Prosecutors Charge 6 People for Allegedly Waging Massive DDoS Attacks
Federal prosecutors have charged six people for allegedly operating websites that launched millions of powerful distributed denial-of-service attacks on a wide array of victims on behalf of millions of paying customers. From a report: The sites promoted themselves as booter or stressor services designed to test the bandwidth and performance of customers' networks. Prosecutors said in court papers that the services were used to direct massive amounts of junk traffic at third-party websites and Internet connections customers wanted to take down or seriously constrain. Victims included educational institutions, government agencies, gaming platforms, and millions of individuals. Besides charging six defendants, prosecutors also seized 48 Internet domains associated with the services. "These booter services allow anyone to launch cyberattacks that harm individual victims and compromise everyone's ability to access the Internet," Martin Estrada, US attorney for the Central District of California, said in a statement. "This week's sweeping law enforcement activity is a major step in our ongoing efforts to eradicate criminal conduct that threatens the Internet's infrastructure and our ability to function in a digital world." The services offered user interfaces that were essentially the same except for cosmetic differences. The screenshot below shows the web panel offered by orphicsecurityteam.com as of February 28. It allowed users to enter an IP address of a target, the network port, and the specific type of attack they wanted. The panel allowed users to pick various methods to amplify their attacks. Amplification involved bouncing a relatively small amount of specially crafted data at a third-party server in a way that caused the server to pummel the intended victim with payloads that were as much as 10,000 times bigger.
Read more of this story at Slashdot.