FBI Shuts Down 15 DDoS-For-Hire Sites (techcrunch.com)

← Back to Stories (view on slashdot.org)

FBI Shuts Down 15 DDoS-For-Hire Sites (techcrunch.com)

Posted by BeauHD on Thursday December 20, 2018 @11:30AM from the given-the-boot dept.

The FBI has shut down the domains of 15 high-profile distributed denial-of-service (DDoS) websites. "Several seizure warrants granted by a California federal judge went into effect Thursday, removing several of these 'border' or 'stresser' sites off the internet 'as part of coordinated law enforcement action taken against illegal DDoS-for-hire services,'" reports TechCrunch. "The orders were granted under federal seizure laws, and the domains were replaced with a federal notice." From the report: Prosecutors have charged three men, Matthew Gatrel and Juan Martinez in California and David Bukoski in Alaska, with operating the sites, according to affidavits filed in three U.S. federal courts, which were unsealed Thursday. The FBI had assistance from the U.K.'s National Crime Agency and the Dutch national police, and the Justice Department named several companies, including Cloudflare, Flashpoint and Google, for providing authorities with additional assistance. In all, several sites were knocked offline -- including downthem.org, netstress.org, quantumstress.net, vbooter.org and defcon.pro and more -- which allowed would-be attackers to sign up to rent time and servers to launch large-scale bandwidth attacks against systems and servers.

49 comments

Min score:

Reason:

Sort:

Cool something besides politics by Seven+Spirals · 2018-12-20 11:38 · Score: 2, Insightful

Jesus thank you FBI for giving us ONE FUCKING STORY that didn't bring in some more dipshit partisans.
1. Re: Cool something besides politics by Anonymous Coward · 2018-12-20 11:41 · Score: 0
  
  Are you some kind of libtard. :)
2. Re:Cool something besides politics by Anonymous Coward · 2018-12-20 11:44 · Score: 0
  
  Fuck you idiot. The FBI is handling hundreds of thousands of cases every day and just because you read a story about this one you like, you damn them with such faint bitchlike praise? Trump is a fucking traitor, that's apolitical.
3. Re: Cool something besides politics by Anonymous Coward · 2018-12-20 11:48 · Score: 0
  
  Yeah just like General Mattis the "truther SJW" right? Clear out your desks Trumptards, it's prison time. You're all going, Donald will die there.
4. Re:Cool something besides politics by Anonymous Coward · 2018-12-20 11:54 · Score: 0
  
  Fuck you idiot. The FBI is handling hundreds of thousands of cases every day and just because you read a story about this one you like, you damn them with such faint bitchlike praise? Trump is a fucking traitor, that's apolitical.
  Heh. Notice the ratings the NPC female Dr. Who is getting?
  Yeah, it's another example of, "Be woke, go broke."
5. Re:Cool something besides politics by Anonymous Coward · 2018-12-20 11:58 · Score: 0
  
  Just like General Mattis the "truther SJW" right? Clear out your desks Trumptards, it's prison time. You're all going, Donald will die there. The entire GOP is slowly going to shuffle off to prison over the next 2-4 years.
  Bring lube, Trumptards. You want to be strong and think you don't need it, lol. You will fucking need it. Your assholes are about to be expanded to basketball size, traitors.
6. Re:Cool something besides politics by Antique+Geekmeister · 2018-12-20 12:49 · Score: 1
  
  From personal experience with the FBI's Computer Crime Lab, I'd not give them credit for this action without compelling proof. They've not yet shown they're capable of doing the actual work to block, capture, or prosecute any computer criminals in any of the cases I know of personally. The few crimes listed on their website show no sign that they've done nothing successful except to claim credit for others', and they've passively interfered in every investigation I do know of personally. They accept reports and evidence, they do not act on any of it.
7. Re:Cool something besides politics by Anonymous Coward · 2018-12-20 12:53 · Score: 0
  
  Your anecdote of personal experience (when, where, what? yeah just pretend) gets zero point zero credit for anything real either. The FBI sure has a lot more credible of a claim here than you do, however.
  Just because they didn't act in your case doesn't mean they "never" act on anything you idiot. Shove your lies up Kendall's ass, add to his collection.
8. Re:Cool something besides politics by ShanghaiBill · 2018-12-20 13:31 · Score: 3, Interesting
  
