Prolific DDoS Marketplace Shut Down by UK Law Enforcement
UK law enforcement agencies have infiltrated and taken down DigitallStress, the world’s most prolific underground marketplace offering distributed denial of service (DDoS) services.
The National Crime Agency (NCA) said that had taken over and disabled digitalstress.su on July 2, in collaboration with the Police Service of Northern Ireland (PSNI).
Using a mirror site, the agencies have now replaced the domain with a splash page, warning users that their data has been collected by law enforcement.
The takedown, made public on July 22, comes after the PSNI arrested one of the site’s suspected controllers, Skiop, earlier in July, following a joint investigation by the NCA, the PSNI, and the FBI.
DigitalStress Explained
DigitalStress was a marketplace offering DDoS-for-hire or ‘booter’ services. These services allow users to create accounts and order DDoS attacks within minutes.
Deputy Director Paul Foster, head of the NCA’s National Cyber Crime Unit, said: “Booter services are an attractive entry-level cybercrime, allowing individuals with little technical ability to commit cyber offenses with ease.”
According to UK law enforcement, DDoS operators using DigitalStress were responsible for tens of thousands of attacks weekly.
Watch: Experiencing a DDoS Simulation to Enhance Defenses
The site’s administrators chose to place the service under a .su domain, an old Soviet Union domain still operated by the Russian Institute for Public Networks.
Many criminal services use this domain to make it more difficult for any potential law enforcement investigation.
However, the NCA has been able to infiltrate communication channels used by DigitalStress users, leading to the platform’s takedown.
“We are at the forefront of developing innovative tools and techniques which can be used as part of a sustained program of activity to disrupt and undermine cybercriminal services and protect people in the UK,” Foster explained.
“Our operations continue to demonstrate that criminals online can have no assurance of anonymity or impunity.”
The NCA will now analyze user information for law enforcement action, and data relating to overseas users will be passed to international law enforcement.
Operation Power Off
The operation follows an FBI-led international operation that started in December 2022 and led to the takedown of 48 of the world’s most popular ‘booter’ sites.
This activity forms part of Operation Power Off, a coordinated international response that started in 2018 and targets criminal DDoS-for-hire infrastructures worldwide.