The UK’s National Crime Agency (NCA), in collaboration with the Federal Bureau of Investigation (FBI) and the Police Service of Northern Ireland (PSNI), took over and disabled the functionality of Digitalstress.su, a popular DDoS-for-hire service. The operation, called PowerOFF, also accessed communication platforms being used to discuss launching DDoS attacks.
As is usually the case in such attacks, the domain has been taken over, and the site has been replaced with a splash page warning users that their data has been collected. The NCA’s assessment of communication platforms is another hit, with the agency telling the site’s users that “nowhere is safe for cyber criminals to talk about their criminal activity.” One of the messages read the following:
“On 2 July, a joint operation by the NCA, PSNI and FBI led to the arrest of a suspected controller of DigitalStress and we have now taken down www.digitalstress.su.
“We are watching you. Is it worth it?”
Distributed Denial of Service or DDoS attacks are difficult for individuals to carry out as they usually require enormous amounts of web traffic to overload a targeted server and eventually bring the service down. To be effective, they generally require a bot farm or multiple devices at the least, something not every cybercriminal, especially the less technically sophisticated kind, possesses.
This is where services like Digitalstress or other DDoS-for-hire or booster services come into place. They make it incredibly easy for attackers to launch DDoS attacks by creating an account and ordering a DDoS strike within minutes. While the service has been shut down, the NCA continues to work on accessing the data for law enforcement action, with data related to overseas users to be passed on to international law enforcement.
In the News: Chinese hacker group targets Taiwan and US NGO with new toolkit