  I have also had direct dealings with the FBI's Computer Crime Lab. The team leader had a degree in history, and his subordinates were even more clueless than he was. The only way they could have done this is if the three named companies that provided them "addition assistance", handed them all the evidence on a silver platter. Even then, it is a miracle that they didn't screw it up.
  The FBI prides themselves on their "special agents" being able to "do it all" without any actually being "special". But, at least with tech crimes, that clearly isn't working.
9. Re: Cool something besides politics by Zero__Kelvin · 2018-12-20 13:36 · Score: 1
  
  So your claim is that you never posted?
  
  --
  Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
10. Re:Cool something besides politics by Seven+Spirals · 2018-12-20 13:48 · Score: 2
  
  Well, I my original post was a bit tongue and cheek. However, I had one experience that validates your main assertion. I did a contract job about 15 years ago for a company that had a severe internal IT vandalism incident (a "hack" as journalist would say). This guy was really, really, wanting prison. He used the corporate VPN and didn't make tremendous efforts to hide his tracks (they made him really made, I heard). The company apparently used an Excel spreadsheet to keep their passwords in. They were like "but we encrypted it!" (referring to some kind of M$ password lock on the file *shrug* I don't know Excel) which made me giggle inside. Anyhow, Joe Hacker was a sysadmin and from what I can tell a real firecracker of a person mixed with the fact this this company was run by some puffed up business weasel jerks who made for an explosive mix. The guy destroyed their print servers, destroyed a few file servers (mainly ones with "fun" files on them like MP3s), destroyed their fax servers, and erased their sales databases and leads. Then he moved on to worse things. He backdoored their software repos for devs with all kinds of nasty code and then erased version logs to cover his tracks so they didn't know who wrote what code. He put tons of malware and viruses on their file servers he didn't destroy and named it innocent things like "customer_data.xls.exe" which some fell for. He poison-pilled their Netbackup infrastructure and manually swapped row data in the Sysbase database it uses to mix up media IDs so they basically lost their backups. He put at least 20 backdoors in routers, servers, workstations and test machines (stuff like Sub7 and then ACLs in the router that allowed traffic from everywhere to their crown jewels and even NAT'd some to obscure the source addresses). He land-mined their WSUS and Jumpstart servers with malicious post-install scripts. He physically stole/swapped some of their Decru keycards for their PKI infrastructure so they lost most of their security logs and encrypted tapes. Then as he was getting fired, he put some scripts or some kind of final trigger in place that brought down their Sonnet networking gear for about 30 hours. Took like three Cisco CCIEs to fix that working continuously. Man, I'm just scratching the surface, too. This guy just unleashed hell on this company AND he did a great deal of it across state lines. We recovered some VPN logs that were pretty much smoking gun correlation to other security event data. It took me about two months to unravel the stuff he did. If he wasn't so malicious, I'd actually have some respect for his criminal ass because of how devilish some of the shit he did was (ie.. setting Solaris inittdefault to 6) "Why do these boxes keep rebooting!?". So, we gathered ALL this evidence along with some local law enforcement. The company tried to get the FBI involved and so did the local detectives. The Feds sent out one bunghole non-IT guy who basically shrugged it all off and walked away. Then, after that point, they were pretty much disconnected and checked out + not interested in it. So, I gotta wonder how much firepower they really have and when they'd bring it to bear. It's a one-off anecdote and thus probably doesn't mean shit. However, it does make me wonder. The guy did go down for some shit and did a small amount of time, but he was lucky as hell a jury never saw the evidence I gathered.
11. Re:Cool something besides politics by Anonymous Coward · 2018-12-20 14:02 · Score: 0
  
  I had a history of direct dealings with Shanghai Bill anecdotally also. I found him to blather all kinds of falsehoods under a self-imposed authority of just asserting bullshit. That's all he does. He makes shit up.
  Anyone who believes he's ever had any actual dealings with the FBI is probably an easily-misled Trump moron, or just doesn't care and goes about their day letting the bullshit stack and assertions build.
  Eventually Bill will find something real to do with his life and fuck off, one assumes.
12. Re: Cool something besides politics by Seven+Spirals · 2018-12-20 14:11 · Score: 1
  
