[BreachExchange] U.S. Authorities Take Down 15 DDoS-for-Hire Websites

Mon Dec 24 18:34:44 EST 2018

https://www.securityweek.com/us-authorities-take-down-15-ddos-hire-websites

*The Federal Bureau of Investigation (FBI) this week seized 15 domains
associated with DDoS-for-hire services, the Department of Justice
announced. *

In addition to taking down the websites, which allowed users to launch
powerful distributed denial-of-service (DDoS) attacks, the authorities
charged three individuals who facilitated the computer attack platforms.

Through the seized websites, users could pay to cripple targeted networks
by flooding them with traffic. Called “booters” or “stressers,” such
services allegedly cause attacks on various victims in the United States
and abroad, including financial institutions, universities, Internet
service providers, government systems, and various gaming platforms.

The websites (including critical-boot(.)com, ragebooter(.)com,
downthem(.)org and quantumstress(.)net) were seized on Dec. 19, pursuant to
warrants issued by the U.S. District Court for the Central District of
California. The services provided easy access to attack infrastructure and
various payment options, including Bitcoin, and were relatively low cost,
an affidavit in support of the warrant reveals.

“Each of the services was tested by the FBI, which verified those DDoS
attack services offered through each of the seized websites. While testing
the various services, the FBI determined that these types of services can
and have caused disruptions of networks at all levels,” the DoJ
announcement reads.

Also on Dec.19, Matthew Gatrel, 30, of St. Charles, Illinois, and Juan
Martinez, 25, of Pasadena, California, were charged for operating the
Downthem and Ampnode services. A criminal complaint filed in Los Angeles
claims Downthem offered DDoS services directly to users, while Ampnode
provided resources needed to create standalone DDoS services.

Between Oct. 2014 and Nov. 2018, Downthem had over 2,000 customer
subscriptions and was used to launch or attempt to launch over 200,000 DDoS
attacks.

On Dec. 12, David Bukoski, 23, of Hanover Township, Pennsylvania, was
charged for operating Quantum Stresser, one of the longest-running
DDoS-for-hire services. Launched in 2012, the service had over 80,000
customer subscriptions as of Nov. 29 and was used to launch over 50,000
actual or attempted DDoS attacks.

“The attack-for-hire websites targeted in this investigation offered
customers the ability to disrupt computer networks on a massive scale,
undermining the internet infrastructure on which we all rely.  While this
week’s crackdown will have a significant impact on this burgeoning criminal
industry, there are other sites offering these services – and we will
continue our efforts to rid the internet of these websites,” U.S. Attorney
Nicola T. Hanna of the Central District of California said.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20181224/1f6ec462/attachment.html>