Tuesday, March 5, 2024

UK Police Setup Thousands of  Fake DDoS-For-Hire Websites

The National Crime Agency (NCA) of the United Kingdom revealed that it had built several fake DDoS-for-hire service websites to track down cybercriminals who use these platforms to attack businesses.

Also, this declaration follows the Agency’s decision to designate one of the sites now maintained by officers as a criminal service as part of a sustained programme of activities to disrupt and undermine DDoS.

Booter Services Are a Key Enabler of Cyber Crime

DDoS-for-hire services, sometimes known as ‘booters,’ are online platforms offering to produce huge garbage HTTP requests towards a website or online service in exchange for money that overwhelm the webserver and take it offline.

DDoS attacks, designed to overwhelm websites and force them offline, are illegal in the United Kingdom under the Computer Misuse Act of 1990.

People who want to take down a website or disrupt an organization’s operations purchase these illegal services for various motives, including espionage, revenge, extortion, and politics.

Numerous thousands of people allegedly visited NCA’s fake websites, which had the appearance of an actual booter service. However, they only served to gather data on people who wanted to use these services rather than to provide access to DDoS tools.

After users register, however, their information is compiled by investigators rather than being provided access to cybercrime tools.

The NCA cautions that numerous fake law enforcement-operated booter sites are still being utilized to accumulate data on cyber criminals. 

Alan Merrett from the NCA’s National Cyber Crime Unit said: “Booter services are a key enabler of cybercrime.

“We will not reveal how many sites we have, or for how long they have been running. Going forward, people who wish to use these services can’t be sure who is actually behind them, so why take the risk?”

These fake sites are part of “Operation PowerOFF” and progressing universal law enforcement, including the US FBI, the Dutch National Police Corps, the U.K. National Crime Agency, Germany’s Federal Criminal Police Office, and Polan’s National Police Cybercrime Bureau.

This splash page advises clients that their information has been collected and law enforcement authorities will soon contact them.

Banner has been seen by visitors of the fake DDoS-for-hire site

“National Crime Agency has collected substantial data from those who accessed our domain. We will share this data with International Law Enforcement Enforcement for action. Law Enforcement will contact individuals in the U.K. who engaged with this,” reads the NCA splash page on the fake DDoS booter site.

“National Crime Agency has been and will run more services like this site.”

“Operation PowerOFF has already resulted in the arrest of numerous individuals and continues to ensure that users are being held accountable for their criminal activity.”

Last year in December, the U.S. Department of Justice and the FBI reported the seizure of 48 domains that sold “booter” services in “Operation PowerOFF.”

Because of that action, the authorities charged six suspects for their coordinated involvement in these unlawful services.

The NCA clarifies that while takedowns and arrests are still a vital component of the battle against the danger, their most recent strategies expand the effectiveness of their operations to weaken belief in criminal markets and stop DDoS assaults at their source.

Searching to secure your APIs? – Try Free API Penetration Testing

Related Read:


Latest articles

US Court Orders NSO Group to Handover Code for Spyware, Pegasus to WhatsApp

Meta, the company that owns WhatsApp, filed a lawsuit against NSO Group in 2019....

New SSO-Based Phishing Attack Trick Users into Sharing Login Credentials  

Threat actors employ phishing scams to trick individuals into giving away important details like...

U.S. Charged Iranian Hacker, Rewards up to $10 Million

The United States Department of Justice (DoJ) has charged an Iranian national, Alireza Shafie...

Huge Surge in Ransomware-as-a-Service Attacks targeting Middle East & Africa

The Middle East and Africa (MEA) region has witnessed a surge in ransomware-as-a-service (RaaS)...

New Silver SAML Attack Let Attackers Forge Any SAML Response To Entra ID

SolarWinds cyberattack was one of the largest attacks of the century in which attackers...

AI Worm Developed by Researchers Spreads Automatically Between AI Agents

Researchers have developed what they claim to be one of the first generative AI...

20 Million+ Cutout.Pro User Records Leaked On Hacking Forums

CutOut.Pro, an AI-powered photo and video editing platform, has reportedly suffered a data breach,...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Live Account Takeover Attack Simulation

Live Account Take Over Attack

Live Webinar on How do hackers bypass 2FA ,Detecting ATO attacks, A demo of credential stuffing, brute force and session jacking-based ATO attacks, Identifying attacks with behaviour-based analysis and Building custom protection for applications and APIs.

Related Articles