Jump to content
  • FBI seized domains linked to 48 DDoS-for-hire service platforms

    alf9872000

    • 416 views
    • 4 minutes
     Share


    • 416 views
    • 4 minutes

    The US Department of Justice has seized 48 Internet domains and charged six suspects for their involvement in running ‘Booter’ or ‘Stresser’ platforms that allow anyone to easily conduct distributed denial of service attacks.

     

    Booters are online platforms allowing threat actors to pay for distributed denial-of-service attacks on websites and Internet-connected devices. Essentially, they are "booting" the target off of the Internet.

     

    Stressers offer the same DDoS features but claim to be provided for legitimate testing of the reliability of web services and the servers behind them.

     

    "Some sites use the term "stresser" in an effort to suggest that the service could be used to test the resilience of one's own infrastructure; however, as described below, I believe this is a façade and that these services exist to conduct DDoS attacks on victim computers not controlled by the attacker, and without the authorization of the victim," reads an affidavit by FBI Special Agent Elliott Peterson out of the Alaska field office.

     

    To use these services, threat actors register an account and deposit cryptocurrency, which is then used to pay for the services.

     

    stressor-test.jpg

    DDoS test conducted by Special Agent Peterson from one of the seized domains
    Source: FBI

     

    While almost all booter/stresser sites require a subscriber to agree not to use the services to conduct attacks, many of these services are promoted on hacker forums and criminal marketplace.

     

    In many cases, the platforms' owners themselves promote deals and coupons on cybercrime sites or use affiliates who earn commissions for promoting the service.

    Targeting DDoS platforms worldwide

    Today, the US Attorney’s Office in the Central District of California and the US Attorney’s Office in the District of Alaska have announced the charging of six individuals for operating booter/stressor sites.

     

    "These booter services allow anyone to launch cyberattacks that harm individual victims and compromise everyone's ability to access the internet," said United States Attorney Martin Estrada. "This week's sweeping law enforcement activity is a major step in our ongoing efforts to eradicate criminal conduct that threatens the internet's infrastructure and our ability to function in a digital world."

     

    The suspects include a person from Texas, three from Florida, one from New York, and another from Hawaii who allegedly operated various stressor/booter sites, including RoyalStresser.com, SecurityTeam.io, Astrostress.com, Booter.sx, Ipstressor.com, and TrueSecurityServices.io.

     

    As part of a more extensive operation against DDoS platforms, dubbed Operation PowerOFF, the FBI and international law enforcement are seizing 48 Internet (complete list at the end of article) for stressor and booter platforms worldwide.

     

    Once the domains have officially been seized and transferred to DNS used by law enforcement, they will display a seizure message warning that these services are illegal, as shown below.

     

    seizure-message.jpg

    Seizure message to be added to seized domains
    Source: DOJ

     

    Thom Mrozek, the Media Relations Director for the US Attorney's Office Central District of California, told BleepingComputer that the FBI is currently working with domain authorities to apply the seizure messages but that the platforms are no longer functioning.

     

    The FBI is also working with the United Kingdom's National Crime Agency and the Netherlands Police to display ads in search engines when people search for booter services.

     

    For example, when searching for 'booter service' on Google, the search engine showed us an advertisement stating, "Looking for DDoS tools? Booting is illegal."

     

    booter-ad.jpg

    Google ad was taken out by UK's NCA
    Source: BleepingComputer

     

    The UK advertisement leads to a Cyber Choices page offering information on how people can "make informed choices and to use their cyber skills in a legal way." A similar advertisement from the FBI leads to a web page managed by the Anchorage field office explaining how DDoS attacks are illegal.

     

    The complete list of domains seized by the FBI is available below:

    anonboot.com 
    api-sky.xyz
    astrostress.com
    booter.sx
    booter.vip
    brrsecurity.org
    buuter.cc
    cyberstress.us
    dragonstresser.com
    dreams-stresser.io
    freestresser.so
    instant-stresser.com
    ipstress.org
    ipstress.vip
    ipstresser.wtf
    orphicsecurityteam.com
    ovhstresser.com
    quantum-stresser.net
    redstresser.cc
    royalstresser.com
    silentstress.net
    stresser.app
    stresser.best
    stresser.gg
    stresser.is
    stresser.net/stresser.org
    stresser.one
    stresser.so
    stresser.top
    supremesecurityteam.com
    truesecurityservices.io United States France Namecheap 1
    vdos-s.co
    zerostresser.com
    ipstresser.xyz
    kraysec.com
    securityteam.io
    blackstresser.net
    ipstresser.com
    ipstresser.us
    stresser.shop
    exotic-booter.com
    mcstorm.io
    nightmarestresser.com
    shock-stresser.com
    stresserai.com
    sunstresser.com
    bootyou.net
    defconpro.net

     

    Source


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...