Today, the FBI announced it took action against 15 domains that allegedly helped take down other people’s websites, game servers and other online services through distributed denial-of-service (DDoS) attacks. The seizures comes a week before Christmas, which, the FBI says, is “a period historically plagued by prolific DDoS attacks in the gaming world.”
The FBI seized 15 “booter” domains yesterday including critical-boot.com, ragebooter.com, downthem.org, and quantumstress.net. Booters are websites that allow anybody with a credit card (or Bitcoin) to pay money in exchange for overwhelming an online server with requests and, as a result, taking down that server. Powerful DDoS attacks have taken down gaming servers like Blizzard’s Battle.net or Final Fantasy XIV’s in the past.
Booters offer generally less powerful DDoS attacks in exchange for a relatively low amount of money and have flown under the radar, in part, because they tend to be marketed as “stress-testers” that help people test servers’ capacities for withstanding DDoS attacks. Anybody can Google these services, making them, in the FBI’s words, “a low barrier to entry for users looking to engage in cyber criminal activity.”
The FBI wrote in a press release today:
These services offered easy access to attack infrastructure, payment options that included Bitcoin, and were relatively low cost. Each of the services was tested by the FBI, which verified those DDoS attack services offered through each of the seized websites. While testing the various services, the FBI determined that these types of services can and have caused disruptions of networks at all levels.
Along with the seizures, the FBI has also filed criminal complaints against three alleged cyber criminals who, the FBI says, were allegedly affiliated with the DDoS-for-hire services Downthem and Ampnode.
“Between October 2014 and November 2018, Downthem’s database showed over 2000 customer subscriptions, and had been used to conduct, or attempt to conduct, over 200,000 DDoS attacks,” the FBI says.