UK National Crime Agency targets cybercriminals with Fake DDoS-For-Hire site
If you can’t beat them, join them. The UK National Crime Agency (NCA) has come up with a new technique to nab cybercriminals by posing as cybercriminals. The agency revealed that it’s running a series of fake DDoS-for-hire websites that mimic legitimate ones to access the online criminal underworld.
"All of the NCA-run sites, which have so far been accessed by around several thousand people, have been created to look like they offer the tools and services that enable cybercriminals to execute these attacks," the law enforcement agency said.
However, instead of granting access to such tools, the data collected from the registered users is passed on to investigators.
The operation has resulted in the arrest of numerous individuals so far. The NCA-run sites are part of Operation PowerOFF, a worldwide initiative, aimed at disintegrating DDoS-for-hire infrastructures worldwide. The NCA is running the operation alongside authorities from the US, the Netherlands, Germany, Poland, and Europol.
DDoS-for-hire services, also called "Booter" or "Stresser" services, offer access to a network of infected devices, enabling other criminal actors to launch DDoS attacks against websites and force them offline. These illegal platforms have a range of membership options, costing anywhere from $10 to $2,500 per month.
The consequence is anybody, including those with no technical skills, can now carry out an attack.
"Booter services are a key enabler of cybercrime," Alan Merrett, a member of the NCA's National Cyber Crime Unit, said in a statement."The perceived anonymity and ease of use afforded by these services means that DDoS has become an attractive entry-level crime, allowing individuals with little technical ability to commit cyber offences with ease."
Understandably, the NCA has declined to reveal the number of fake sites it is running. This is in the hopes that potential users will think twice before signing up for a DDoS as a service account since it could be a trap.
This latest ploy by the NCA represents a growing trend of law enforcement agencies going undercover in the cybercriminal world to destroy them from the inside world.
In June 2021, the FBI and AFP ran a similar operation where they operated an encrypted chat service called ANoM for three years, intercepting over 27 million messages between cybercriminals worldwide. And just recently, the FBI together with German and Dutch law enforcement took down the notorious Hive ransomware group by posing as cybercriminals.