In a coordinated effort revealed Thursday, the FBI took down 15 sites that offer DDoS-for-hire services and the Department of Justice indicted three men for allegedly running several businesses that support and facilitate the attacks.
The takedown is part of a years-long effort by the FBI and the Justice Department to target DDoS services and their operators. Distributed denial-of-service (DDoS) attacks have been a problem for two decades and many media and shopping sites see large-scale attacks on a regular basis. Cybercriminals often target each other’s infrastructure with DDoS attacks and politically motivated attackers use them to go after their opponents’ sites around the world.
But there is also another tier of DDoS attacks that are the work of the hired guns known as booter or stresser services. These services offer to target whatever site a paying customer wants for a price. Some offer subscription services that will attack a given site periodically. Booter services aren’t a new phenomenon and the FBI has been tracking them for some time, but Thursday’s takedowns and the concurrent indictments are timed to coincide with the holiday season, which is prime time for DDoS attacks against gaming sites.
Among the sites the FBI seized are critical-boot.com, ragebooter.com, downthem.org and quantumstress.net.
“The attack-for-hire websites targeted in this investigation offered customers the ability to disrupt computer networks on a massive scale, undermining the internet infrastructure on which we all rely,” said U.S. Attorney Nicola Hanna of the Central District of California.
“While this week’s crackdown will have a significant impact on this burgeoning criminal industry, there are other sites offering these services – and we will continue our efforts to rid the internet of these websites. We are committed to seeing the internet remain a forum for the free and unfettered exchange of information.”
As part of the takedown operation, the Justice Department charged Matthew Gatrel of St. Charles, Ill., and Juan Martinez of Pasadena, Calif., with conspiring to violate the Computer Fraud and Abuse Act, and also charged David Bukoski of Hanover Township, Pa., with allegedly running the Quantum Stresser service.
As part of the investigation, FBI agents tested out about 20 different booter services, signing up for cheap packages to see how the services operated. They launched test attacks on protected machines in order to verify the effects, and then narrowed the scope of the investigation to the 15 sites that eventually were seized.
“Each of the tested services at each of the SUBJECT DOMAINS contained similar user interfaces and attack tools. Therefore, combined with the data generated through the testing of each of these domains, I believe that each SUBJECT DOMAIN is being used to facilitate the commission of attacks against unwitting victims to prevent the victims from accessing the Internet,” the affidavit from the FBI says.
“DDoS attacks are serious crimes that can cause real harm, as shown by the wide range of sectors allegedly victimized in this case,” said Assistant Attorney General Brian Benczkowski. “The operators and the customers of DDoS-for-hire services should be on notice that the Department of Justice will aggressively prosecute those who perpetrate malicious cyber attacks.”