Law enforcement authorities from more than a dozen countries last week carried out a series of operations designed to crack down on DDoS-for-hire services.
Thirty four individuals who are alleged to have purchased stressers and booter services were arrested as part of the operation. Stressers and booter services help facilitate distributed denial of service attacks which in turn, flood servers and knock websites offline. Europol’s European Cybercrime Centre said Monday it carried out the operation from Dec. 5 to 9.
The National Crime Agency, the UK’s law enforcement agency, arrested 12 of the 34 individuals in what it called Operation Vulcania. The NCA said the individuals had purchased subscriptions to Netspoof, a DDoS stresser that can cost between $5 and $500 to flood websites. Officials with the agency targeted 60 individuals, issued 30 cease-and-desist notices, and seized machines from 11 individuals as part of the operation, the NCA said.
#PR 34 arrests in joint action targeting users of Distributed Denial of Service #DDoS cyber-attack tools https://t.co/0YYOwNkzbb #cybercrime pic.twitter.com/EG8NZXR7eR
— Europol (@Europol) December 12, 2016
While there’s no mention of the name on Europol’s site, according to the NCA, the weeklong takedown was part of an organized law enforcement effort called “Operation Tarpit.”
Authorities from Australia, Belgium, France, Hungary, Lithuania, the Netherlands, Norway, Portugal, Romania, Spain, Sweden, and the US, also carried out actions as part of the operation last week.
The FBI, for its part, apprehended another individual, Sean Sharma, a 26-year-old grad student at the University of South California, on Friday. Sharma was charged with cyber crimes after he purportedly purchased a tool to carry out a DDoS attack against an undisclosed San Francisco chat company.
International cyber op nets DDoS attackers, including a California grad student who was arrested last week. https://t.co/AkdO2mNRcT pic.twitter.com/NLbhaAQwFU
— FBI (@FBI) December 13, 2016
According to the FBI, which announced the arrest in tandem with Europol and the NCA on Monday, it and the other agencies carried out 101 interviews with individuals believed to have something to do with DDoS-for-hire services.
“DDoS tools are among the many specialized cyber crime services available for hire that may be used by professional criminals and novices alike,” said Steve Kelly, FBI unit chief of IC4. “While the FBI is working with our international partners to apprehend and prosecute sophisticated cyber criminals, we also want to deter the young from starting down this path.”
Mirai, the IoT malware that took down DNS provider Dyn, security blog Krebs on Security and French webhost OVH earlier this year with DDoS attacks has commanded headlines from the latter half of fall to early winter. The bulk of those arrested last week were 18-, 20-, and 23-year-old males allegedly using commercial DDoS tools, booters and stressers, to perpetrate less widespread DDoS attacks on gaming providers, government departments, internet hosting companies, schools, and colleges.
Europol is using the operation to kick off a prevention campaign to warn younger, would-be users of DDoS stresser services such as Netspoof.
“One of the key priorities of law enforcement should be to engage with these young people to prevent them from pursuing a criminal path, helping them understand how they can use their skills for a more constructive purpose,” Steven Wilson, Head of Europol’s European Cybercrime Centre (EC3) said Monday.
