US Authorities Seize 13 Domains Offering DDoS Criminal Services for Hire
US authorities have announced the seizure of 13 internet domains that offer DDoS services on lease to other criminals.
The removal is part of an ongoing international initiative dubbed Operation Power Off aimed at dismantling the criminal DDoS infrastructure for hire around the world.
The development comes nearly five months after a December 2022 “sweep” dismantled 48 such services to support paid users to launch distributed denial-of-service (DDoS) attacks against targets of interest.
This includes school districts, universities, financial institutions and government websites, according to the US Department of Justice (DoJ).
Ten of the 13 restricted domains seized were “reincarnations” of booter or stresser services that were previously shut down towards the end of last year.
“In recent years, booter services have continued to proliferate, as they offer a low barrier to entry for users wishing to engage in cybercrime activity,” the DoJ said. said in a press release on Monday.
“In addition to harming the victim by disrupting or reducing access to the internet, an attack from a booter service can also completely cut off the internet connection for other customers served by the same internet service provider through a shared connection point.”
Alongside the domain seizures, the DoJ also said that four of the six people charged in December 2022 in connection with operating the service had entered guilty pleas.
The defendants – Jeremiah Sam Evans Miller, 23, from San Antonio, Texas; Angel Manuel Colon Jr., 37, of Belleview, Florida; Shamar Shattock, 19, of Margate, Florida; and Cory Anthony Palmer, 23, of Lauderhill, Florida – are expected to be sentenced later this year.
Try2Check Card Check Service Down
The announcement came a few days after Try2Check glitches (aka Try2Services) after a decade-long investigation, an illegal online platform that allows threat actors to check the status of stolen credit card numbers in their possession and determine if they are valid and active.
The DoJ is also charging 43-year-old Russian citizen, Denis Gennadievich Kulkov, for his role in creating and turning the service into “a principal tool of illegal credit card trading,” with the Department of State. offer $10 million reward for information leading to his arrest.
The department subsequently expanded separate awards of up to $1 million for each specific item that would help identify another key leader of the Try2Check cybercrime group.
Learn How to Stop Ransomware with Real-Time Protection
Join our webinar and learn how to stop ransomware attacks in their tracks with real-time MFA and service account protection.
The fraudulent platform, according to the indictment, allegedly abused the systems of a leading US-based payment processing company to perform card checks by exploiting pre-authorization service. The company name was not disclosed.
Try2Check, launched in 2005, is estimated to process tens of millions of credit card checks annually and facilitate the operation of several major card shops such as Joker’s Stash which specialize in mass trading of stolen credit cards. Starting February 2022, one card check costs $0.20.
“Through the illegal operation of his website, the defendant generated at least $18 million in bitcoin (as well as an unknown amount through other payment systems), which he used to purchase Ferraris, among other luxury items,” the DoJ noted.
The indictment against Kulkov also comes weeks after Denis Mihaqlovic Dubnikov, who pleaded guilty to money laundering charges for the Ryuk ransomware gang earlier this year. punished for the time served and ordered to forfeit $2,000 in illegal profits.
