The US Department of Justice recently announced the confiscation of 13 domains associated with platforms for DDoS attacks for hire. This seizure was part of a large-scale international operation called PowerOFF, which is aimed at fighting DDoS infrastructures around the world.
The authorities report that this is the third wave of actions against the so-called “booters” and “stressers”. Booters are services that allow attackers to order a DDoS attack on any site or device connected to the Internet, while stressers offer the same functionality, but are supposedly designed to legitimately test the reliability of web services and the servers behind them.
Last year, American law enforcement officers shut down 48 sites that were used to organize DDoS attacks around the world. Ten of the 13 domains seized this week are reincarnations of services that were closed during the previous sweep in December 2022. For example, one of the domains taken this week, Cyberstress.org, appears to be the same service running on the Cyberstress.us domain that was taken in December.
The FBI tested all the services before the takeover, opening or renewing accounts on each, and assessing the impact of DDoS attacks on targeted computers. These tests have helped validate the effectiveness of the booters, with the FBI saying some of the attacks took targeted devices offline.
Four suspects who were indicted last year (one from Texas, three from Florida, one from New York, and one from Hawaii) have already pleaded guilty. These individuals are believed to have operated various DDoS attack sites, including RoyalStresser.com, SecurityTeam.io, Astrostress.com, Booter.sx, Ipstressor.com, and TrueSecurityServices.io.
