Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

US Charges Six in Operation Targeting 48 DDoS-for-Hire Websites

DDoS for hire websites seized by FBI

DDoS for hire websites seized by FBI

The US Justice Department announced on Wednesday that a law enforcement operation has resulted in the seizure of 48 internet domains associated with popular DDoS-for-hire services, as well as charges against six alleged operators of these services.

The websites, known as ‘booter’ or ‘stresser’ services, make it easy for their customers to launch DDoS (distributed denial-of-service) attacks against a target. The customer does not require any knowledge of hacking techniques in order to launch an attack and cause potentially significant disruption.

According to authorities, the seized websites were used to launch millions of actual or attempted DDoS attacks.

Some of the sites attempted to avoid legal liability by claiming that the services they offered were designed for testing the security of the customer’s own network. However, investigators obtained communications between the administrators of the DDoS-for-hire services and their customers, and the messages “make clear that both parties are aware that the customer is not attempting to attack their own computers,” the FBI said.

Authorities pointed out that the DDoS attack services were shut down just before Christmas, when a significant increase in attacks is expected against online gaming services.

Some of the targeted DDoS-for-hire websites display a message informing visitors that they have been seized by the FBI, while others are no longer accessible or display a “closed” message. However, a few of the websites appear to still be accessible at the time of writing.

The seizure message includes the logo of Europol, as well as law enforcement agencies in the UK, the Netherlands, Germany, and Poland.

The DoJ said some of these agencies have launched ad campaigns in search engines to inform and educate the public, and deter potential cybercriminals looking for DDoS services.

US authorities have also announced charges against six individuals living in the country. Two of them, John Dobbs, 32, of Hawaii, and Joshua Laing, 32, of New York, have been charged in Alaska for their alleged role in the operation of the booter services named IPStressor.com and TrueSecurityServices.io, respectively. Dobbs is said to have run the IPStressor service for more than a decade and Laing was allegedly involved in the cybercrime operation since 2014.

In addition, four people have been charged in Los Angeles, including Jeremiah Sam Evans Miller of Texas for running RoyalStresser.com, Angel Manuel Colon Jr. of Florida for running SecurityTeam.io, Shamar Shattock of Florida for running Astrostress.com, and Cory Anthony Palmer of Florida for running a booter service named Booter.sx.

All of the six suspects have been informed about the charges brought against them and they are expected to make their first appearance in court early next year.

Related: DDoS-for-Hire Service Admin Pleads Guilty

Related: Authorities Track Down Users of DDoS Services

Related: U.S. Authorities Take Down 15 DDoS-for-Hire Websites

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.

Ransomware

The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.