FBI seizes 15 DDoS-for-hire sites and saves gamers' Christmas

The FBI managed to capture 15 domains that were plaguing game servers, online services and major corporations with denial-of-service attacks

Just a week before Christmas, the FBI arrested three culprits that were actively participating in DDoS-for-hide schemes

The Federal Bureau of the Investigation announced some good news for video games players – the agency shut down 15 domains that specialized in DDoS for hire services and made arrests relating to the criminal activity. The operation came a week before Christmas, a period that was labeled as “historically plagued by prolific DDoS attacks in the gaming world” by the FBI.

The law enforcement managed to perform seizures due to warrants that were granted by a California federal judge on Thursday. The operation was performed under the federal seizures law,^[1] which resulted in several high-profile DDoS-for-hire domains to be shut down, including defcon.pro, netstress.org, quantumstress.net, vbooter.org, downthem.org, and many others.

The Department of Justice stated the following:^[2]

According to the affidavit in support of the warrant authorizing the seizure of the 15 websites, these services offered easy access to attack infrastructure, payment options that included Bitcoin, and were relatively low cost. Each of the services was tested by the FBI, which verified those DDoS attack services offered through each of the seized websites. While testing the various services, the FBI determined that these types of services can and have caused disruptions of networks at all levels.

DDoS attacks pose a serious risk to multiple organizations

DDoS-for-hire or “Booter”/”Stresser” services help even the least IT-savvy individuals to access a botnet^[3] which can be used for the distribution of targeted DDoS attacks against any site or server. The activity disrupts the operation of major companies and results in thousands or even millions of dollars in damages for the affected businesses.

The disruption caused by these attacks can result in the following symptoms:

• slow network
• website unavailability
• denial to access web-related services
• increased amount of spam emails
• server overload
• disconnections, etc.

The DDoS attacks are most actively used by malicious actors who had grudges against major gaming companies, such as Blizzard^[4] or Square Enix, for whatever reasons they might have. However, players suffered major disruptions by not being able to enter payment sites, official sites, as well as not being able to play games due to DDoS attacks.

Nevertheless, legitimate services like that do exist for users who would like to stress-tests their servers, and the price tag for such tests are relatively low. The FBI said that that there is a “low barrier to entry for users looking to engage in cybercriminal activity, representing an effective advance in internet attack technology.”

Crime and punishment: cyber edition

The author of Quantum Stresser (one of the major DDoS for hire sites that had over 80,000 subscribers) David Bukowski, 23, was presented with federal charges for running the illegal service. Additionally, Matthew Gatrel, 30, and Juan Martinez, 25, were also issued with the criminal complaint “Conspiracy to Commit Unauthorized Impairment of a protected Computer.”^[5]

Assistant Attorney General Benczkowski, said the following:

DDoS attacks are serious crimes that can cause real harm, as shown by the wide range of sectors allegedly victimized in this case. The operators and the customers of DDoS-for-hire services should be on notice that the Department of Justice will aggressively prosecute those who perpetrate malicious cyber attacks.

The seizure of multiple high-profile DDoS-for-hire servers was a massive victory for law enforcement, businesses, organizations, service providers, and gamers. Nevertheless, the battle will continue, as new domains of similar origin come to existence every day, aiming for easy profit.