The National Crime Agency (NCA) working in conjunction with Dutch police, the United States’ FBI and Europol, have taken over and dismantled 48 distributed denial of service (DDoS) sites which have formed a part of the world’s largest source of booter sites which have contributed to over 30 million attacks.

DDoS for hire sites, also known as booter sites, provide cyber criminals with a platform to launch distributed denial of service (DDoS) attacks.

Customers can subscribe to a service for between $10 to a monthly $2,500 payment depending on the capabilities required and in return they can make use of an attack that they otherwise would not have had the technical expertise to conduct.

Operation PowerOFF led to the removal of 48 sites and multiple arrests across different countries including an individual from the UK, suspected of being an administrator for one of the booter sites which was targeted by law enforcement.

Partnered with his arrest, “customer” data was also reported as being seized and provides opportunity for future arrests once these customers are attributed to attacks that used the platform.

The dismantlement of such a hub of the threat actor community will likely impact the availability of the for hire service which plague a significant number of businesses worldwide, as demonstrated by the number of attacks the websites are assessed to have conducted.

It was previously reported that for-hire services were a result of the potential for complex attack vectors to be supplied to a much larger audience than previously.

The takedown of these services are critical to limiting the available resources to threat actors.

The increase in pay-for-service attack vectors has expanded the spectrum of threat actors who are able to launch complex and sophisticated attacks.

This has enabled non-technical criminals and organised groups to operate across the cyber domain as well as physical.

Charging criminals for their abuse of victims through similar for-hire services is a significant step in the right direction and such operations will work towards deterring future attacks.

Reporting

Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to report@phishing.gov.uk. Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).