U.K. Crime Agency creates fake DDoS-for-hire to trap hackers
The National Crime Agency (NCA) of the United Kingdom recently revealed that it has created a network of bogus DDoS-for-hire websites in order to infiltrate the online criminal underground. The operation was launched as a warning to anyone planning to undertake distributed denial-of-service assaults by the UK’s National Crime Agency (NCA). Such assaults have the potential to overwhelm a target with internet traffic, crippling access to a website, or take a person offline.
The UK’s Computer Misuse Act of 1990 forbids Distributed Denial of Service (DDoS) attacks, which aim to overwhelm websites and take them offline. Users can quickly create accounts and order DDoS assaults using DDoS-for-hire or “booter” services.
All of the NCA-managed websites, which have so far been seen by a few thousand people, were designed to appear as though they provide the equipment and services needed by online criminals to carry out these assaults.
However, after users register their information is compiled by investigators rather than being provided access to cybercrime tools.
The project is a component of Operation PowerOFF, an ongoing international cooperative operation with authorities from the U.S., the Netherlands, Germany, Poland, and Europol that aims to destroy criminal DDoS-for-hire infrastructures around the world.
DDoS-for-hire services, also known as “Booter” or “Stresser,” let other criminals use a network of infected devices as a means of launching distributed denial-of-service (DDoS) attacks against websites and taking them offline.
These illicit platforms offer a selection of membership choices and charge their users around $10 to $2,500 per month.
The NCA made this observation back in December 2022, when a concerted operation resulted in the destruction of 48 booter sites “Their ease of access implies that these tools and services have made it simpler for those with low level cyber skills to commit offences.”
In order for anyone who intend to use such services in the future to decide if it’s worth the risk, the NCA stated that it will not disclose the number of sites it is operating.
DDoS has developed into a seductive entry-level crime that makes it simple for people with little technical expertise to commit cybercrimes.
It’s not the first time that law enforcement organisations have secretly run phoney services to thwart criminal activity online.
The FBI in the United States and the AFP in Australia disclosed in June 2021 that they had used an encrypted chat service called ANoM for almost three years to intercept 27 million conversations sent and received by criminal gang members worldwide.
Author: Sayali Wable