Points mean prizes in gamified DDoS platform
Gamification is increasingly used by business as a means of enhancing the usability of software. But now it seems hackers are exploiting the technique too.
Researchers at threat protection company Forcepoint have uncovered a DDoS package being shared on Turkish hacking forums employing a gamified approach.
The hacking group lures its participants to join its DDoS platform, known as Sledgehammer, by gamifying the attack and offering hackers the chance to compete with peers in order to earn redeemable points.
Users are rewarded with one point for every 10 minutes that they attack one of the 24 listed targets (which include Kurdish and German political websites). Hacking teams compete against each other for rewards including click-fraud bots and an upgraded version of the DDoS tool. Interestingly, the author of the tool has also included an unadvertised backdoor to access competitor's machines.
"This is the first time hackers have 'gamified' a hacking platform to the extent that participants compete against one another and can compare scores and redeem points for rewards on a single service," says Carl Leonard, principal security analyst at Forcepoint. "We believe that those behind Sledgehammer are in the participant acquisition phase and are trying to reach a critical mass".
You can find out more about Sledgehammer on the Forcepoint blog and there's an infographic overview of its features below.