  Well, I wouldn't consider myself any type of partisan since I don't hold views that are compatible with any party. I have right, left, and centrist political opinions. However, those that want to label me as such are free to do so. I do believe in freedom.
13. Re:Cool something besides politics by Anonymous Coward · 2018-12-20 14:24 · Score: 0
  
  The question becomes : do you actually think your guy's crimes are worth the FBI's time to investigate to the Nth, gather local warrants to obtain proper evidence chains (rather than get it from you), eventually refer to prosecution, and then take a big risk that it's all for naught and either a judge or jury will give him 2 or 3 years and call it a day, or do you think they're better served shrugging and filing the information and continuing to monitor for reports of ongoing crimes which they could actually act upon in realtime and gather hard court-ready evidence for, determining again whether it was financially worth their time to do so rather than go after major players and national security issues, of which they have a massive backlog of also? Which is more important, your pet cause and layman's judicial review, or actual shit the FBI needs to be involved in as a matter of priority with their critically limited resources for such things and a worldwide scope? Of course a jury never saw the evidence YOU gathered, derp. Your ending your story like that just tells me everything I needed to know about how realistic it is to blame the FBI for your 3% of actual information anecdote.
14. Re:Cool something besides politics by Seven+Spirals · 2018-12-20 14:55 · Score: 1
  
  I'd like to thank the ACs for a perfect illustration of "dipshit partisans".
15. Re:Cool something besides politics by Anonymous Coward · 2018-12-20 17:56 · Score: 0
  
  Your assholes are about to be expanded to basketball size
  Libtards and their persistent homosexual fantasies. Every site I go to either has pictures of Trump with gay material, or "anti-Trump" people expressing homosexual wishes on Trump supporters. They say homosexuals are only abut 1% of the population but it seems like a lot more of you are just in the closet.
16. Re:Cool something besides politics by Anonymous Coward · 2018-12-20 21:18 · Score: 0
  
  Just like General Mattis the "truther SJW" right? Clear out your desks Trumptards, it's prison time. You're all going, Donald will die there. The entire GOP is slowly going to shuffle off to prison over the next 2-4 years.
  Bring lube, Trumptards. You want to be strong and think you don't need it, lol. You will fucking need it. Your assholes are about to be expanded to basketball size, traitors.
17. Re:Cool something besides politics by Anonymous Coward · 2018-12-21 02:06 · Score: 0
  
  B-b-b-but mah derp state!
18. Re:Cool something besides politics by Seven+Spirals · 2018-12-21 02:30 · Score: 1
  
  I didn't really come down one way or another on if the case was a good use of FBI resources. Despite your anger and insults you have some valid points. What I'm saying is more that just because something is a federal crime, doesn't mean that the FBI will automatically get involved. I did find the manner of the FBI investigator to be a bit lofty and he treated the locals pretty badly, too. It was clear they didn't like him. Of course, all that was just one incident and as we both say with more or less vitriol, it was an anecdote. Does the FBI have better things to do? Probably so, as you angrily attest. However, do people who commit real federal crimes that hurt real people always get the book thrown at them by the feds? No way. That's my main point.
19. Re:Cool something besides politics by Antique+Geekmeister · 2018-12-21 14:04 · Score: 1
  
  I'm afraid I've seen no sign that they "have anything better to do" but accept reports and evidence gathered by others, reports on which they refuse to act, and on occasion take credit for other people's work in which they've interfered until the moment of prosecution.. That they accept reports and evidence but then ignore it actually deters other criminal or civil prosecution,
20. Re:Cool something besides politics by Antique+Geekmeister · 2018-12-21 15:34 · Score: 1
  
  I hesitate to name the labs I've dealt with to preserve my pseudonymous status. I'm willing to say that I've dealt with them on 4 distinct occasions in the last 10 years, simply to report criminal activity I or my colleagues had tracked back to its source, and they did nothing with the information. Their position as the agency to report criminal computer activity actively and refusing to release the evidence to others interferes with other agencies.
Now if they could just take down "Lisa" by Ungrounded+Lightning · 2018-12-20 11:41 · Score: 1

Now if they could just take down "Lisa from Credit Card Services" the phone scammer that called me on my cellphone just before I got to this.

