The researcher said that shortly after his test, the IP he used to log into one of the leaked accounts was bombarded by an ICMP flood.

“I suspect they were aware of the leak and were watching for logins of those accounts,” Farmer told Bleeping.

The researcher provided your reporter a short video of the attack, along with the screenshot below, showing the ICMP flood in progress.

ICMP flood on Derrick Farmer

TrueStresser is a Defcon.pro customer

Looking closer at dumped API calls, we can see that TrueStresser is actually renting infrastructure from another DDoS booter service called Defcon.pro.

The leaked API calls are in the same format as the Defcon API documentation, accessible in the Defcon.pro control panel.

http://api.defconpro.io/api.php?ip=[host]&port=[port]&time=[time]&method=[method]&key=MrBeard422+Jayden2311

Defcon.pro API documentation

The entire situation is eerily similar to the PoodleStresser-vDos chain of events. In August 2016, an unknown party breached and leaked the PoodleStresser database, which was later tied to another DDoS-for-hire service named vDos, the larger provider of DDoSing infrastructure at the time.

On its website, Defcon.pro claims to serve over 7,700 customers. A counter showed that customers used the service to launch over 3,900 attacks today, September 1, at the time of writing, and over 117,000 DDoS attacks in total.

In the API documentation, Defcon.pro operators claim to be able to launch the following types of DDoS attacks:

NORMAL:
------------------
DNS
DNS-Sec
NTP
SNMP
OVH
STORM
NINJA-off
SOURCE
REK
PROLAND
PiSoland
XSYN
XACK
XMAS

PREMIUM:
------------------
TS3-Droper
TS3-Fuck
CLDAP
WOLF
ABUSE
GRENADE
GK_Steam
GK_Samp
GK_MTA
GK_Minecraft
GK_Cod
GK_BF
GK_CS
GK_Quake
GK_Vicesity
GK_TF
GK_MoH
TCP-AMP
TCP-SACK

The Defcon.pro website also lists the following features:

24/7 Support
Private Methods
Skype Resolver
99% UPTIME
Dedicated Servers
Paypal/Bitcoin
Stop Button
IP Geolocation
Cloudfare resolver
Domain resolver
Amazing Power
Easy to use interface

Neither TrueStresser staff nor Defcon.pro admins responded to a request for comment.