Posted on May 8, 2023 at 4:36 PM
Department of Justice seizes 13 domains used to launch DDoS attacks
Authorities in the United States have seized 13 internet domains that provided DDoS-for-hire services to threat actor groups. Distributed denial-of-service (DDoS) attacks have become rampant, and authorities globally have been cracking down on the space to minimize the sector’s risks.
US Authorities to Seize 13 internet domains
The seizure of these 13 domains is part of an ongoing global operation known as Operation PowerOFF. The operation has involved law enforcement authorities globally, and its purpose is to halt the operations of illegal DDoS-for-hire infrastructures globally.
The seizure of these websites comes nearly five months after a probe was conducted in December 2022 regarding similar services. At the time, 48 services that provided DDoS for hire tools were seized. These services receive payments from people who want to launch DDoS campaigns against their targets.
DDoS campaigns can be extensive because they target multiple industries, including schools, universities, and government websites. The attacks cripple the online services offered by an institution. While some DDoS attacks are launched for extortion, some are launched by hacktivist groups looking to cause significant damage.
The US Department of Justice has said that ten of the three illicit domains seized by US authorities were recreations of booster or stresser services. The services were shut down towards the end of 2022. The DoJ also said that in recent years, these services have continued to become more popular because of a low barrier to entry for those looking to participate in illegal activities.
“In relation to the domains seized this week, the FBI opened or renewed accounts with each booter service and used cryptocurrency to pay for subscription plans. Each service was tested by using the website to launch DDoS attacks on computers controlled by the FBI. The FBI then observed the effects of the attacks at their “victim” computers, confirming that the booter websites operated as advertised,” the DoJ said.
The DoJ further said that these services have become increasingly popular in recent years. The services are preferred by hackers who do not have sophisticated skills because they lower the barrier to entry for those looking to engage in hacking activities.
DDoS campaigns can wreak havoc on the targeted institutions. They can harm the victims by disrupting access to the internet. In some cases, the services can also affect internet connections for customers served by the same internet service provider through a shared connection point.
These services are similar to domain seizures. According to the DoJ, four of the six individuals charged in December last year for operating similar services pled guilty. The individuals will be sentenced towards the end of this year.
Illegal online platform Try2Check brought down
The announcement of the seizure of the 13 illegal domains comes amid a disruption of Try2Check. Try2Check has been under investigation for a decade. The illegal platform allowed hackers to verify the status of stolen credit card numbers and determine if the numbers were still active and authentic.
The DoJ also filed charges against Russian national Denis Gennadievich Kulkov for his role in creating the service and transforming it into a tool supporting the trade of illegal credit cards. The State Department has also offered a $10 million reward to anyone who has information that will lead to the individual’s arrest. Another bounty of up to $1 million has also been offered by the department to those who will help identify the key leaders of the Try2Check illegal platform.
The indictment said that the illegal platform did not use the systems of a leading payment processing firm in the US to conduct card checks by hacking the preauthorization service. The company’s name has not been revealed.
The Try2Check service was launched in 2005 and is believed to have been used to process tens of millions of credit card verifications annually. The service has also enabled the operations of top card companies such as Joker’s Stash. As of February last year, one card check on the platform cost $0.20.
The DoJ has also said that the Russian national made more than $18 million by operating illegal websites. The individual used the illegal proceeds to buy a Ferrari and other luxurious items.
The charges against Kulkov come a few months after Denis Mihaqlovic Dubnikov was sentenced to time served and ordered to return $2,000 in illegal profits. Dubnikov was charged with money laundering for the Ryuk ransomware group.