--
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
1. Re:Now if they could just take down "Lisa" by Anonymous Coward · 2018-12-20 11:45 · Score: 0
  
  Now if they could just take down "Lisa from Credit Card Services" the phone scammer that called me on my cellphone just before I got to this.
  Don't answer calls from people you don't know.
  That's how people who are not idiots do it.
2. Re:Now if they could just take down "Lisa" by Anonymous Coward · 2018-12-20 11:46 · Score: 0
  
  Yeah I got that one two days ago. They all dial from the same spoofed prefix as my phone, which is very obvious and easy to avoid. I still record them though. These idiots need to get dealt with, Trump included.
3. Re:Now if they could just take down "Lisa" by ShanghaiBill · 2018-12-20 13:37 · Score: 2
  
  Don't answer calls from people you don't know.
  Many of us rely on our phones for business. I get calls almost every day from clients and prospective clients. If I don't take the call, I starve.
  I have an iPhone. Almost all spam calls say "Scam Likely" in the name field. If Apple can identify scammers, why can't the phone company, or the FBI?
4. Re: Now if they could just take down "Lisa" by Anonymous Coward · 2018-12-20 13:53 · Score: 0
  
  I take oncall rotation for my job, Lisa calls my work phone. I can either ignore the call and risk losing my job like an idiot (you), or answer and hang up.
  It'd be nice if they could also take down the slut calling about my Student Loans, cars extended warranty, and that great Healthcare plan. The IRS guy who threatens to call the cops just makes me laugh.
5. Re:Now if they could just take down "Lisa" by Anonymous Coward · 2018-12-20 14:04 · Score: 0
  
  You're full of shit Bill and deserve worse than starvation, and you know nothing about how well the FBI detects scammers vs Apple because you have no clue how they're just matching the number to someone's complaint.
  Of course a moron like you thinks you're smarter than the FBI generally. Of course you do.
6. Re:Now if they could just take down "Lisa" by Anonymous Coward · 2018-12-21 07:31 · Score: 0
  
  I have an iPhone. Almost all spam calls say "Scam Likely" in the name field. If Apple can identify scammers, why can't the phone company, or the FBI?
  That's not an iPhone feature. It's a feature provided by your carrier.
Slashdot Is Safe by Anonymous Coward · 2018-12-20 11:54 · Score: 1

Luckily slashdotting is a thing of the past with this piddely audience.
1. Re:Slashdot Is Safe by fredrated · 2018-12-20 13:13 · Score: 1
  
  No shit, I think the ship has just about sunk, is it time to jump?
2. Re:Slashdot Is Safe by Anonymous Coward · 2018-12-20 22:37 · Score: 0
  
  Possibly.
  I just noticed this article has only got 41 comments since it was posted.
  That's like the Titanic being a car away from sinking. Ah, see, car analogy! Aw.
  I'll hand it in when you pry it from my freezing dead hands!
"High Profile" by Anonymous Coward · 2018-12-20 12:06 · Score: 0

High Profile ddos-provider websites are apparently those that exist on the open web and are subject to domain seizure.
So, you know, low-hanging fruit, some of which were pretending to be legitimate stress-testers despite not validating that people were hiring them to 'stress test' their own sites.
It's good they're gone and their owners facing charges, but isn't most of the serious ddos-for-hire going on from the Dark Web?
How will 4chan ruin Christmas now? by cfalcon · 2018-12-20 12:07 · Score: 1

Maybe we can get through Christmas without some online game going down because something they did offended a 4chan anon.
Maybe?
1. Re:How will 4chan ruin Christmas now? by Anonymous Coward · 2018-12-20 12:31 · Score: 0
  
  Fuck 4chink and Qtips-anonymous. BUH RING IT
Domain Seizure by XArtur0 · 2018-12-20 12:33 · Score: 1

