wonderful ability to commoditize things: tools allowing angry Halo 3 losers to DDoS their opponents are now entering the mainstream consciousness, according to SpywareGuide blogger Christopher Boyd.

The long and short of this story is this: FaceTime Security Labs, the firm that runs SpywareGuide, is noting an increased volume of posts on mainstream message boards like Yahoo! Answers, where non-hackers are asking how to do hacker-ish things like monitor a Halo 3 session for IP addresses and boot players off the ‘net.

These requests stem from the increased visibility of techniques and tools once reserved for the Halo underground, which allow Xbox Live players to effortlessly monitor an internet game for IP addresses, lease a botnet, and launch their own DDoS attacks. In many cases the software to do this is relatively user-friendly, and the few remaining hard parts – “tough” things like setting up a account and configuring port forwarding – are covered by a wealth of YouTube video tutorials.

One such tool, a “slick” pair of free programs called “BioZombie” and “Host Booter,” allows script kiddies to easily set up a botnet controller and commandeer others’ computers for use as their slaves. Most people can’t be bothered to set up their own botnet, though – after all, that requires actual work, along with a server farm or a couple dozen gullible friends – and so a handful of enterprising individuals will instead lease access to their botnets at a price that appear to hover around $2 per slave.

Given that most of these tutorials claim it takes between 40 and 60 zombies to knock an Xbox 360 offline, Timmy the 14-year-old wound-up Halo 3 griefer can now DDoS fellow Xbox Live gamers – or anyone else, for that matter – for about $100.

What’s interesting about all this isn't the obvious debate over merits and morality – cheaters and griefers are omnipresent deities in the world of online games, and DDoS-for-fun-and-profit has existed for years – but rather how this Halo 3 phenomenon is a manifestation of the increasing and ongoing commoditization of the Internet’s underground, previously secluded in shadows and, before that, reserved for the truly intelligent.

A recent Symantec study reveals an analogue to what we’re seeing here: keystroke loggers are available off the internet black market for $23 – clearly, the buyer isn’t smart enough to find the many keyloggers out there that are available for free – and a larger botnet run by true cyberthieves can set you back around $225. With more advanced tools selling for anywhere from $500-$3000, as well as the ready availability of CPU power as commoditized through services like Amazon EC2 – as long as you don’t violate the Terms of Service – the cost of wreaking havoc on the internet is beginning to plummet.

All of this brings us back to Joe the actually-skilled Xbox Live gamer, now left scratching his head while trying to figure out why Halo 3 stopped working. Service disruptions in an environment such as Xbox Live, where Microsoft guards sanity with a heavy hand, could pan out in a number of interesting ways – or not. It’s more troubling, instead, to think about how cavalier a few gamers are about breaking the law and ruining their opponents when given the opportunity, and how easy it is for random players to seep into each others’ lives.

P.S. “Less QQ, more pew pew” is a phrase borrowed from the culture surrounding MMORPGs like World of Warcraft. It means something along the lines of “quit whining and become a better player.”

"Well, we didn't have anyone in line that got shot waiting for our system." -- Nintendo of America Vice President Perrin Kaplan

Most Popular Articles

Copyright 2018 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki