The UK’s National Crime Agency (NCA) has created a number of fake DDoS-for-hire sites to penetrate the online criminal underground.
Instead of being given access to cybercrime tools, users who registered for the sites had their data collated by investigators. DDoS attacks, which overwhelm network resources with traffic to effectively take them offline, are incapable of stealing or modifying data on the victim server, and are often used by gamers who use “booters” to kick rivals from an online game – a criminal offense which the agency has run advertising campaigns to raise awareness of.
The operation is not one of the more sophisticated busts that British cyber cops have been involved in but provides police with a mechanism to intervene in the cases of potential offenders when they are engaged in what the NCA described as “an attractive entry-level crime.”
The fake sites have so far been accessed by around several thousand people. The NCA, alongside the Dutch Politie and the German Bundeskriminalamt, created and controlled one of the sites, and users based in the UK will be contacted by the National Crime Agency or police and warned about engaging in cyber crime.
Information relating to those based overseas is being passed to international law enforcement.
Last December, the NCA helped take down 48 of the world’s most popular booster sites and arrested an 18-year-old man in Devon on suspicion of administering one of the sites.
Six defendants in the US had been charged with overseeing the services, which included Booter.sx., Astrostress.com, and SecurityTeam.io. “Traditional site takedowns and arrests are key components of law enforcement’s response to this threat.
However, we have extended our operational capability with this activity, at the same time as undermining trust in the criminal market,” said Alan Merrett, from the agency’s National Cyber Crime Unit.
