Last year we highlighted a rather interesting service which makes it easy for anyone to embed a pirated movie.
Requiring only an IMDb number, Vodlocker.to allows anyone to embed videos, many of which are pirated.
This turned out to be a welcome feature for many smaller site operators, who use basic scripts to set up a streaming portal with minimal investment. In exchange, Vodlocker can serve some extra ads on these sites, which makes it a win-win for both parties.
More recently, however, it appears that ‘someone’ has added some extra code to the Vodlocker site that does more than streaming video or placing ads. As a result, the embedded videos are also being used to DDoS certain video streaming portals.
When we checked the site on Monday, Rainierland.com and Movie2k.st were being targeted, resulting in downtime. Today, the code has been updated and it’s now pointing movie4k.is, which is mostly unreachable as a result.
It’s not clear what the motivation for this attack is, or if Vodlocker is perhaps compromised, but it appears to be an intentional effort to take these streaming sites down.
Many of the sites that rely on these Vodlocker.to embed codes probably have no idea that they are participating in the attacks. The same is true for their visitors, who are unwittingly transformed into an army of stream-watching DDoS bots.
We contacted several of the affected sites for a comment but haven’t heard back. Vodlocker.to has no contact address listed, so we haven’t been able to reach out to the site itself.
“Since purpose-built attack sites typically don’t have many visitors, the attack volume is typically low. Performing a truly massive DDoS attack with this technique requires some more creativity.”
In this case, there appears to be enough volume to take smaller sites offline. Not only are there a lot of sites who rely on the Vodlocker.to embeds, the visitors generally keep their tabs open for a more than an hour, while they’re watching, continuously hammering away.