The UK’s National Crime Agency (NCA) revealed today that it has created several fake DDoS-for-hire service websites to identify cybercriminals who use these platforms to attack organisations.

DDoS services for hire, also known as booters, are online platforms offering to generate massive HTTP requests to a website or online service in exchange for money that overwhelms the web server and takes it offline .

These illegal services are bought by people aiming to take down a site or disrupt an organization’s operations for various reasons including espionage, revenge, extortion, and political reasons.

Since these services are inexpensive and do not require any special knowledge or experience, they allow anyone to commit cyber crimes with little effort.

According to the NCA, several thousand people accessed its fake sites, which had the realistic appearance of a genuine startup service. However, instead of providing access to DDoS tools, they only served to collect information about those who wanted to use these services.

After successfully infiltrating the cybercrime market and gathering information on those buying illegal services, the agency exposed the operation by displaying a homepage on just one of its fake sites.

However, the NCA warns that many fake startup sites operated by law enforcement are still used to gather information about cybercriminals.

This homepage informs users that their data has been collected and that law enforcement authorities will contact them shortly, as indicated below.

Banner seen by fake site visitors
Banner seen by visitors to the fake DDoS-for-hire site (NCA)

“The National Crime Agency has collected substantial data from those who have accessed our domain. We will share this data with international law enforcement for action. the fake DDoS boot site.

“The National Crime Agency has been and will run more services like this site.”

“Operation PowerOFF has already resulted in the arrest of many people and continues to ensure that users are held accountable for their criminal activities.”

These fake sites are part of “Power off operation“, an ongoing international law enforcement involving the US FBI, the Dutch National Police Corps, the UK National Crime Agency, Germany’s Federal Criminal Police Office and the Bureau of Polan National Cybercrime Police.

Users based in the UK will be contacted by the NCA, while the data of those overseas will be passed on to the relevant law enforcement agencies.

The tactic of exposing just one of the many fake DDoS for rent sites operated by the agency is sparking fear and doubt across the community, impacting all platforms in this market.

“We won’t disclose how many sites we have or how long they’ve been running,” comments NCA agent Alan Merret.

“In the future, people who want to use these services can’t be sure who is really behind them, so why take the risk?”

In December 2022, the United States Department of Justice and the FBI announced the input of 48 domains which sold “booter” services as part of “Operation PowerOFF”.

Following this action, the authorities also charged six suspects for their direct involvement in these illegal services.

The NCA explains that while takedowns and arrests are still a key part of countering the threat, their latest tactics extend the impact of their operations to undermine trust in criminal markets and stop DDoS attacks at their source.



Source link