An international operation has seen the removal of 48 of the world’s most used ‘booster’ sites suspected of being used by cyber-criminals to make distributed denial-of-service (DDoS) attacks.
This is a malicious attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming it with traffic originating from many different sources.
Operation PowerOFF saw the UK’s National Crime Agency (NCA), collaborating with the FBI, the Dutch Police and European Union law enforcement agency Europol.
As well as taking down the websites, the operation saw the arrest of an 18-year-old man in Devon who is suspected of being the administrator of one of the sites, and charges made against six people in the US.
Anyone attempting to visit the websites will now see a law enforcement message saying that they have been seized and cannot be used.
The NCA said data is now being examined and that action would also be taken against users of the sites in the near future.
Many of the sites had claimed to be penetration testing platforms, allowing ‘ethical hackers’ to test the resilience of systems and networks for legitimate testing purposes.
The FBI said that thousands of messages between users and admins made it clear that this was not the case.
Booster sites can enable anyone to make DDoS attacks
Booster services like those alleged to have been offered on the websites allow cyber-criminals and malicious actors to quickly set up an account and order an attack, with little technical knowledge needed.
They offer a range of prices and membership options, much like any legitimate online service.
In the UK, however, DDoS attacks are illegal under the Computer Misuse Act of 1990 – as visitors to the seized addresses will now be informed.
The NCA said that the combined sites removed in the operation represented the biggest potential for DDoS-for-hire on the market, with just one of the sites having been used to make more than 30 million attacks.
Frank Tutty of the NCA’s National Cyber Crime Unit described booster sites as a key enabler of this type of criminal behaviour, adding that the operation had taken out a ‘significant proportion’ of the DDoS-for-hire market.
The seizures are likely to have a serious impact on cyber-criminals’ ability to mount DDoS attacks, with these types of attack typically spiking in the run-up to Christmas.
Today’s news was brought to you by TD SYNNEX – the UK’s number one solutions distributor.
