The US' Department of Justice (DoJ) has begun the seizure of 48 DDoS-for-hire services and brought criminal charges against six individuals involved.
Also involved in the operation is the FBI which was granted approval to take control of the websites as part of a wider international anti-cyber crime operation, the DoJ revealed on Wednesday.
The six arrested defendants allegedly oversaw cyber attacks launched from platforms known as booters. These are services which boot, or drop, a targeted computer from the internet. The services allegedly attacked millions of individuals in the US and around the world, including government agencies, gaming platforms, and educational institutions. The DoJ said that the attacks can also degrade internet services and disrupt connections.
Each defendant allegedly operated at least one site that offered services and subscriptions to booter services, said the DoJ. In each case, the FBI masqueraded as a genuine client and carried out test attacks to confirm the sites functioned as advertised.
Criminal charges have been filed against two defendants in Alaska: John M. Dobbs who allegedly operated IPStressor.com, and Joshua Laing who allegedly operated TrueSecurityServices.io.
In Los Angeles, four defendants have had criminal charges filed against them. Jeremiah Sam Evans Miller was accused of running RoyalStresser.com, Angel Manuel Colon Jr. allegedly ran SecurityTeam.io, Shamar Shattock allegedly operated Astrostress.com, and Cory Anthony Palmer, who was accused of running Booter.sx.
Millions of DDoS attacks were launched from the websites involved, targeting victims across the world, said the DoJ. Some of the services offered “stresser” services which the websites claimed were used for network testing. However, the FBI found that this was a pretence as the site admins and customers are aware that the customer is not attempting to attack their own computers.
“These DDoS-for-hire websites, with paying customers both inside and outside the United States, facilitated network disruptions on a massive scale, targeting millions of victim computers around the world,” said Antony Jung, the FBI special agent in charge of the case.
“Potential users and administrators should think twice before buying or selling these illegal services. The FBI and our international law enforcement partners continue to intensify efforts in combating DDoS attacks, which will have serious consequences for offenders.”
The arrests were made through work carried out in Operation Power OFF, an internationally coordinated effort between law enforcement agencies aiming to take apart DDoS-for-hire schemes across the world.
Other agencies provided the DoJ with assistance in the operation including the UK's National Crime Agency (NCA), Netherlands Police, Europol, and the Brandon Police Service in Canada. It also received support from companies in the private sector including Akamai, Cloudflare, Oracle, Google, Palo Alto Networks, Paypal, as well as the University of Cambridge.
According to the department, the coordinated law enforcement action took place before the holiday period, which usually sees an increase in DDoS attacks across the gaming world.
“Whilst I don’t think that this is insignificant, I do not believe that it will have that much effect on the use of companies like this to perform DDoS attacks,” said Leon Teale, senior penetration tester at IT Governance to IT Pro. “Overall, these site organisers who offer this service know full well the intent of its use and do so regardless of it being illegal and unethical.”
Teale said that the fact the FBI has managed to shut down the companies is simply a statistics game, as users that pay for the services will move to another.
“I suspect there will be a drop in DDoS attacks because of these sites shutting down, but I can’t imagine it will put much of a dent in the overall number of attacks that go on each day across the world,” he added.
At the same time, the FBI, the NCA, and the Netherlands Police have released an advertising campaign to deter potential cyber criminals from using DDoS services. The campaign is in the form of a targeted placement ad which appears in search engines and is triggered by DDoS keywords.
-
UK cyber experts on red alert after Salt Typhoon attacks on US telcosAnalysis The UK could be next in a spate of state-sponsored attacks on telecoms infrastructure
-
Healthcare data breaches are out of control – here's how the US plans to beef up security standardsNews Changes to HIPAA security rules will require organizations to implement MFA, network segmentation, and more
-
The US could be set to ban TP-Link routersNews US authorities could be lining up the largest equipment proscription since the 2019 ban on Huawei networking infrastructure
-
US government IT contractor could face death penalty over espionage chargesNews The IT pro faces two espionage charges, each of which could lead to a death sentence or life imprisonment, prosecutors said
-
US identifies and places $10 million bounty on LockBit, Hive ransomware kingpinNews Mikhail Pavlovich Matveev was linked to specific ransomware attacks, including a 2021 raid on the DC police department
-
Breach at US Transportation Department exposes 240,000 employee recordsNews An investigation is underway into the breach, which affected former and current employee data
-
UK crime fighters wrangle “several thousand” potential cyber criminals in DDoS-for-hire honeypotNews The sting follows a recent crackdown on DDoS-for-hire services globally
-
IRS mistakenly publishes 112,000 taxpayer records for the second timeNews A contractor is thought to be responsible for the error, with the agency reportedly reviewing its relationship with Accenture
