The U.S. Department of Justice announced earlier today that the FBI has seized the domains of 15 websites offering “DDoS-for-hire” services and charged three individuals with operating some of these sites.
DDoS-for-hire, also known as “Booter” or “Stresser” services, rent out access to a network of infected devices that can be used by anyone, even the least tech-savvy person, to launch distributed denial-of-service (DDoS) attacks against any website and disrupt its access.
Multiple hacking groups have ruined Christmas Day for millions of gamers in recent years by bringing down PlayStation, Xbox, and other gaming server networks with massive DDoS attacks.
DoJ: “Booter services such as those named in this action are allegedly responsible for attacks against a wide range of victims in the United States and abroad, including financial institutions, universities, internet service providers, government systems, and various gaming platforms.”
“The action against the DDoS services occurs in the week preceding the Christmas holiday, a period historically plagued by numerous DDoS attacks in the gaming world.”
In April of this year, the Dutch police shut down and arrested the administrators of Webstresser, the world’s largest DDoS-for-hire service that helped cybercriminals launch over 4 million attacks.
On Thursday, the FBI seized 15 booter domains that were selling access to DDoS attacks under the guise of network stress-testing services.
- critical-boot.com
- ragebooter.com
- anonsecurityteam.com
- downthem.org
- quantumstress.net
- booter.ninja
- bullstresser.net
- defcon.pro
- str3ssed.me
- defianceprotocol.com
- layer7-stresser.xyz
- netstress.org
- request.rip
- torsecurityteam.org
- Vbooter.org
The alleged victims of these DDoS-for-Hire services in the United States and internationally include financial institutions, universities, internet service providers, government systems, and various gaming platforms.
David Bukoski, 23, of Pennsylvania, was charged by the U.S. Attorney’s Office on December 12 for operating Quantum Stresser, one of the longest-running DDoS services in operation with over 80,000 customer subscriptions as of November 29, 2012, since its launch in 2012.
Quantum Stresser was used to launch more than 50,000 “actual or attempted” DDoS attacks against victims in Alaska and California in 2018 alone.
These DDoS-for-hire services pose a significant national threat, according to U.S. Attorney Bryan Schroder. These coordinated investigations and prosecutions demonstrate the significance of district-to-district cooperation and coordination with public sector partners.
The FBI has also filed criminal complaints against two alleged cybercriminals, Matthew Gatrel, 30, and Juan Martinez, 25, who were allegedly associated with the DDoS-for-hire services known as ‘Downthem’ and ‘Ampnode’
According to the FBI, between October 2014 and November 2018, Downthem had over 2,000 customer subscriptions and was used to “conduct or attempt to conduct over 200,000 DDoS attacks.”
The recent crackdown serves as a warning not only to would-be DDoS resellers but also to users who rent out these services, as the FBI warns that it will pursue legal action against anyone who pays for such services.
