SafeBreach researchers have unveiled 'Win-DDoS,' a novel attack that turns public domain controllers into a powerful DDoS botnet. This method exploits RPC and LDAP flaws to amplify traffic without credentials or code execution, manipulating the LDAP URL referral process to redirect thousands of DCs to a victim's server. What makes this technique dangerous is its stealth and efficiency; it requires no purchased infrastructure and leaves no traceable footprint, turning the Windows platform itself into both a weapon and a victim.
