The U.K. National Crime Agency (NCA) reported that it had set up a network of fake DDoS-for-hire websites to infiltrate the online criminal underground. “All of the NCA-run sites, which have so far been accessed by around several thousand people, have been created to look like they offer the tools and services that enable cyber criminals to execute these attacks. However, after users register, rather than being given access to cyber crime tools, their data is collated by investigators,” reads the publication from the agency. The project is part of Operation PowerOFF, an ongoing international cooperation with authorities from the U.S., the Netherlands, Poland, Germany, and Europol that aims to destroy criminal DDoS-for-hire infrastructures worldwide. DDoS-for-hire services, often known as “Booter” or “Stresser,” let cyber criminals use a network of compromised devices as a means of launching Distributed Denial-of-Service (DDoS) attacks on websites and force them to go offline. These fraudulent websites provide a range of membership options and charge their users from $10 to $2,500 per month.
Analyst Notes
These tools and services make it easier for people with low level cyber skills to commit offenses. The NCA stated that it would not disclose the number of websites in operation, so individuals who intend to use these DDoS services in the future will have to consider if it is worth the risk. “Booter services are a key enabler of cyber crime. The perceived anonymity and ease of use afforded by these services means that DDoS has become an attractive entry-level crime, allowing individuals with little technical ability to commit cyber offences with ease,” stated Alan Merrett, a member of the NCA’s National Cyber Crime Unit. It’s not the first time law enforcement has run fake services to catch criminal activity online.
https://thehackernews.com/2023/03/uk-national-crime-agency-sets-up-fake.html