27 March 2023

NCA creates fake DDoS-for-hire sites to collect data on cybercriminals


NCA creates fake DDoS-for-hire sites to collect data on cybercriminals

UK National Crime Agency (NCA) said it was running a number of websites purporting to offer DDoS-for-hire services to infiltrate the cybercriminal underground.

The DDoS-for-hire (“booter” or “stresser”) service allows the attackers to have a number of remotely connected bots devices to direct huge traffic to a website or the online platforms.

The move is part of a sustained program of activity to disrupt and undermine DDoS as a criminal service, the NCA said in a press release.

According to the agency, all of the bogus sites, which have so far been accessed by around several thousand people, have been created to look like they offer the tools and services that enable cyber criminals to execute DDoS attacks. However, users who registered for the sites were not given access to cybercrime tools but instead had their data collated by investigators.

“Users based in the UK will be contacted by the National Crime Agency or police and warned about engaging in cyber crime. Information relating to those based overseas is being passed to international law enforcement,” the agency said.

In December 2022, the US authorities seized 48 internet domains that offered services that allowed cybercriminals to launch distributed denial-of-service (DDoS) attacks for a fee, and charged six individuals involved in running these services.


Back to the list

Latest Posts

ICC investigates cyberattacks in Ukraine as possible war crimes

ICC investigates cyberattacks in Ukraine as possible war crimes

The probe is focused on cyberattacks that endangered lives by disrupting essential services.
17 June 2024
Alleged Scattered Spider leader arrested in Spain

Alleged Scattered Spider leader arrested in Spain

The suspect is believed to be a key player in the MGM ransomware attack.
17 June 2024
Scattered Spider hackers switch focus to cloud apps for data theft

Scattered Spider hackers switch focus to cloud apps for data theft

Mandiant has observed UNC3944 accessing platforms like vSphere and Azure via SSO applications to create new virtual machines.
17 June 2024