- Upgrade to Windows 11 Pro for $18 - the lowest price this year
- One of the most reliable power banks I've tested can even inflate car tires (and get 50% off in this Black Friday deal)
- This is the smartest electronic precision screwdriver I've ever tested (and now get 10% off for Black Friday)
- How Ransomware Jeopardizes Healthcare Organizations
- Buy a Microsoft Office 2019 license for Mac or Windows for $27
NCA Harvests Info on DDoS-For-Hire With Fake Booter Sites
The UK’s National Crime Agency (NCA) has revealed it is running several fake DDoS-for-hire websites in a bid to disrupt this thriving part of the cybercrime economy.
The agency revealed the news after deciding to go public with one of these sites, by replacing it with a splash page warning users that their data had been collected by law enforcers.
The NCA didn’t say how many of the sites it had set up as part of the operation, but claimed that “several thousand” people had already accessed them in search of the “booter” services needed to launch DDoS attacks against targets.
Users are required to first register with the sites, which provides the NCA with useful details about each individual. It said it would be “contacting” each one to warn them about engaging in cybercrime and passing on the details of any users outside the UK to international partners.
Read more about DDoS threats: DDoS Attacks on UK Firms Surge During Ukraine War.
The NCA claimed that DDoS-for-hire or “booter” services have democratized the ability for even non-technical cyber-criminals to launch attacks and cause significant harm to legitimate business operations and critical national infrastructure as a result.
The hope with this campaign is to undermine criminals’ trust in such services.
“The perceived anonymity and ease of use afforded by these services means that DDoS has become an attractive entry-level crime, allowing individuals with little technical ability to commit cyber offenses with ease,” explained Alan Merrett from the NCA’s National Cyber Crime Unit.
“Traditional site takedowns and arrests are key components of law enforcement’s response to this threat. However, we have extended our operational capability with this activity, at the same time as undermining trust in the criminal market.”
The fake sites are part of Operation Power Off, a coordinated international response to the threat from DDoS-for-hire sites. It scored a victory in December 2022 when the FBI, NCA and others joined forces to seize 48 domains associated with booter services, and charge six individuals with related offenses.
“We will not reveal how many sites we have, or for how long they have been running,” Merrett concluded. “Going forward, people who wish to use these services can’t be sure who is actually behind them, so why take the risk?”
