The Drive DDoS toolkit is an updated variant of the Dirt Jumper DDoS toolkit, which was in circulation as of January 2011.
- The Dirt Jumper family of DDoS toolkits was one of the most widely used methods of DDoS attack in Q3 of 2013.
- In August 2013, Drive was observed in the wild participating in attacks against businesses in multiple industry verticals, including financial services and e- Commerce.
- The command and control (C&C) admin panel of the Drive DDoS toolkit makes use of the same PHP code and SQL schema as the Dirt Jumper toolkit.
- The Drive Toolkit also delivers attack payloads similar to the Dirt Jumper toolkit.
- New signatures and communication patterns distinguish the Drive DDoS toolkit from the original Dirt Jumper.
- Attack instructions in the Drive variant are also simpler to use.
A large number of attack campaigns and malicious binaries have been attributed to cybercriminals using to the Drive DDoS toolkit.
- Focus on the DDoS attack by IT security personnel may lead unprepared businesses to overlook malicious actors’ access to customer accounts.
- Identifying the Drive DDoS toolkit as the source of attack is essential for financial institutions and e-Commerce firms in preventing and prosecuting fraud or theft.