Used in conjunction with CryptoWall4 C&C to demonstrate DOS attack on a CryptoWall C&C server by leveraging on the resource asymmetrical property of a public key generation request.

Attacker (3.4% CPU Utilization):

C&C (96% CPU Utilization):

10000 locusts causing 80% failure rate:

On a "victim" machine requesting for a key:

$ curl http://172.16.27.130/Zoe2aN.php?b=dp7tm9rl3z09 --data "z=647571383032373074706a3771698a5e1581a9341bf0f0d8cebb252aec8f7338e321aa3c140f55087f3db92351efcf999ce70d063065672d05f86193f9b940"
curl: (56) Recv failure: Operation timed out