Federal prosecutors in Los Angeles and Alaska have charged six people for operating prominent DDoS-for-hire services that enabled distributed denial-of-service attacks for paying customers.
As part of the operation, authorities seized 48 internet domains linked to these services. The FBI is actively taking control of websites that allowed users to purchase DDoS attacks.
Some of the seized platforms marketed themselves as “stresser” services, tools that can be legitimately used by network administrators or security professionals to test defenses. However, investigators found widespread evidence that customers used these sites to target systems they did not own or control.
According to the FBI, “thousands of communications between booter site administrators and their customers … make clear that both parties are aware that the customer is not attempting to attack their own computers.” This correspondence helped build the case that the services were being used to facilitate criminal attacks.
Prosecutors moved before the holiday season, a period when DDoS attacks typically rise. Attackers often target online gaming platforms and communication services during peak times to cause maximum disruption.
“Criminals are increasingly targeting essential services and our critical infrastructure with DDoS attacks that can cost victims valuable time, money and reputational harm,” said Donald Alway, Assistant Director in Charge of the FBI’s Los Angeles Field Office.
“Whether a criminal launches an attack independently or pays a skilled contractor to carry one out, the FBI will work with victims and use the considerable tools at our disposal to identify the person or group responsible,” he added.
To discourage use of these illegal services, the FBI has joined the UK’s National Crime Agency and the Netherlands Police in an advertising campaign. The initiative targets search terms associated with DDoS services, displaying ads that emphasize the illegality and consequences of hiring or using such platforms.
“These booter services allow anyone to launch cyberattacks that harm individual victims and compromise everyone’s ability to access the internet,” said United States Attorney Martin Estrada. “This week’s sweeping law enforcement activity is a major step in our ongoing efforts to eradicate criminal conduct that threatens the internet’s infrastructure and our ability to function in a digital world.”
The coordinated operation involved numerous law enforcement agencies, including FBI field offices in Albany, Honolulu, Miami, Philadelphia and San Antonio, alongside international partners: the UK’s National Crime Agency, the Netherlands Police, EUROPOL, and the Brandon Police Service in Manitoba, Canada.
Several private-sector organizations also supported the takedown, contributing intelligence, technical assistance, or other resources. Those companies included Akamai, Cloudflare, DigitalOcean, the Entertainment Software Association, Google, Oracle, Palo Alto Networks’ Unit 42, PayPal, Unit 221B, the University of Cambridge, and Yahoo.
(Photo by niu niu on Unsplash)
Want to learn more about cybersecurity and the cloud from industry leaders? Attend Cyber Security & Cloud Expo, held in Amsterdam, California and London, to hear from experts on defending infrastructure and managing cloud security risks.
Discover other upcoming enterprise technology events and webinars powered by TechForge through their events listings.