The U.S. Department of Justice (DoJ) this week announced the seizure of 48 domains associated with the DDoS-for-Hire Service platforms (aka Booter services) used by threat actors.
Below is the list of domains seized by the FBI:
anonboot.com api-sky.xyz astrostress.com booter.sx booter.vip brrsecurity.org buuter.cc cyberstress.us dragonstresser.com dreams-stresser.io freestresser.so instant-stresser.com ipstress.org ipstress.vip ipstresser.wtf orphicsecurityteam.com ovhstresser.com quantum-stresser.net redstresser.cc royalstresser.com silentstress.net stresser.app stresser.best stresser.gg stresser.is stresser.net/stresser.org stresser.one stresser.so stresser.top supremesecurityteam.com truesecurityservices.io United States France Namecheap 1 vdos-s.co zerostresser.com ipstresser.xyz kraysec.com securityteam.io blackstresser.net ipstresser.com ipstresser.us stresser.shop exotic-booter.com mcstorm.io nightmarestresser.com shock-stresser.com stresserai.com sunstresser.com bootyou.net defconpro.net
The authorities charged six suspects, Jeremiah Sam Evans Miller (23), Angel Manuel Colon Jr. (37), Shamar Shattock (19), Cory Anthony Palmer (22), John M. Dobbs (32), and Joshua Laing (32), for running the platforms.
The defendands have been charged with conspiracy to violate and violating the computer fraud and abuse act related to the alleged operation of a booter service.
“The Justice Department today announced the court-authorized seizure of 48 internet domains associated with some of the world’s leading DDoS-for-hire services, as well as criminal charges against six defendants who allegedly oversaw computer attack platforms commonly called “booter” services.” reads the press release published by DoJ. “The FBI is now in the process of seizing the websites that allowed paying users to launch powerful distributed denial-of-service, or DDoS, attacks that flood targeted computers with information and prevent them from being able to access the internet.”
The websites seized by the feds were used to launch millions of actual or attempted DDoS attacks targeting victims worldwide.
The customers paid the platforms to launch powerful distributed denial-of-service attacks against their target websites.
The services were involved in attacks against millions of individuals and organizations in multiple industries, including educational institutions, government agencies, and gaming platforms.
The suspects offered the services claiming they were legitimate “stresser” services that could used by organizations for network testing. Howevers, an affidavit filed in support of court-authorized warrants to seize the booter sites revealed that “thousands of communications between booter site administrators and their customers…make clear that both parties are aware that the customer is not attempting to attack their own computers.”
DoJ pointed out that these law enforcement operations were conducted in conjunction with Operation PowerOFF, an ongoing, coordinated effort among international law enforcement agencies aimed at dismantling criminal DDoS-for-hire platforms.
In December 2018, the FBI seized other 15 domains associated with DDoS-for-hire services, the U.S. District Court for the Central District of California ordered the seizure of the platforms (including critical-boot(.)com, ragebooter(.)com, downthem(.)org and quantumstress(.)net) on Dec. 19, 2018.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
|[adrotate banner=”9″]||[adrotate banner=”12″]|
(SecurityAffairs – hacking, DDoS)