United offers up to a million miles in its bug bounty program but it’s not just white hat hackers being offered points.
A Turkish computer hacking group wants to leverage their own efforts and distribute the mayhem. They also may be looking to hack the hackers.
A Turkish hacking group is encouraging individuals to join its DDoS-for-Points platform that features points and prizes for carrying out distributed denial-of-service (DDoS) attacks against a list of predetermined targets.
The points earned can later be redeemed for various online click-fraud and hacking tools.
Sale of stolen frequent flyer miles on the darknet is a challenge, but this is a first I’m aware of where hackers have developed their own loyalty currency.
Here is how it works:
- “Using a DDoS tool named Balyoz, hacking participants are asked to attack a limited set of political websites, but can also suggest new websites to add to the list of targets.”
- “For every ten minutes spent attacking one of these websites, users receive points that can be traded in for rewards, such as a stand-alone version of the Sledgehammer DDoS tool and “click-fraud” bots used to generate revenue on pay-to-click (PTC) sites.”
- “There is even a live scoreboard so participants can see their point rank.” No word on whether scoreboard leaders achieve elite status in the Sath-ı Müdafaa (“Surface Defense”) program.
Current hacking targets are predominantly Kurdish, pro-Armenian, and Israeli along with the German Christian Democratic Party.
The problem with collaborating with hackers, is you can’t trust the hackers. Apparently they’ve installed a backdoor in the downloadable tool kit, meaning that the hacking group can hack their distributed hacker program members.
Whatever happened to war dialing and the blue boxes of my youth? Just setting up a computer overnight to randomly generate long distance company dialaround codes and then calling other computers, getting a list of codes in the morning that connected successfully in order to avoid long distance charges?