50 DDoS-For-Hire domains and 7 people collared by police around the globe for involvement in tens of millions of DDoS attacks worldwide.
According to the US Justice Department announcement, 48 domain seizures and criminal charges against six individuals on Wednesday. On the other hand, Europol has reported 50 takedowns as part of this Operation Power Off. Europol mentioned one of the heinous sites deployed more than 30 million attacks. 7 people suspected as booter site administrators have been detained so far.
According to an FBI affidavit [PDF] filed, some of the sites superficially helped organizations test if their networks can withstand DDoS attacks. Investigation into this suggests both parties are aware that the customer is not attempting to attack their own computers.
Managed DDoS-for-hire services are becoming increasingly popular and are used by a large number of organizations, including educational institutions, government agencies, gaming platforms, and millions of individuals. Law enforcement agencies have been pursuing these services because they’re often used to disrupt sales – which is especially common during the Christmas holiday season when IT administrators may be on paid time off.
The FBI, UK’s National Crime Agency, and the Netherlands police have launched an undercover advertising campaign in which these agencies served ads on search engines based on keywords associated with DDoS activities. The ads aim to deter individuals who seek services for DDoS attacks, as well as to educate the public about what cybercriminals are doing and how their crimes are being committed.
In addition to the DDoS takedowns, authorities in the US filed charges against six defendants who ran at least one booter website. For each one, the FBI posed as a customer and conducted test attacks to verify that the DDoS-for-hire site functioned as advertised.
7 People Suspected as Booter Site Administrators
Jacob Sam Evans Miller, of San Antonio, TX, is the alleged operator of a booter service named RoyalStresser.com, earlier known as Supremesecurityteam.com. On July 27th, 2016 he was charged with conspiracy to violate and violating the Computer Fraud and Abuse Act.
Angel Manuel Colon Jr., also known as “Anonghost720” and “Anonghost1337,” 37, of Belleview, Florida has been charged with conspiracy to abuse and violating the Computer Fraud and Abuse Act related to a service named SecurityTeam.io.
Shamar Shattock, a 19-year-old Florida resident, is charged with conspiracy for running a booter service known as Astrostress.com.
Cory Anthony Palmer, a 22-year-old from Lauderhill, Florida, has been charged with conspiracy for allegedly running a service known as Booter.sx.
The 32-year-old John M. Dobbs of Honolulu, Hawaii, who was charged with committing violations of the Computer Fraud and Abuse Act related to his alleged operation of a booter service named Ipstressor.com between 2009 and November 2022, has been sentenced to prison time for 6-8 years.
Joshua Laing of LIVERPOOL, NY has been indicted for operating a booter service called TrueSecurityServices.io, which was active between 2014 and November 2022.
The National Crime Agency has not released the name of the suspected UK site administrator arrested in relation to the DDoS operation.
Uber Confirms Data Breach after Third-Party Vendor is Hacked
TPG Telecom Ltd Email Breach Targets Customers’ Cryptocurrency and Financial information
Citrix ADC and Gateway Zero-Day Vulnerability Exploited by Hackers Actively