Security Experts:

Connect with us

Hi, what are you looking for?



U.S. Authorities Take Down 15 DDoS-for-Hire Websites

The Federal Bureau of Investigation (FBI) this week seized 15 domains associated with DDoS-for-hire services, the Department of Justice announced. 

The Federal Bureau of Investigation (FBI) this week seized 15 domains associated with DDoS-for-hire services, the Department of Justice announced. 

In addition to taking down the websites, which allowed users to launch powerful distributed denial-of-service (DDoS) attacks, the authorities charged three individuals who facilitated the computer attack platforms. 

Through the seized websites, users could pay to cripple targeted networks by flooding them with traffic. Called “booters” or “stressers,” such services allegedly cause attacks on various victims in the United States and abroad, including financial institutions, universities, Internet service providers, government systems, and various gaming platforms.

The websites (including critical-boot(.)com, ragebooter(.)com, downthem(.)org and quantumstress(.)net) were seized on Dec. 19, pursuant to warrants issued by the U.S. District Court for the Central District of California. The services provided easy access to attack infrastructure and various payment options, including Bitcoin, and were relatively low cost, an affidavit in support of the warrant reveals.

“Each of the services was tested by the FBI, which verified those DDoS attack services offered through each of the seized websites. While testing the various services, the FBI determined that these types of services can and have caused disruptions of networks at all levels,” the DoJ announcement reads. 

Also on Dec.19, Matthew Gatrel, 30, of St. Charles, Illinois, and Juan Martinez, 25, of Pasadena, California, were charged for operating the Downthem and Ampnode services. A criminal complaint filed in Los Angeles claims Downthem offered DDoS services directly to users, while Ampnode provided resources needed to create standalone DDoS services. 

Between Oct. 2014 and Nov. 2018, Downthem had over 2,000 customer subscriptions and was used to launch or attempt to launch over 200,000 DDoS attacks.

On Dec. 12, David Bukoski, 23, of Hanover Township, Pennsylvania, was charged for operating Quantum Stresser, one of the longest-running DDoS-for-hire services. Launched in 2012, the service had over 80,000 customer subscriptions as of Nov. 29 and was used to launch over 50,000 actual or attempted DDoS attacks.

“The attack-for-hire websites targeted in this investigation offered customers the ability to disrupt computer networks on a massive scale, undermining the internet infrastructure on which we all rely.  While this week’s crackdown will have a significant impact on this burgeoning criminal industry, there are other sites offering these services – and we will continue our efforts to rid the internet of these websites,” U.S. Attorney Nicola T. Hanna of the Central District of California said. 

Related: California Man Gets 26-Month Prison Sentence for DDoS Attacks

Related: DDoS Attacks Less Frequent But Pack More Punch: Report

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.


Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack


CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.


Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.