Jump to content

Vodlocker Hammers Streaming Sites with JavaScript-based DDoS


NelsonG

Recommended Posts

vodlocker.pngLast year we highlighted a rather interesting service which makes it easy for anyone to embed a pirated movie.

Requiring only an IMDb number, Vodlocker.to allows anyone to embed videos, many of which are pirated.

This turned out to be a welcome feature for many smaller site operators, who use basic scripts to set up a streaming portal with minimal investment. In exchange, Vodlocker can serve some extra ads on these sites, which makes it a win-win for both parties.

More recently, however, it appears that ‘someone’ has added some extra code to the Vodlocker site that does more than streaming video or placing ads. As a result, the embedded videos are also being used to DDoS certain video streaming portals.

Looking at the source of the embed pages, we see a piece of JavaScript that attempts to load content from external sites. This is triggered by unwitting visitors; not once, but dozens of times per second. The smaller sites in question, understandably, collapse under this load.

The script
script-1.png

When we checked the site on Monday, Rainierland.com and Movie2k.st were being targeted, resulting in downtime. Today, the code has been updated and it’s now pointing movie4k.is, which is mostly unreachable as a result.

Movie4k.is attack in action
hammer1.gif

It’s not clear what the motivation for this attack is, or if Vodlocker is perhaps compromised, but it appears to be an intentional effort to take these streaming sites down.

Before the weekend the German news site Tarnkappe reported that another site, Filmpalast.to, was suffering from a similar DDoS attack.

Many of the sites that rely on these Vodlocker.to embed codes probably have no idea that they are participating in the attacks. The same is true for their visitors, who are unwittingly transformed into an army of stream-watching DDoS bots.

We contacted several of the affected sites for a comment but haven’t heard back. Vodlocker.to has no contact address listed, so we haven’t been able to reach out to the site itself.

The JavaScript-based attack itself isn’t new. Cloudflare previously highlighted the problem, describing it as a growing issue on the Internet.

“If an attacker sets up a site with this JavaScript embedded in the page, site visitors become DDoS participants. The higher-traffic the site, the bigger the DDoS,” Cloudflare explained in a blog post some years ago.

“Since purpose-built attack sites typically don’t have many visitors, the attack volume is typically low. Performing a truly massive DDoS attack with this technique requires some more creativity.”

In this case, there appears to be enough volume to take smaller sites offline. Not only are there a lot of sites who rely on the Vodlocker.to embeds, the visitors generally keep their tabs open for a more than an hour, while they’re watching, continuously hammering away.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Torrentfreak?d=yIl2AUoC8zA Torrentfreak?i=dXBHsdlzOD4:AFN_DMXn1MM:D
dXBHsdlzOD4

View the full article

Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Our picks

    • Wait, Burning Man is going online-only? What does that even look like?
      You could have been forgiven for missing the announcement that actual physical Burning Man has been canceled for this year, if not next. Firstly, the nonprofit Burning Man organization, known affectionately to insiders as the Borg, posted it after 5 p.m. PT Friday. That, even in the COVID-19 era, is the traditional time to push out news when you don't want much media attention. 
      But secondly, you may have missed its cancellation because the Borg is being careful not to use the C-word. The announcement was neutrally titled "The Burning Man Multiverse in 2020." Even as it offers refunds to early ticket buyers, considers layoffs and other belt-tightening measures, and can't even commit to a physical event in 2021, the Borg is making lemonade by focusing on an online-only version of Black Rock City this coming August.    Read more...
      More about Burning Man, Tech, Web Culture, and Live EventsView the full article
      • 0 replies
    • Post in What Are You Listening To?
      Post in What Are You Listening To?
    • Post in What Are You Listening To?
      Post in What Are You Listening To?
    • Post in What Are You Listening To?
      Post in What Are You Listening To?
    • Post in What Are You Listening To?
      Post in What Are You Listening To?
×
×
  • Create New...