Hackers used the Passion DDoSaaS platform to target healthcare

Pro-Russian hacktivists group used the new Passion DDoSaaS platform in its recent attacks against medical institutions in Europe and the United States.

Distributed Denial-of-Service-as-a-Service platforms offer tools to hackers looking to start disruption campaigns against their targets. This platform allows amateur hackers to start DDoS attacks without creating their botnet farm or coordinating with other groups.

Actors commonly develop these botnets by compromising vulnerable IoT devices such as IP cameras and routers. Subsequently, the actors unite these vulnerable IoT devices to form a large swarm of botnets that generates malicious requests towards a target.

 

The Passion DDoSaaS platform has strong relations with Russia.

 

According to investigations, the Passion DDoSaaS platform has operations that have distinctive connections with Russian cybercriminal groups, such as KillNet, Venom, and MIRAI.

The Passion botnet was exploited by hackers during a cybercriminal incident earlier last week. The attack targeted numerous medical institutions in the United States, Poland, Finland, Norway, Germany, Netherlands, Portugal, Spain, and the United Kingdom.

These campaigns against healthcare institutions are allegedly retaliation of Russia against the countries that aided Ukraine in the war by sending tanks.

Passion DDoSaaS platform operators first endorsed their service last month by performing several defacements operations on South African and Japanese organisation sites. The service needs a subscription, which customers can buy and get access to desirable attack transmitters, intensity, and duration.

Additionally, Passion endorses about ten attack vectors, enabling its customers to modify their attacks and even mix vectors to avoid security detection and mitigation tactics employed by their targets.

Furthermore, research revealed that the cost of obtaining the product varies. A weekly subscription could cost a buyer about $30, while a monthly subscription could cost them around $120. However, the Passion DDoSaaS platform operators also offer an annual subscription for nearly $1500.

Potential customers could pay through cryptocurrency platforms like Bitcoin and Tether. In addition, the operators also accept payment via a Russian payment service called QIWI.

Passion is the newest addition to the threats within the Distributed Denial-of-Service landscape. Therefore, organisations worldwide could face another set of attacks from different threat groups.