Menu

Prolific Hacking Gang DieNet Presents A Serious Threat

DieNet is, a newly identified hacktivist group, has claimed more than 60 Distributed Denial-of-Service (DDoS) attacks, targeting critical infrastructure from US transit systems to Iraqi government websites. This group announced itself on March 7, 2025, via a now-banned Telegram channel.  DieNet’s targets include  transportation, energy, medical systems, and digital commerce. 

New research from Netscout has assessed that DieNet exploits DDoS-as-a-service infrastructure, shared with groups such as OverFlame and DenBots Proof, to launch ideologically driven attacks against targets the US, Iraq, Israel, Sweden and Egypt.

Although the group claims success, it is difficult to verify whether the attacks had any impact on the  targets. However, their scale and frequency expose the ease with which new actors can exploit rented infrastructure to launch their own DDoS campaigns.

Netscout's key findings include:  

  • Attack frequency: DieNet has claimed more than 60 attacks within less than two months of the group’s debut.
  • Preferred targets: The group targets critical infrastructure, particularly in the US and Iraq, both in the form of digital communications and in physical infrastructure such as transportation or energy.
  • Attack platform: DieNet likely employs rented, DDoS-as-a-service infrastructure shared by a number of threat actors. Observations of the usage of the infrastructure predate DieNet itself.

Since its initial announcement, DieNet has been consistently active, launching frequent DDoS attacks against key infrastructure in multiple countries and its activities have been promoted by other active threat groups including  Mr.Hamza, Sylhet Gang-SG, and LazaGrad Hack. 

DieNet’s targeting seems to be ideologically driven, targetting a range of industries, aimed at maximising visible disruptions by targeting key infrastructure. 

  • In the US, DieNet has targeted the Los Angeles Metropolitan Transportation Authority, Port of Los Angeles, and Chicago Transit Authority, as well as the North American Electric Reliability Corporation, and in Iraq, it has targeted the Ministry of Foreign Affairs. 
  • The group also has targeted large centres of digital commerce and communication, such as X, medical websites such as MediTech and Epic, the Internet Archive, NASDAQ, and other large e-commerce and software-as-a-service (SaaS) providers.

DieNet’s attacks are characterised by a mixture of attack vectors such as TCP RST, DNS amplification, TCP Syn and NTP amplification. Notably, the attack vectors seem to vary between targets. Analysis of the attack sources reveal no discernable pattern or cluster of devices that would indicate a single controlled botnet. 

In fact, some of the individual sources of attack traffic that DieNet attacks used have also been used by other threat groups. This highlights the growing threat of DDoS-as-a-service attacks because organisations such as DieNet can spin up and begin launching a flurry of attacks overnight, all without having to rely on capturing their own infrastructure.
Conclusion and Protection Recommendations  

DieNet’s rapid rise is a sign of the growing threat of DDoS as a service, enabling ideologically driven groups to disrupt critical infrastructure.

Without robust defences, such actors can paralyse essential systems with minimal effort. Netscout recommends that organisations adopt proactive measures, including real-time visibility, automated mitigation, and intelligence-driven defences. In aprticular:-

  • Real-time visibility into botnet behaviour and attack patterns. Tools such as Netscout Arbor Sightline can help surface early signs of trouble.
  • Proactive mitigation with automated systems such as Arbor TMS or Arbor AED. These can stop both volumetric floods and more-complex, multivector attacks.
  • Intelligence-driven defence with feeds such as Netscout’s AIF. These provide information about context, what’s trending, who’s being targeted, and how actors are evolving.

Staying ahead of threat actors is an ever-changing job and requires a broad view of where these attacks come from, how they operate, and where they could strike next.

Image:

You Might Also Read: 

Telecoms - Beware Of The DDoS Threat Actor:


If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« What Is An SPF Record For Email?
Reimagining Cybersecurity In The Age Of Organised Threats »

Check Point

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Lunar

Lunar

Lunar is a free, enterprise-grade, compromised-credentials monitoring platform, available to every company, everywhere.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Telefonica Tech

Telefonica Tech

Telefónica Cyber Security Tech is focused on the prevention, detection and appropriate response to security incidents aimed at protecting your digital services.

PeCERT

PeCERT

PeCERT is the national Computer Emergency Response Team for Peru.

Lepide

Lepide

LepideAuditor is a powerful Data Security Platform that enables you to reduce risk, prevent data breaches and prove regulatory compliance.

Plexal

Plexal

Plexal is East London's innovation centre and co-working space. We offer startups flexible memberships, giving them access to office space plus all the benefits and support they need to scale.

Cyber Talents

Cyber Talents

CyberTalents is on a mission to close the gap of cyber security professionals shortage across the globe.

Network Intelligence

Network Intelligence

Network Intelligence delivers a comprehensive suite of AI-powered cybersecurity solutions built on the ADVISE framework.

Greenberg Traurig (GT)

Greenberg Traurig (GT)

Greenberg Traurig, LLP (GT) is a global law firm with offices in 40 locations in the United States, Latin America, Europe, Asia, and the Middle East.

Resilience

Resilience

Resilience combines insurance expertise with cybersecurity to deliver clear, effective solutions to protect you for the cyber risks of today and tomorrow.

Corsica Technologies

Corsica Technologies

Corsica Technologies is recognized as one of the top managed IT and cybersecurity service providers. Our integrated IT and cybersecurity services protect companies and enable them to succeed.

Fortify 24/7

Fortify 24/7

Fortify 24×7 provides a robust portfolio of managed cybersecurity solutions to help you identify and prevent attacks.

Advantex Network Solutions

Advantex Network Solutions

Advantex Network Solutions are a leading provider in Mitel, IT Solutions, Networking, and iP surveillance.

HCS

HCS

HCS is an IT Company and Telecoms provider with an experienced team who are dedicated to ensuring our clients business systems are protected.

Virtual Cyber Labs

Virtual Cyber Labs

Virtual Cyber Labs is a 21st generation Cybersecurity Edu-Tech company that offers an all-in-one hub including custom syllabus and labs.

Seasia Infotech

Seasia Infotech

Seasia Infotech is a leader in offering efficient, tailor-made and comprehensive digital transformation services.

ClearPhish

ClearPhish

CLEARPHISH INC, is a provider of Hyper-Realistic Phishing Simulations and Highly Impactful Cinematic Mode Cyber Awareness Training.

Malizen

Malizen

Malizen is a French company specializing in cybersecurity data analysis using artificial intelligence.

facebook sharing button Share
twitter sharing button Post
email sharing button Email
sharethis sharing button Share
linkedin sharing button Share
arrow_left sharing button
arrow_right sharing button