In September 2024, the NCSC recorded an increase in DDoS attacks carried out by a botnet called "Gorilla". This is a "DDoS-as-a-service" service offered on Telegram, which can be rented for some fee. As an operator of a critical infrastructure in Switzerland was affected by such DDoS attacks, the NCSC has published the technical findings in a short report.
Technical indicators for GorillaBot:
https://github.com/govcert-ch/CTI/tree/main/20241010_GorillaBot/
Last modification 10.10.2024
