The Federal Bureau of Investigation (FBI) this week seized 15 domains associated with DDoS-for-hire services, the Department of Justice announced.
In addition to taking down the websites, which allowed users to launch powerful distributed denial-of-service (DDoS) attacks, the authorities charged three individuals who facilitated the computer attack platforms.
Through the seized websites, users could pay to cripple targeted networks by flooding them with traffic. Called “booters” or “stressers,” such services allegedly cause attacks on various victims in the United States and abroad, including financial institutions, universities, Internet service providers, government systems, and various gaming platforms.
The websites (including critical-boot(.)com, ragebooter(.)com, downthem(.)org and quantumstress(.)net) were seized on Dec. 19, pursuant to warrants issued by the U.S. District Court for the Central District of California. The services provided easy access to attack infrastructure and various payment options, including Bitcoin, and were relatively low cost, an affidavit in support of the warrant reveals.
“Each of the services was tested by the FBI, which verified those DDoS attack services offered through each of the seized websites. While testing the various services, the FBI determined that these types of services can and have caused disruptions of networks at all levels,” the DoJ announcement reads.
Also on Dec.19, Matthew Gatrel, 30, of St. Charles, Illinois, and Juan Martinez, 25, of Pasadena, California, were charged for operating the Downthem and Ampnode services. A criminal complaint filed in Los Angeles claims Downthem offered DDoS services directly to users, while Ampnode provided resources needed to create standalone DDoS services.
Between Oct. 2014 and Nov. 2018, Downthem had over 2,000 customer subscriptions and was used to launch or attempt to launch over 200,000 DDoS attacks.
On Dec. 12, David Bukoski, 23, of Hanover Township, Pennsylvania, was charged for operating Quantum Stresser, one of the longest-running DDoS-for-hire services. Launched in 2012, the service had over 80,000 customer subscriptions as of Nov. 29 and was used to launch over 50,000 actual or attempted DDoS attacks.
“The attack-for-hire websites targeted in this investigation offered customers the ability to disrupt computer networks on a massive scale, undermining the internet infrastructure on which we all rely. While this week’s crackdown will have a significant impact on this burgeoning criminal industry, there are other sites offering these services – and we will continue our efforts to rid the internet of these websites,” U.S. Attorney Nicola T. Hanna of the Central District of California said.