Justice Department Targets 13 Websites Linked to DDoS-for-Hire
Ten of the domains targeted today were "reincarnations" of services seized in December 2022.
On May 8, the Justice Department announced a court-authorized seizure of 13 Internet domains linked to stressor or booter platforms, more formally known as DDoS-for-hire services.
This is the third wave of US law enforcement action against these kinds of services that allow users to pay for distributed denial-of-service attacks (DDoS), which overload targeted machines with an onslaught of information and disrupt operations, including accessing the Internet. Not only this, but DDoS attacks can "completely sever Internet connections for other customers serviced by the same Internet service provider." Thousands of users pay for these services to launch millions of attacks against countless organizations, including schools, universities, government websites, and financial institutions, the Justice Department said in the release.
In December 2022, nearly 50 booter services were targeted and seized by US law enforcement and 10 of the 13 that were targeted today are "reincarnations of services that were seized" during the sweep in December. As the Justice Department cracks down on operators, they stress that investigations into these services will continue.
"Victims who are attacked by such services, or those providing Internet services to the victims, often have to 'overprovision,' that is, pay for increased Internet bandwidth in order to absorb the attacks, or subscribe to DDoS protection services, or purchase specialized hardware designed to mitigate the effects of DDoS attacks," stated the affidavit supporting the seizure warrants. "The prices of such overprovision or DDoS protection services are usually significantly more expensive than the cost of a given booter service."
About the Author
You May Also Like
DevSecOps/AWS
Oct 17, 2024Social Engineering: New Tricks, New Threats, New Defenses
Oct 23, 202410 Emerging Vulnerabilities Every Enterprise Should Know
Oct 30, 2024Simplify Data Security with Automation
Oct 31, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024