The FBI took down fifteen domains selling DDoS-as-a-service and charged three men for running the illegal services in one of the largest simultaneous stresser domain take downs. These services called booter or stresser are a marketing strategy used cybercriminals to make money renting out a space to anyone, including non-technical people who wish to attack an organization or person for a low cost.
In a successful DDoS attack, networks are overloaded with internet traffic which eventually knock websites or networks. Over the past several years, booter services are becoming a more prevalent tool of choice for attackers when launching DDoS attacks. These services can be used by anyone with little knowledge about computers and are low costing.
The Department of Justice (DOJ) said:
“Booter services such as those named in this action allegedly cause attacks on a wide array of victims in the United States and abroad, including financial institutions, universities, internet service providers, government systems, and various gaming platforms”
The 15 domains seized by the FBI on Thursday were:
- bullstresser.net
- anonsecurityteam.com
- defianceprotocol.com
- ragebooter.come.
- str3ssed.me
- quantumstress.net
- booter.ninja
- downthem.org
- netstress.org
- layer7-stresser.xyz
- critical-boot.com
- Torsecurityteam.org
- Vbooter.org
- defcon.pro
- request.rip
In the global hunt down, involving the Department of Justice, Netherlands Police, UK’s National Crime Agency, and several big organizations like Flashpoint, three men running the services were indicted. Theses men included Mathew Gatrel, Jaun Martinez, and Davida Bukoski, all from the United States. Mathew Gatrel and Juan Martinez from California, ran two domains: ‘downthem.org’ and ‘ampnode’. Davida Bukoski from Pennsylvania was charged with running ‘quantumstrees.net’.
A Los Angeles Federal court, said services from just ‘downthem.org’ website were bought by 2,000 people and helped hit 200,000 targets, including gaming web sites, banks, and universities, from October 2014 to November 2018. There were 80,000 purchases made on Quantum since 2012 and in just 2018, 80,000 DDoS attacks were launched.
Several U.S Attorneys have commented saying the seize of these types of services are just beginning and they are committed to get rid of these services online.
Assistant Attorney General Benczkowski has stated:
“The operators and the customers of DDoS-for-hire services should be on notice that the Department of Justice will aggressively prosecute those who perpetrate malicious cyber attacks.”
U.S Attorney Hanna said:
“While this week’s crackdown will have a significant impact on this burgeoning criminal industry, there are other sites offering these services – and we will continue our efforts to rid the internet of these websites. We are committed to seeing the internet remain a forum for the free and unfettered exchange of information.”
If your organization has been hit with an attack contact LIFARS Incident Response Team
