Today, the National Crime Agency (NCA) of the United Kingdom revealed that they had created a number of fictitious DDoS-for-hire service websites with the intention of locating cybercriminals who make use of these platforms to harm businesses.
DDoS-for-hire services, also known as “booters,” are online platforms that, in exchange for payment, offer to overwhelm the webserver and shut down a website or online service by sending a lot of garbage HTTP requests.
People buy these illegal services with the intention of taking down a website or disrupting the operations of an organization for a variety of reasons, including espionage, retaliation, extortion, and political reasons.
These services make it possible for anyone to commit cybercrimes with little effort because they are inexpensive and do not require any particular knowledge or experience.
According to NCA, its fake websites, which appeared to be genuine booter services, were accessed by several thousand individuals. However, they were only used to gather information about people who wanted to use these services, not to grant access to DDoS tools.
After effectively invading the cybercrime market and assembling data about those buying unlawful administrations, the organization uncovered the activity by showing a sprinkle page on only one of its phony locales.
However, the NCA warns that numerous fictitious booter sites operated by law enforcement are still being used to gather data on cybercriminals.
Users are informed, as shown below, that their data has been collected and that authorities will soon contact them on this splash page.
“Those who accessed our domain have yielded substantial data to the National Crime Agency. In order to take action, we will share this data with International Law Enforcement Enforcement. The NCA splash page on the fictitious DDoS booter website states, “Law Enforcement will contact individuals in the UK who engaged with this.”
The National Crime Agency has operated and will operate additional services similar to this one.
“Operation PowerOFF continues to ensure that users are held accountable for their criminal activity and has already resulted in the arrest of numerous individuals.”
The United States Federal Bureau of Investigation (FBI), the Netherlands National Police Corps, the United Kingdom National Crime Agency, Germany’s Federal Criminal Police Office, and Poland’s National Police Cybercrime Bureau are all involved in the ongoing international law enforcement operation known as “Operation PowerOFF.”
The National Crime Agency (NCA) will contact users based in the United Kingdom, while the relevant law enforcement agencies will receive users’ international data.
The agency’s strategy of uncloaking only one of its numerous fake DDoS-for-hire websites casts doubt and fear over the community as a whole, affecting all platforms in this market.
Alan Merret, NCA’s agent, makes the following statement: “We will not reveal how many sites we have or for how long they have been running.”
“Why take the risk when people who wish to use these services in the future cannot be certain who is actually behind them?”
In the context of “Operation PowerOFF,” the U.S. Department of Justice and the FBI announced the seizure of 48 domains that sold “booter” services in December 2022.
Six suspects were also arrested by the authorities as a result of that action for their direct involvement in these illegal services.
The NCA makes sense of that while takedowns and captures are as yet a vital part of the battle against the danger, their most recent strategies broaden the effect of their tasks to sabotage trust in criminal business sectors and stop DDoS assaults at their source.