View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
December 15, 2022

FBI bust seizes 48 domains that provide DDoS attacks at the click of a button

DDOS-as-a-Service crime ring taken offline by the FBI, as part of an international police investigation called Operation PowerOff.

By Claudia Glover

Six suspects have been charged by the US Department of Justice for their involvement in a Distributed Denial of Service-as-a-Service crime ring. “Booter” or “Stresser” platforms allow anyone to conduct DDoS attacks under the guise of providing DDoS attack stress-testing. The bust is part of an international crime investigation led by the Dutch government deemed Operation PowerOff. 

The FBI seizes 48 DDoS-as-a-Service domains to take down online crime syndicate targeting millions. (Photo by CHRISTOPHER E ZIMMER/Shutterstock)

Forty-eight domains were seized along with the six suspects Angel Manuel Colon Jr (37), John M. Dobbs (32), Joshua Laing (32), Jeremiah Sam Evans Miller (23),  Cory Anthony Palmer (22) and Shamar Shattock (19), alleged to be the ring leaders of the operation.

The National Crime Agency (NCA) in the UK also arrested an 18-year-old in Devon who is suspected of being an administrator on one of the sites. 

FBI bust seizes 48 domains

The defendants have been charged with running “Booter” or “Stresser” services from the now seized websites; RoyalStresser.com, SecurityTeam.io, Astrstress.com, IPStresser.com, Booter.sx and TrueSecurityServices.io.

The nefarious sites offered a range of packages and membership options, explains a release by the NCA, with prices ranging from $10 to $2,500 per month.

The now-seized websites would apparently allow a user to implement a powerful DDoS attack that would knock the target smartly offline. The provision of DDoSaaS meant that the barrier to entry for implementing DDoS attacks was dangerously lowered. 

DDoS attacks are illegal in the UK under the Computer Misuse Act 1990.

These booter services would allegedly attack a wide array of victims in the United States and abroad, including organisations in Education, Government and some gaming platforms, as well as millions of individuals, explains a statement released by the DoJ.

Content from our partners
Sherif Tawfik: The Middle East and Africa are ready to lead on the climate
What to look for in a modern ERP system
How tech leaders can keep energy costs down and meet efficiency goals

While some of these services claimed to offer “stresser” services that could purportedly be used for network testing, the FBI determined these claims to be a pretence. According to an affidavit released by the agency: “Thousands of communications between booter site administrators and their customers…make clear that both parties are aware that the customer is not attempting to attack their own computers.”

The sites seized in this bust were the biggest DDoSaaS on the market. The domain IPStresser.com had over one million registered users who conducted more than 30 million DDoS attacks between 2014 and 2022. The sites together targeted millions of individuals. 

Around a quarter of referrals received by the NCA’s Cyber Prevent Team involve individuals using booter services.

Frank Tutty from the NCA’s National Cybercrime Unit said, “This operation has taken out a significant proportion of the DDoS-for-hire marketplace, removing booter services which are a key enabler of this criminality.

“The perceived anonymity and ease of use afforded by booter services now means that DDoS has become an attractive entry-level crime, allowing individuals with little technical ability to commit cyber offences with ease.

“Users of these sites based in the UK have been identified and can expect a visit from the NCA or police in the coming months,” he said.

Operation PowerOff

The DDoSaaS bust is part of an international investigation called Operation PowerOff led by the Dutch Police, the UK’s National Crime Agency and Europol. 

The last big bust in the investigation was in April 2018 when investigators in the UK, US and the Netherlands seized the DDoSaaS service WebStresser.org, arresting administrators and halting the nefarious activities of 151,000 registered users responsible for launching up to four million DDoSS attacks over the space of four years, states a release by Europol.

The Netherlands Police, the NCA and the FBI Anchorage Field Office have been running advertising campaigns targeting people looking for cybercrime services on search engines. 

Those found to be searching for the service in the UK are met with messaging telling them DDoS is illegal, directing them to a Cyber Choices webpage. 

“Stresser websites make powerful weapons in the hands of cybercriminals,” said Jaap van Oss, Dutch Chairman of the Joint Cybercrime Action Taskforce (J-CAT). “International law enforcement will not tolerate these illegal services and will continue to pursue its admins and users. This joint operation is yet another successful example of the ongoing international effort against these destructive cyberattacks.”

Topics in this article :
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU