Parler hosting company's code offered up for sale online

Unbreakable Lock
(Image credit: KAUST)
Audio player loading…

The source code and database (opens in new tab) of DDoS-Guard, the web hosting (opens in new tab) platform of the controversial social media company Parler (opens in new tab) has apparently been posted for sale online.

Amazon Web Services (AWS (opens in new tab)), the original hosting provider for the beleaguered social network, pulled the plug (opens in new tab) earlier this year over apparent insufficiencies in Parler's content moderation policy. 

Parler then found refuge with the Russia-based hosting provider DDoS-Guard, but researchers from cyber-intelligence company Group-B have uncovered a cybercrime forum listing offering DDoS-Guard’s database and the entire source code for its infrastructure for $350,000.

TechRadar needs yo...

We're looking at how our readers use VPN for a forthcoming in-depth report. We'd love to hear your thoughts in the survey below. It won't take more than 60 seconds of your time.

>> Click here to start the survey in a new window (opens in new tab)<<

Poetic justice

According to the post, the database supposedly contains information about DDoS-Guard’s customers, including their names, IP-addresses, and payment information. However, Group-IB has said that it can’t verify the authenticity of the data, since the poster hasn’t provided a sample. 

“If the data is legitimate, the threat actors can potentially use it in a number of ways: from mass spamming and follow up targeted phishing attacks,” said Group-IB’s threat intelligence analyst, Oleg Dyorov, speaking to CyberScoop, adding that the data could perhaps even be used to conduct ransomware attacks.

If the data is indeed authenticated, it’d be ironic given DDoS-Guard’s flirtations with the law.

Adrianus Warmenhoven, chief information security officer at Dutch cybersecurity (opens in new tab) firm Tesorion, told CyberScoop that DDoS-Guard is one of those hosting companies that are adept at staying “just at the edges of the law.”

In its earlier report on online piracy, Group-IB too had observed that DDoS-Guard not just hosts but also obstructs the identification of website owners of hundreds of shady resources that are engaged in illicit goods sale, gambling, and copyright infringements. 

Via CyberScoop (opens in new tab)

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.