Feds shut down 13 further DDoS-for-Hire services.

The Federal Bureau of Investigation (FBI) in the United States acquired 13 domain names this week that were linked to “booter” services that allowed paying users to launch devastating distributed denial-of-service (DDoS) attacks. Ten of the domains are reincarnations of booter-related DDoS-for-hire services that the FBI confiscated in December 2022 after charging six American males with computer crimes.

Booter services are promoted in a number of ways, including chat rooms on the Dark Web, forums, and even YouTube.com. They accept payments through PayPal, Google Wallet, and/or cryptocurrencies, and monthly subscriptions can cost anything from a few dollars and several hundred. The cost of the services is often determined by the amount of traffic that will be directed at the target, the length of each attack, and the number of concurrent attacks involved.

This week, the FBI changed the homepages of several websites with seizure notifications, including booter services like cyberstress.org and exoticbooter.com, which the government claims were used to launch millions of attacks against millions of victims.

Federal prosecutors in Los Angeles said in a statement.” “School districts, universities, financial institutions and government websites are among the victims who have been targeted in attacks launched by booter services,”

Booters and “stressers” vendors assert that they are not accountable for how clients use their services and that they are not breaking the law because, like most security solutions, these services can be used for good or ill purposes. The majority of booter websites have lengthy “terms of use” clauses that demand users confirm they would only stress-test their own networks and won’t use the service to attack other networks.

The DOJ, however, claims that these disclaimers frequently fail to mention that the majority of booter services largely rely on continuously monitoring the Internet to seize improperly configured computers, which is essential for maximizing the scope and impact of DDoS attacks. Additionally, none of the services that the authorities confiscated demanded that users provide proof that they are the owners of the Internet addresses being stress-tested, as a genuine testing business would require.

Richard Clayton, director of Cambridge University’s Cybercrime Centre said that the FBI’s repeated seizing of booter domains may seem like an endless game of virtual Whac-a-Mole, continuously taking these services offline imposes high enough costs for the operators that some of them will quit the business altogether.

This Statement leads after the third in a string of operations by domestic and foreign law enforcement agencies against booter services. Six American males were accused of computer crimes in connection with their claimed ownership of the well-known DDoS-for-hire services in December 2022, and the federal government seized four dozen booter domains. The federal government targeted 15 booter sites in December 2018 as well as three booter store defendants who eventually entered guilty pleas.

If you like this article, follow us on our LinkedIn and Facebook handles for more exclusive content like this!

Our Readers ALSO READ

Toyota Japan Data At Risk After a Decade-Long-Breach