Dec 16, 2022 09:00:00

Six men who operated a proxy site that can DDoS attack on your favorite site if you pay money will be prosecuted

DDoS attacks , which send a huge amount of traffic to the target and make it impossible to process, have damaged many companies and government agencies so far. Six people who operated such a DDoS attack agency service were indicted by the US Department of Justice. The indicted individuals are alleged to have carried out DDoS attacks on educational institutions, government agencies, gaming platforms and millions of individuals in the United States and abroad.

Federal Prosecutors in Los Angeles and Alaska Charge 6 Defendants with Operating Websites that Offered Computer Attack Services | USAO-CDCA | Department of Justice
https://www.justice.gov/usao-cdca/pr/federal-prosecutors-los-angeles-and-alaska-charge-6-defendants-operating-websites

Six Charged in Mass Takedown of DDoS-for-Hire Sites – Krebs on Security
https://krebsonsecurity.com/2022/12/six-charged-in-mass-takedown-of-ddos-for-hire-sites/

A DDoS attack is a cyber-attack that uses multiple computers to send too much data to the target to overwhelm it. Jeremiah Sam Evans Miller, who lives in Texas, USA, one of the people charged with conspiracy and violation of the Computer Fraud and Abuse Prevention Act this time, is a website that acts as a DDoS attack 'RoyalStresser' com was running. The complaint against Miller allegedly launched approximately 200,000 DDoS attacks between November 2021 and February 2022.

Other suspects indicted at the same time also operate DDoS attack contracting services, including Angel Manuel Colon, Jr., who lives in Florida and operates SecurityTeam.io from 2018 to 2022. It made 1.3 million attacks during that time. In addition, suspects Cory Anthony Palmer and Shamar Shattock operate 'Booter.sx' and 'Astrostress.com' and are said to have attacked about 700,000 times.

John M. Dobbs, who lives in Hawaii, operates ``Ipstressor.com'' and launched about 30 million DDoS attacks in the 13 years from 2009 to November 2022. Joshua Rain of New York is said to have carried out more than 1.2 million attacks on 'TrueSecurityServices.io' between 2018 and 2022.

The terms of use of these websites stipulate that users must not use the services for the purpose of

stress-testing their own networks and to attack others. I haven't,' he claims.

On the other hand, the U.S. Department of Justice said that these services do not own the devices used in the attacks, but rather use misconfigured devices to maximize the scale and impact of DDoS attacks, and are exempt from liability. The matter points out that it ignores this point.

The Federal Bureau of Investigation (FBI) has warned that conducting DDoS attacks is punishable under both the Wire Fraud Act and the Computer Fraud and Abuse Act, and can lead to arrests, prosecutions and seizures of electronic devices. increase.

A DDoS attack proxy service such as 'SecurityTeam.io' is called 'booter', and a site that explains the legal risks that may occur when requesting an attack to people who search for 'booter' in countries around the world. Countermeasures against 'booter' are being taken in each country, such as displaying advertisements that direct you to.

``Users and site administrators should think twice before using these illegal services,'' said FBI's Antony Jung.