Hundreds of thousands of YouTube viewers are being encouraged to engage in cyber warfare against Russia by a YouTube influencer.
The YouTuber described how viewers may download a free pen-testing (DDoS) program called Liberator and “block that Russian propaganda machine” in a video posted to his channel this week.
Even if the cause seems noble and appealing, is DDoS lawful, and may users be prosecuted?
‘I NEED YOUR HELP!’ says a YouTuber.
In a video posted to YouTube on Thursday, April 28th, a YouTuber named Boxmining, who has over 268,000 followers, asked for everyone’s aid in countering Russian propaganda in the midst of the Kremlin’s escalating invasion of Ukraine.
At the time of writing, the YouTube video in question had over 86,000 views and was still growing.
“I need your assistance to aid Ukraine! There have been various disinformation tactics and fake news from the Russian government in recent weeks “According to the YouTuber.
“Fake news inundated the media, causing various repercussions around the world.”
“I ask for help very infrequently,” Boxmining continued, “but this is a scenario where you can join the cyber combat against Russia to stop that Russian propaganda machine.”
Boxmining swiftly illustrates how to obtain an offensive security tool called “Liberator” and conduct cyber warfare against Russia using nothing but your own machines and a VPN connection.
The Liberator program, developed by the hacktivist organization ‘disBalancer,’ operates by utilizing your computer to attack Russian websites that disseminate misinformation about current events.
Liberator launches a Distributed Denial of Service (DDoS) assault.
A DDoS assault occurs when several machines (bots) regularly flood a website’s servers with excessive requests in a short period of time, causing the servers to exhaust their permitted bandwidth and become unusable.
On a macOS device, a test run of Liberator is displayed below. The tool begins “looking for the Kremlin’s goal to defeat…” as soon as it is launched.
The disBalancer team curates the list of websites that the tool begins to assault.
DDoS is one of the easiest cyberattacks to carry out since it does not need “hacking” or infiltrating the target—merely flooding the servers with repeated web requests (packets) can cause them to “freeze” and stop displaying webpages for a period of time.
This is likely why, at some point, both hacktivist organizations and threat actors such as ransomware and extortion gangs have used DDoS assaults against their targets.
DDoS attacks on Romanian government websites have lately been undertaken by the Russian hacktivist organization “Killnet.”
YouTube’s policies prohibit content that demonstrates how to conduct hacking using computers and IT equipment in general, but the policy appears to apply more specifically to instructions on stealing credentials, compromising personal data, and causing “serious harm to others” by hacking their social media accounts.
DDoS videos, at least on YouTube, are thus a grey area.
Are you in danger because of the legality of it all?
The ongoing Russian invasion of Ukraine has already lasted more than two months, and the war is wreaking havoc on the Ukrainian people and their families.
Injured people, some with “wounds rotting with gangrene,” according to a report published just today. The Azovstal steel plant in Mariupol, Ukraine, has become a safe haven for these citizens.
While 25 of these citizens have been evacuated, it is estimated that up to 1,000 people remain trapped beneath the plant.
Even if they are not from the Russo-Ukrainian region, the mere sight of such awful facts and footages may compel netizens to act.
However, how much are you legally in the clear while conducting cyber warfare, and may it backfire?
The video’s creator claims to have spoken with Dyma Budorin, one of disBalancer’s consultants, and explains:
“This has nothing to do with anything malicious that’s being done on the app, but rather because of the acts of what the bot is going to do, it’ll start hitting Russian websites, so certainly it gets reported,” Boxmining explains Liberator, but we’re not convinced.
In most areas, launching DDoS attacks is a criminal violation.
Those found guilty of DDoS can face up to ten years in prison under the US Computer Fraud and Abuse Act (CFAA). DDoS assaults are also prohibited under the UK’s Computer Misuse Act of 1990. Similar legislation can also be found in Dutch law.
The use of “booter services and stressers” is also a violation of these laws.
These words should not be taken lightly, as the US Department of Justice has previously convicted a number of persons for carrying out DDoS attacks, including attacks against gamers, using IoT devices to carry out attacks, and running DDoS services.
If you don’t use encryption, your identity could be jeopardized.
While many people have welcomed the video and complimented the effort, some have expressed worries that this could be a “dangerous use” of the YouTuber’s audience reach, putting viewers at risk.
And it appears that YouTube user Junk may be correct.
Last month, Avast Threat Labs cyber security researchers warned against participating in DDoS assaults against Russia, no matter how noble the cause may appear to be. They especially looked at disBalancer’s app:
“The application begins by registering the user, which includes personal information such as location (derived from the IP address) and username. This registration occurs in the background without the user’s knowledge when the attack is launched “Michal Salát, Avast’s threat intelligence director and malware expert, adds.
“This data is sent to the C&C server using the unencrypted HTTP protocol, which means it can be readily intercepted. Furthermore, you have no way of knowing what site you’re assaulting, so you must rely on the author’s claims regarding the sites they claim to target.”
Should the C&C server be compromised, everyone involved in the DDoS attack might be recognized by their login and location, according to Avast Threat Labs’ worst-case scenario.
“Not only would this put them in risk, but they may also be duped into assaulting a different target,” Avast’s researchers go on to say.
Pascal Geenens, Radware’s director of threat intelligence, added his two cents to the conversation.
In an email to BleepingComputer, Geenens said, “Hacktivists have been anonymously promoting and educating members on how to use DDoS attack tools in the darker corners of YouTube, but an influencer with over 250k subscribers posting a professionally edited video is bringing hacktivism into a new era.”
“People all across the world are donating their computers to be turned into a massive DDoS weapon of destruction that can be used in a cyber war between states.”
“I sympathize with those who oppose war propaganda, but I’m concerned about how this may play out in the future.”
“The rules of the game are being altered. Is DDoS considered a crime? A word of warning, though. DDoS will be recognized and prosecuted as a crime depending on the perspective.”
Users should perform their own research before engaging in risky internet activities, such as hacktivism, to ensure they are not breaking any laws or exposing themselves to any risks.