Domain Seizure means we can still reach the actual site by its translated IP Address, right?
Not that I support their Business Model, just to know how much power the US Guv-a-mint actually does have.
Thanks.
1. Re:Domain Seizure by Anonymous Coward · 2018-12-20 12:37 · Score: 0
  
  Power ? Unkil Sammy has all-the-power.
2. Re:Domain Seizure by Anonymous Coward · 2018-12-20 12:41 · Score: 0
  
  Not likely, unless you know their IP hiding behind cloudflare. They have been hiding behind cloudflare for the better part of a year. It would also appear they have not seized the domain by taking the dns entry, but seized it at cloudflare or the hosting company hosting the actual site/box. The IP the domain is pointing to has not changed https://securitytrails.com/domain/downthem.org/history/a
An iffy issue. by Anonymous Coward · 2018-12-20 12:36 · Score: 0

Stress testing servers vs attacking someones servers is a very fine line.
Luckily there is an easy way for that to be avoided:
require a website to host a file on it which the DDoS host checks before it even remotely confirms a DDoS order
require in-person confirmation, identify confirmation or similar hard-to-fake method of proof that person A owns site A.
Easily falsified information shouldn't be used.
In both ways, given these extremely hard to fake methods of proof, it minimizes considerable abuse of potentially useful, simple stress testing of networks. The only reasonable way to break the first method would be to already have access to said website, in which case you could do so much more damage than a DDoS could. (in saying that, it's not like you would be exempt from doing both!)
However, there still comes an even bigger grey area, DDoSing with large bandwidth over public networks.
Where does it go from valid bandwidth use to outright abuse?
Some ISPs considered Youtube abuse of network resources, some still do. Google moved most of the significant Youtube bandwidth off-internet to their own fiber to minimize their bandwidth costs, and even with that they still haven't made money on it yet.
Most consider torrenting abuse and that's only sheer number of active connections rather than bandwidth which is rather trivial compared.
Good work regardless. Even if these were legit services, they would have clearly been abused due to incompetent owners despite this.
It would be akin to nukes-for-hire in terms of damage it causes to networks. It's just much shorter term compared to the 5~ months for "modern, cleaner" nukes to hit safe levels, AKA highly refined nukes to maximize energy release, dirty nukes are considerably easier to make, whodda thunk it?
His new name by Anonymous Coward · 2018-12-20 13:23 · Score: 0

David Bukoski will now be known as David Bukaki.
its about time by Revek · 2018-12-20 13:26 · Score: 1

I turned in several sites about four years ago and never heard anything back.
stomach problems by Anonymous Coward · 2018-12-20 14:00 · Score: 0

Americans are too yellow to take on the chinese.
Slashdot is safe! by easyTree · 2018-12-20 14:51 · Score: 1

No one RTFAs these days...

--
Requiem for the American Dream
Depends by Solandri · 2018-12-20 14:53 · Score: 1

If the site has a dedicated web server, then yeah the IP address will work even if the domain name gets taken down and DNS redirected.

But most small websites are hosted on shared servers. Dozens or hundreds of websites are hosted on a single server and all have the same IP address. The site that gets loaded in your browser depends on the domain name you used to get to that IP address.
1. Re:Depends by Anonymous Coward · 2018-12-20 16:23 · Score: 0
  
  It isn't at all difficult to request a host header matching whatever host name you want, after connecting to the IP address of the web server.
2. Re:Depends by Anonymous Coward · 2018-12-21 00:33 · Score: 0
  
  telnet IpAddress 80
  GET /piratedcontent.html
  Host: www.pirateServer.com
  Seems easy enough to do. May have to make browser extension, but http can handle it already.
next up china russia and syria attack your nation by Anonymous Coward · 2018-12-20 22:33 · Score: 0

keep disarming and see how this soy shit goes fools , and when the bs happens dont ask for any help
Wonder if they caught Steemit user berniesanders? by Anonymous Coward · 2018-12-21 02:17 · Score: 0

He's been known to DDoS sites of people he takes a disliking to. He's the reason many people have left Steemit. Not wishing ill on anyone, just justice.