When it comes to setting up thieves to catch thieves, the UK National Crime Agency (NCA) has revealed that it has created a network of fake DDoS contractor websites to infiltrate the online criminal underworld.
“Every site operated by the NCA that has been visited by about a few thousand people so far has been made to appear to offer tools and services that enable cybercriminals to carry out these attacks. ‘ said law enforcement. Said.
“However, after the user registers, the data is collated by investigators rather than being granted access to cybercrime tools.”
The effort is part of an ongoing international joint effort called Operation PowerOFF, in collaboration with authorities in the United States, the Netherlands, Germany, Poland and Europol, aimed at dismantling criminal DDoS rental infrastructure around the world. is.
DDoS contracting services (aka “booters” or “stressors”) attempt to force infected devices’ access to networks offline by launching distributed denial of service (DDoS) attacks against websites Rent it out to other criminals.
Such illegal platforms offer various membership options and charge customers between $10 and $2,500 per month.
“The ease of access means that these tools and services have made it easier for people with low levels of cyber skills to commit crimes,” said the NCA. I got it Dating back to December 2022, a coordinated exercise dismantled 48 booter sites.
NCA said it would not disclose how many sites it operates, so individuals who plan to use such services in the future should consider whether it’s worth the risk.
Alan Merrett, member of NCA’s National Cyber Crime Unit, said in a statement:
Discover the hidden dangers of third-party SaaS apps
Are you aware of the risks associated with third-party app access to your company’s SaaS apps? Join our webinar to learn about the types of permissions granted and how to minimize the risks.
“The perceived anonymity and ease of use these services provide has meant that DDoS has become an attractive entry-level crime, making cybercrime easy for individuals with little technical competence to commit.” make it possible.”
This isn’t the first time law enforcement has secretly operated a fake service to combat criminal activity in the digital realm.
In June 2021, the U.S. Federal Bureau of Investigation (FBI) and Australian Federal Police (AFP) ran an encrypted chat service called ANoM for about three years, with 2,700 coins exchanged between members of criminal gangs around the world. It revealed that it intercepted 10,000 messages.
