IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

US begins seizure of 48 DDoS-for-hire services following global investigation

Six people have been arrested who allegedly oversaw computer attacks launched using booters

The US' Department of Justice (DoJ) has begun the seizure of 48 DDoS-for-hire services and brought criminal charges against six individuals involved.

Also involved in the operation is the FBI which was granted approval to take control of the websites as part of a wider international anti-cyber crime operation, the DoJ revealed on Wednesday. 

The six arrested defendants allegedly oversaw cyber attacks launched from platforms known as booters. These are services which boot, or drop, a targeted computer from the internet. The services allegedly attacked millions of individuals in the US and around the world, including government agencies, gaming platforms, and educational institutions. The DoJ said that the attacks can also degrade internet services and disrupt connections.

Each defendant allegedly operated at least one site that offered services and subscriptions to booter services, said the DoJ. In each case, the FBI masqueraded as a genuine client and carried out test attacks to confirm the sites functioned as advertised. 

Criminal charges have been filed against two defendants in Alaska: John M. Dobbs who allegedly operated IPStressor.com, and Joshua Laing who allegedly operated TrueSecurityServices.io.

In Los Angeles, four defendants have had criminal charges filed against them. Jeremiah Sam Evans Miller was accused of running RoyalStresser.com, Angel Manuel Colon Jr. allegedly ran SecurityTeam.io, Shamar Shattock allegedly operated Astrostress.com, and Cory Anthony Palmer, who was accused of running Booter.sx.

Millions of DDoS attacks were launched from the websites involved, targeting victims across the world, said the DoJ. Some of the services offered “stresser” services which the websites claimed were used for network testing. However, the FBI found that this was a pretence as the site admins and customers are aware that the customer is not attempting to attack their own computers.

“These DDoS-for-hire websites, with paying customers both inside and outside the United States, facilitated network disruptions on a massive scale, targeting millions of victim computers around the world,” said Antony Jung, the FBI special agent in charge of the case.

“Potential users and administrators should think twice before buying or selling these illegal services. The FBI and our international law enforcement partners continue to intensify efforts in combating DDoS attacks, which will have serious consequences for offenders.” 

The arrests were made through work carried out in Operation Power OFF, an internationally coordinated effort between law enforcement agencies aiming to take apart DDoS-for-hire schemes across the world.

Other agencies provided the DoJ with assistance in the operation including the UK's National Crime Agency (NCA), Netherlands Police, Europol, and the Brandon Police Service in Canada. It also received support from companies in the private sector including Akamai, Cloudflare, Oracle, Google, Palo Alto Networks, Paypal, as well as the University of Cambridge.

According to the department, the coordinated law enforcement action took place before the holiday period, which usually sees an increase in DDoS attacks across the gaming world.

“Whilst I don’t think that this is insignificant, I do not believe that it will have that much effect on the use of companies like this to perform DDoS attacks,” said Leon Teale, senior penetration tester at IT Governance to IT Pro. “Overall, these site organisers who offer this service know full well the intent of its use and do so regardless of it being illegal and unethical.”

Teale said that the fact the FBI has managed to shut down the companies is simply a statistics game, as users that pay for the services will move to another.

“I suspect there will be a drop in DDoS attacks because of these sites shutting down, but I can’t imagine it will put much of a dent in the overall number of attacks that go on each day across the world,” he added.

At the same time, the FBI, the NCA, and the Netherlands Police have released an advertising campaign to deter potential cyber criminals from using DDoS services. The campaign is in the form of a targeted placement ad which appears in search engines and is triggered by DDoS keywords.

Featured Resources

What 2023 will mean for the industry

What do most IT decision makers really think will be the important trends and challenges in the coming year?

Free Download

2022 Magic quadrant for Security Information and Event Management (SIEM)

SIEM is evolving into a security platform with multiple features and deployment models

Free Download

IDC MarketScape: Worldwide unified endpoint management services

2022 vendor assessment

Free Download

Magic quadrant for application performance monitoring and observability

Enabling continuous updating of diverse & dynamic application environments

View Now

Recommended

IRS mistakenly publishes 112,000 taxpayer records for the second time
data breaches

IRS mistakenly publishes 112,000 taxpayer records for the second time

19 Dec 2022
US seizes millions in stolen COVID relief funds by China-backed hackers
Policy & legislation

US seizes millions in stolen COVID relief funds by China-backed hackers

6 Dec 2022
Biden sets June deadline for $42 billion broadband funding outline
Network & Internet

Biden sets June deadline for $42 billion broadband funding outline

11 Nov 2022
FCC eyes formal ban of all Huawei, ZTE equipment sales
Policy & legislation

FCC eyes formal ban of all Huawei, ZTE equipment sales

14 Oct 2022

Most Popular

Dutch hacker steals data from virtually entire population of Austria
data breaches

Dutch hacker steals data from virtually entire population of Austria

26 Jan 2023
GTA V vulnerability exposes PC users to partial remote code execution attacks
vulnerability

GTA V vulnerability exposes PC users to partial remote code execution attacks

23 Jan 2023
European partners expect growth this year, here are three ways they will achieve it
Sponsored

European partners expect growth this year, here are three ways they will achieve it

17 Jan 2023