What do you mean? Swing VPN is a "free VPN" service that's actually operating a botnet. Swing VPN dunit.

Often, the VPN maker is different than the botnet provider.

https://scrapestack.com/faq: Residential ("premium") proxies provide IP addresses that are connected to real residential addresses and devices, which makes them much less likely to get blocked while scraping the web. We highly recommend using residential proxies for your web scraping needs as they make it easy to work around geo-blocked content and harvest data at scale.

I doubt somebody started or paid a VPN to strike Turkmenistan Airlines for shits and giggles. I suspect there is more to the story.

its not clear its ddos, though it might be, as one commenter suggested it might be ad revenue or so. maybe they hit themselves? :D. i bet we will never know.

No body starts a botnet to hit one target. Botnets are usually for hire. You find a vulnerability, establish as many C&C devices as you can, then advertise online that you have a botnet capable of XYZ, and you get contracts to hit particular endpoints.

In this example, Swing VPN is offering a "free VPN" service, but they actually pay for it with botnet contracts.

Right. I am interested in who would pay to strike Turmenistan Airlines. It's a target with no apparent value.

Getting a target DDoS'd is cheap, especially if that target resides in a country with not that great digital infrastructure.

For twenty dollars you can take down an airline that lost your luggage and didn't bother trying to find it back. It's childish behavior, but someone is petty enough. Store didn't honor their warranty? Pay five dollars and they'll lose more money in lost sales than their refusal would've cost them.

Sometimes it's not just petty criminals either. Extorting businesses with these types of attacks is all too common. "Pay us $x or your website will be down for months" is an easy threat to make, especially if you can take down a business for a fraction of their lost revenue. Attack twenty or more companies, wait for one of them to pay out and you've made yourself a huge chunk of cash.

There are all kinds of reasons to hire these botnets. Developing these botnets isn't very hard either, especially if you can sneak a trojan into a useful software library or hack someone else's library. You just have to think real scummy.

eh, we don't really know what all "Turmenistan Airlines" website actually does. It's a government agency after all, and it could be used to hide all sorts of online activity for some other government agencies. It could also just be a test contract, or an internal botnet test and OP just happen to catch that one.