The US Department of Justice measured the domains of 13 DDoS-for hire services as part of an ongoing initiative to combat Internet threats.
The providers of these illegal service platforms describe them as “booter” or “stressor” services that allow site admins to test the strength and stability of their infrastructure. Almost, if not all, are patronized by people to take revenge on sites they don’t like or to further extort, bribe, or other forms of graft.
The international law enforcement initiative is known as Operation PowerOFF. In December, federal authorities seized another 48 domains. Ten of them came back with new domains, many similar to their previous names.
“Ten of the 13 domains seized today are reincarnations of services seized in an earlier sweep in December, which targeted 48 top booter services,” the Justice Department said. “For example, one of the domains seized this week—cyberstress.org—appears to be the same service operated under the domain cyberstress.us, which was seized in December. While many of the previously disrupted booter services have not returned, today’s action shows law enforcement’s commitment to targeting operators who choose to continue their criminal activities.
According to a seizure warrant filed in federal court, the FBI used live accounts available through the services to seize high-bandwidth sites under FBI control.
“The FBI tested each of the services related to the SUBJECT DOMAINS, meaning agents or other personnel visited each of the websites and used previous login information or registered a new one. service account to conduct attacks,” FBI Special Agent Elliott Peterson wrote in the affidavit. “I believe that each of the SUBJECT DOMAINS is used to facilitate the execution of attacks against unknowing victims to prevent victims from accessing the Internet, to disconnect the victim from or reduce communication to established Internet connections, or cause other similar damage.”
The Justice Department also said in Monday’s announcement that four of the defendants indicted in December pleaded guilty earlier this year. Those defendants and their pleas are:
- Jeremiah Sam Evans Miller, aka “John The Dev,” 23, of San Antonio, Texas, pleaded guilty on April 6 to conspiracy and violating the computer fraud and abuse act in connection with the operation of a booter service called RoyalStresser .com (formerly known. as Supremesecurityteam.com);
- Angel Manuel Colon Jr., aka “Anonghost720” and “Anonghost1337,” 37, of Belleview, Florida, pleaded guilty on February 13 to conspiracy and violating the computer fraud and abuse act in connection with the operation of the booter service that named SecurityTeam.io;
- Shamar Shattock, 19, of Margate, Florida, pleaded guilty on March 22 to conspiracy to violate the computer fraud and abuse act in connection with the operation of the booter service known as Astrostress.com; and
- Cory Anthony Palmer, 23, of Lauderhill, Florida, pleaded guilty on February 16 to conspiracy to violate the computer fraud and abuse act in connection with the operation of the booter service known as Booter.sx.
DDoS refers to distributed denial-of-service attacks, where hundreds of thousands of sites simultaneously direct streams of junk traffic at a given site to make it “denial of service” to normal users.