UK Police Setup Thousands of  Fake DDoS-For-Hire Websites

The National Crime Agency (NCA) of the United Kingdom revealed that it had built several fake DDoS-for-hire service websites to track down cybercriminals who use these platforms to attack businesses.

Also, this declaration follows the Agency’s decision to designate one of the sites now maintained by officers as a criminal service as part of a sustained programme of activities to disrupt and undermine DDoS.

Booter Services Are a Key Enabler of Cyber Crime

DDoS-for-hire services, sometimes known as ‘booters,’ are online platforms offering to produce huge garbage HTTP requests towards a website or online service in exchange for money that overwhelm the webserver and take it offline.

DDoS attacks, designed to overwhelm websites and force them offline, are illegal in the United Kingdom under the Computer Misuse Act of 1990.

People who want to take down a website or disrupt an organization’s operations purchase these illegal services for various motives, including espionage, revenge, extortion, and politics.

Numerous thousands of people allegedly visited NCA’s fake websites, which had the appearance of an actual booter service. However, they only served to gather data on people who wanted to use these services rather than to provide access to DDoS tools.

After users register, however, their information is compiled by investigators rather than being provided access to cybercrime tools.

The NCA cautions that numerous fake law enforcement-operated booter sites are still being utilized to accumulate data on cyber criminals. 

Alan Merrett from the NCA’s National Cyber Crime Unit said: “Booter services are a key enabler of cybercrime.

“We will not reveal how many sites we have, or for how long they have been running. Going forward, people who wish to use these services can’t be sure who is actually behind them, so why take the risk?”

These fake sites are part of “Operation PowerOFF” and progressing universal law enforcement, including the US FBI, the Dutch National Police Corps, the U.K. National Crime Agency, Germany’s Federal Criminal Police Office, and Polan’s National Police Cybercrime Bureau.

This splash page advises clients that their information has been collected and law enforcement authorities will soon contact them.

Banner has been seen by visitors of the fake DDoS-for-hire site

“National Crime Agency has collected substantial data from those who accessed our domain. We will share this data with International Law Enforcement Enforcement for action. Law Enforcement will contact individuals in the U.K. who engaged with this,” reads the NCA splash page on the fake DDoS booter site.

“National Crime Agency has been and will run more services like this site.”

“Operation PowerOFF has already resulted in the arrest of numerous individuals and continues to ensure that users are being held accountable for their criminal activity.”

Last year in December, the U.S. Department of Justice and the FBI reported the seizure of 48 domains that sold “booter” services in “Operation PowerOFF.”

Because of that action, the authorities charged six suspects for their coordinated involvement in these unlawful services.

The NCA clarifies that while takedowns and arrests are still a vital component of the battle against the danger, their most recent strategies expand the effectiveness of their operations to weaken belief in criminal markets and stop DDoS assaults at their source.

Searching to secure your APIs? – Try Free API Penetration Testing

Related Read:

Gurubaran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

New VIPKeyLogger Via Weaponized Office Documenrs Steals Login Credentials

The VIPKeyLogger infostealer, exhibiting similarities to the Snake Keylogger, is actively circulating through phishing campaigns. …

14 hours ago

INTERPOL Urges to End ‘Pig Butchering’ & Replaces With “Romance Baiting”

INTERPOL has called for the term "romance baiting" to replace "pig butchering," a phrase widely…

14 hours ago

New I2PRAT Malware Using encrypted peer-to-peer communication to Evade Detections

Cybersecurity experts are sounding the alarm over a new strain of malware dubbed "I2PRAT," which…

15 hours ago

Earth Koshchei Employs RDP Relay, Rogue RDP server in Server Attacks

 A new cyber campaign by the advanced persistent threat (APT) group Earth Koshchei has brought…

16 hours ago

Careto – A legendary Threat Group Targets Windows By Deploy Microphone Recorder And Steal Files

Recent research has linked a series of cyberattacks to The Mask group, as one notable…

17 hours ago

RiseLoader Attack Windows By Employed A VMProtect To Drop Multiple Malware Families

RiseLoader, a new malware family discovered in October 2024, leverages a custom TCP-based binary protocol…

17 hours ago