Profiling a Popular DDoS Booter Service’s Ecosystem | WhoisXML API

Threat Reports

Profiling a Popular DDoS Booter Service’s Ecosystem

DDoS booter services have made launching attacks easier for cybercriminals, adding to the daily threats that individuals and organizations face. However, users of these tools inevitably leave online tracks, particularly in the DNS.

Building on a list of 644 IoCs uncovered by WhoisXML API threat researcher Dancho Danchev, our research team found more than 2,000 potential artifacts comprising:

  • 20 additional email addresses
  • 185 additional IP addresses 
  • 43 email-connected domains
  • 645 IP-connected domains
  • 1,303 string-connected domains

Download a sample of the threat research materials now or contact sales to discuss your intelligence needs for threat detection and response.

Try our WhoisXML API for free
Get started