NCA takes down world’s most prolific DDoS-for-hire website

close up conceptual Planet Earth made out of computer parts with binary code of one and zero.
(Image credit: Getty Images)

The National Crime Agency (NCA) has announced it was able to infiltrate a prominent DDoS-for-hire service, which has been launching tens of thousands of DDoS attacks every week.

Digitalstress.su is a criminal marketplace that offers DDoS services and was disrupted by a joint operation carried out by the NCA, FBI, and the Police Service of Northern Ireland (PSNI), taking control of the group’s infrastructure and domains.

The PSNI also revealed it had arrested one of the site’s suspected controllers earlier in the month on 2 July.

The coalition of law enforcement agencies took control of the digitalstress.su domain and disabled its functionality, replacing the site with a splash page informing visitors that their data was being collected by the police.

The NCA said it was able to access communication platforms being used by the group behind digitalstress, where they would discuss launching future DDoS attacks, warning the members that nowhere is safe for hackers. 

Paul Woods, detective chief inspector at the PSNI lauded the collaboration between the NCA, FBI, and PSNI, adding the force will continue to disrupt cyber criminal infrastructure.

“This is an excellent example of collaborative working. We will continue to work tirelessly alongside our law enforcement partners to disrupt the activities of those who use cyber technology to cause damage, whether locally or globally,” he said.

“Today’s welcome announcement should send a clear message to all cyber criminals that, whatever your motive or means, you are not beyond identification and investigation.”

Almost 50 successful takedowns of ‘booter’ sites since launch of Operation PowerOFF

This operation follows an international effort, Operation PowerOFF, led by the FBI and supported by the NCA in December 2022, targeting tools and services used by hackers to launch cyber attacks, which saw the takedown of 48 of the world’s most popular DDoS-for-hire platforms.

Cumulatively, these sites were responsible for 30 million attacks carried out in recent years. Since then UK law enforcement was able to collect the identities of thousands of suspected hackers after it set up a fake DDoS-for-hire platform in March 2023.

Also referred to as ‘booter’ sites, these services provide less technically proficient cyber criminals with an easy route into the hacking industry, as Paul Foster, head of the NCA’s National Crime Unit noted, thus putting a stop to them could drastically reduce the number of attacks individuals and businesses have to contend with.

“Booter services are an attractive entry-level cyber crime, allowing individuals with little technical ability to commit cyber offences with ease. Anyone using these services while our mirror site was in place has now made themselves known to law enforcement agencies around the world.”

RELATED WHITEPAPER

Foster added that the NCA, and other law enforcement agencies, are actively working on developing new techniques to stymie these booter sites, that go beyond compromising their hosting infrastructure.

“Although traditional site takedowns and arrests are key elements of law enforcement’s response to this threat, we are at the forefront of developing innovative tools and techniques which can be used as part of a sustained programme of activity to disrupt and undermine cyber criminal services and protect people in the UK.”

Solomon Klappholz
Staff Writer

Solomon Klappholz is a Staff Writer at ITPro. He has experience writing about the technologies that facilitate industrial manufacturing which led to him developing a particular interest in IT regulation, industrial infrastructure applications, and machine learning.