FBI seizes multiple websites offering DDoS attacks for hire

How to exploit TFTP protocol to launch powerful DDoS amplification attacks

The agency will file charges against the individuals involved

Experts in ethical hacking and cybersecurity from the International Institute of Cyber Security report that the Federal Bureau of Investigation (FBI) has seized the domains of 15 websites offering services to launch distributed denial of service (DDoS) attacks; in addition, the agency has accused three people in charge of the operation of some of these sites.

These services, also known as “booters” or “stressers”, make available to anyone access to a network of infected devices (botnet) to launch DDoS attacks against any website, thereby interrupting their regular operations.

According to specialists in cybersecurity, holidays are specific dates in which some groups of hackers are more active; on previous occasions, malicious actors have attacked the networks of platforms like PlayStation, Xbox and similar services with DDoS attacks, ruining the Christmas of thousands of gamers.

“This kind of services could cause inconvenience to thousands of victims. In addition, it is important to note that this action occurs a few days before the Christmas holidays, a period historically plagued by prolific DDoS attacks,” mentions a statement from the agency.

As a background, last April, the Dutch police shut down Webstresser, the world’s largest DDoS for hire service, which helped cybercriminals to launch over 4 million attacks. The site administrators were arrested.

The sites seized by the FBI were advertised as legitimate network-stress testing services, some of the domains seized by the agency are:

·         criticalboot.com

·         ragebooter.com

·         anonsecurityteam.com

·         downthem.org

·         quantumstress.net

According to reports of experts on cybersecurity, these services would have been used in a wide range of attacks against organizations of all kinds in the United States, Latin America and other parts of the world, including banking institutions, universities, Government portals and online videogame platforms.

A few days ago, the U.S. attorney’s office filed charges against David Bukoski, 23, accused of operating the site Quantum Stresser, one of the most relevant DDoS services known, which had about 80k subscribers since 2012, whein it was created. It is estimated that during 2018, Quantum Stresser launched over 50k DDoS attacks against organizations around the world.

In addition to shutting down these 15 websites, the FBI has filed charges against Matthew Gatrel and Juan Martínez, individuals allegedly involved in the operation of some of these services.

This has been a heavy blow to the operators of these services and a warning to similar site operators. In addition, the FBI has announced that it will not only file charges against those responsible for operating these malicious services, but will also try to prosecute anyone who hire a DDoS attack or any other type of cyberattack.