Sunday, February 10, 2019

Criminal Charges Filed in Alaska in Conjunction with the Seizure of Websites Offering DDoS-For-Hire Services


Authorities Target So-Called “Booter” or “Stresser” Services that Facilitate Internet Attacks

Anchorage, Alaska – U.S. Attorney Bryan Schroder announced today the seizure of an internet domain associated with DDoS-for-hire services, as well as criminal charges against a Pennsylvania man who facilitated the computer attack platform.  This case was brought as part of an FBI investigation that led to the seizure of 15 websites, resulting in criminal charges filed from the U.S. Attorney’s Offices for the District of Alaska and the Central District of California.

The sites, which offered what are often called “booter” or “stresser” services, allowed paying users to launch powerful distributed denial-of-service, or DDoS, attacks that flood targeted computers with information and prevent them from being able to access the internet.  Booter services such as named in this action allegedly cause attacks on a wide array of victims in the United States and abroad, including financial institutions, universities, internet service providers, government systems, and various gaming platforms. The action against the DDoS services comes the week before the Christmas holiday, a period historically plagued by prolific DDoS attacks in the gaming world.

The U.S. Attorney’s Office for the District of Alaska charged David Bukoski, 23, of Hanover Township, Pennsylvania, with aiding and abetting computer intrusions.  The charging documents allege that Bukoski operated Quantum Stresser, one of the longest-running DDoS services in operation.  As of Nov. 29, Quantum had over 80,000 customer subscriptions dating back to its launch in 2012.  In 2018 alone, Quantum was used to launch over 50,000 actual or attempted DDoS attacks targeting victims worldwide, including victims in Alaska and California.  On Dec. 19, pursuant to seizure warrants issued by the U.S. District Court for the Central District of California, the FBI seized the domains of 15 booter services, one of them being quantumstress.net, the service operated by Bukoski.

“The internet has become the nerve system of modern life, including modern business and government operations,” said U.S. Attorney Schroder.  “Against that backdrop, it is essential for law enforcement officers and prosecutors to act swiftly and decisively when criminals attack any part of that system, especially the end users.”

“FBI Anchorage’s Cyber squad worked closely with the FBI’s Los Angeles, Chicago, and Philadelphia Field Offices to address the severe threat posed by DDoS-for-hire in advance of the holiday season,” said Jeffery Peterson, the Special Agent in Charge of FBI’s Anchorage Field Office.  “The FBI could not have conducted this successful investigative effort without the cooperation of our international law enforcement and private industry partners.  Criminal enterprises and individual actors routinely use DDoS to disrupt networks and damage internet-based services, often resulting in substantial financial losses to companies and individuals. The FBI will continue to aggressively pursue all crimes in cyberspace and strengthen America's cybersecurity.”

Over the past five years, booter and stresser services have grown as an increasingly prevalent class of DDoS attack tools.  These types of DDoS attacks are so named because they result in the “booting” or dropping of the victim-targeted website from the internet.  Booter-based DDoS attack tools offer a low barrier to entry for users looking to engage in cyber criminal activity, representing an effective advance in internet attack technology.  For additional information on booter and stresser services and the harm that they cause, please visit: https://www.ic3.gov/media/2017/171017-2.aspx.

The case against Bukoski is being prosecuted by Assistant U.S. Attorney Adam Alexander of the District of Alaska and Trial Attorney C. Alden Pelker of the Computer Crime and Intellectual Property Section (CCIPS) of the Criminal Division.

The case announced today is being investigated by the FBI’s Anchorage Field Office and the FBI’s Cyber Initiative and Resource Fusion Unit (CIRFU).  Additional assistance was provided by the FBI’s Chicago, Los Angeles, Memphis, and Philadelphia Field Offices and the Scranton, Pennsylvania Resident Agency; the Major Cyber Crimes Unit, Global Operations and Targeting Unit, and Money Laundering Intelligence Unit of FBI Headquarters; Defense Criminal Investigative Service; and the U.S. Attorney’s Offices for the Eastern District of Pennsylvania, Middle District of Pennsylvania, Western District of Tennessee and the Northern District of Illinois.  The United Kingdom’s National Crime Agency, the Dutch National Police – National High Tech Crime Unit, and the National Cyber-Forensics & Training Alliance made invaluable contributions.  Akamai, Bell Aliant, Cloudflare, Entertainment Software Association, Flashpoint, Google, Oath Inc., Oracle, Palo Alto Networks Unit 42, PayPal, Riot Games, ShadowDragon, SpyCloud, University of Cambridge and other valued private sector partners provided additional assistance.

The charges in the indictment are merely allegations, and the defendant is presumed innocent until proven guilty beyond a reasonable doubt in a court of law.

No comments:

Post a Comment