Prosecutors Charge 6 People for Allegedly Waging Massive DDoS Attacks (arstechnica.com) 16
Federal prosecutors have charged six people for allegedly operating websites that launched millions of powerful distributed denial-of-service attacks on a wide array of victims on behalf of millions of paying customers. From a report: The sites promoted themselves as booter or stressor services designed to test the bandwidth and performance of customers' networks. Prosecutors said in court papers that the services were used to direct massive amounts of junk traffic at third-party websites and Internet connections customers wanted to take down or seriously constrain. Victims included educational institutions, government agencies, gaming platforms, and millions of individuals. Besides charging six defendants, prosecutors also seized 48 Internet domains associated with the services.
"These booter services allow anyone to launch cyberattacks that harm individual victims and compromise everyone's ability to access the Internet," Martin Estrada, US attorney for the Central District of California, said in a statement. "This week's sweeping law enforcement activity is a major step in our ongoing efforts to eradicate criminal conduct that threatens the Internet's infrastructure and our ability to function in a digital world." The services offered user interfaces that were essentially the same except for cosmetic differences. The screenshot below shows the web panel offered by orphicsecurityteam.com as of February 28. It allowed users to enter an IP address of a target, the network port, and the specific type of attack they wanted. The panel allowed users to pick various methods to amplify their attacks. Amplification involved bouncing a relatively small amount of specially crafted data at a third-party server in a way that caused the server to pummel the intended victim with payloads that were as much as 10,000 times bigger.
"These booter services allow anyone to launch cyberattacks that harm individual victims and compromise everyone's ability to access the Internet," Martin Estrada, US attorney for the Central District of California, said in a statement. "This week's sweeping law enforcement activity is a major step in our ongoing efforts to eradicate criminal conduct that threatens the Internet's infrastructure and our ability to function in a digital world." The services offered user interfaces that were essentially the same except for cosmetic differences. The screenshot below shows the web panel offered by orphicsecurityteam.com as of February 28. It allowed users to enter an IP address of a target, the network port, and the specific type of attack they wanted. The panel allowed users to pick various methods to amplify their attacks. Amplification involved bouncing a relatively small amount of specially crafted data at a third-party server in a way that caused the server to pummel the intended victim with payloads that were as much as 10,000 times bigger.
So ... (Score:3)
on behalf of millions of paying customers
Who are these paying customers?
Re:So ... (Score:4)
Re: (Score:3)
Re: (Score:1)
(Modded down for exposing the truth yet again!!)
Re: (Score:2)
So, are they going to go after their customers? You can only provide a criminal service to criminals.
Good question. 2 million users. Might be a good time to buy stock in private prison companies.
Re: (Score:1)
Re: So ... (Score:3)
Re: (Score:2)
It turns out it is mostly infantile losers.
Hey! I'm a winner. Neener, neener!
Cloudflare should be charged, too (Score:1)
Dupe (Score:2)