Teens Held over DDoS Attacks

Tuesday, December 13, 2016 @ 04:12 PM gHale

Police busted 34 people as part of an operation targeting users of distributed denial of service (DDoS) cyber-attack tools.

The operation conducted by Europol between December 5 and 9, 2016, received cooperation from law enforcement agencies all around the world, including Australia, Belgium, France, Hungary, Lithuania, the Netherlands, Norway, Portugal, Romania, Spain, Sweden, the United Kingdom and the United States.

UK Teen Pleads Guilty in DDoS Service
PA Man Sentenced for Celeb Photo Hack
FL Man Pleads Guilty in Spam Case
Hacking, Terrorism Plea Nets 20 Years

In addition to the 34 arrests, 101 suspects ended up interviewed and cautioned, Europol officials said. The investigation focused mainly on young adults under the age of 20.

Those arrested were paying for stressers and booters services to maliciously deploy software to launch DDoS attacks, officials said.

The attacks flooded web servers with massive amounts of data, thus rendering them inaccessible to users.

The tools used in these attacks are part of the criminal ‘DDoS for hire’ facilities that hackers can pay to use and which can end up aimed at whichever target these hackers choose, Europol officials said.

In September this year, an investigation conducted by the Federal Bureau of Investigation (FBI) led to the arrest of two individuals believed to be operating a DDoS for hire service. Last year, the UK National Crime Agency (NCA) arrested six males aged between 15 and 18, suspected of using the DDoS tool called LizardStresser, which ended up used to disrupt gaming platforms earlier this year.

The LizardStresser botnet is fueled by Internet of Things devices, and security researchers discovered other powerful DDoS tools that use the power of these connected devices, with the Mirai botnet being the most popular of them at the moment.

The available DDoS-for-hire services, the same as the Ransomware-as-a-Service (RaaS) business model, attract young and adult cybercriminals who lack advanced computer skills but are looking for fast and easy money.

The recent operation was meant to raise awareness in all participating countries of the risk of young adults getting involved in cybercrime, Europol officials said. While many of these teenagers get involved for fun, their skill sets (regardless of whether they are in coding, gaming, computer programming, cyber security or anything else that is IT-related) could be put to a positive use. What’s more, most of them aren’t fully aware of the consequences of their actions, or of the severe penalties they could face, and the negative impact these would have on their future.

Helped by Europol’s European Cybercrime Centre (EC3), the participating countries were able to identify users of DDoS tools either in the EU or in other regions, and the suspects proved to be mainly young adults under the age of 20. The participating countries worked together in the framework of the EMPACT (European Multidisciplinary Platform against Criminal Threats) project, and they took actions based on national legislation: Some suspects ended up interviewed, others detained and arrested, while some received fines. Moreover, notifications went out to parents and house searches ended up conducted, among others.

Europol’s operation is the latest in a series aimed at individuals who are using cyber-crime tools, as it previously attempted to tackle users of remote access Trojans (RATs), as part of the BlackShades RAT campaign in 2014 and the Falling sTAR operation last year. Most recently, Europol targeted a large malware delivery platform known as “Avalanche.”

Leave a Reply

You must be logged in to post a comment.