SoylentNews

upstart [soylentnews.org] writes:

████ Bot sub. Needs editing. Et cetera. ████

Submitted via IRC for SoyCow1337

DDoS-for-Hire Services Owner Sentenced to 13 Months in Prison [bleepingcomputer.com]

Sergiy P. Usatyuk, the owner and admin of several DDoS-for-hire services also known as booters or stressers, was sentenced to 13 months in prison, to be followed by three years of supervised release.

Booters are web-based platforms designed to allow cybercriminals for a small fee or subscription to launch distributed denial-of-service (DDoS) against a target of their choice, leading to the victim's servers being "booted" from the Internet.

These type of attack tools are usually very cheap and allow anyone to hit online services, websites, or servers with a large scale DDoS attack, and have become increasingly popular during the last five years.

Over $500,000 gained from booter subscriptions and ads

He was sentenced on one count of conspiracy to cause damage to internet-connected computers for launching millions of DDoS attacks against victims from the U.S. and all over the world with the help of booter services he owned, administered, or supported.

Usatyuk was also ordered by Chief U.S. District Judge Terrence W. Boyle to forfeit dozens of servers, computer equipment, as well as $542,925 in proceeds from his illegal scheme.

"According to the criminal information, Usatyuk combined with a co-conspirator to develop, control and operate a number of booter services and booter-related websites from around August 2015 through November 2017 that launched millions of DDoS attacks that disrupted the internet connections of targeted victim computers, rendered targeted websites slow or inaccessible, and interrupted normal business operations," the Department of Justice announced [justice.gov] today.

The DDoS-for-hire services controlled by Usatyuk included ExoStress.in, QuezStresser.com, Betabooter.com, Databooter.com, Instabooter.com, Polystress.com, and Zstress.net.

Usatyuk and a co-conspirator collected over $550,000 from charging subscriber fees from paying customers as well as from displaying ads for other booter services on his stressers' websites during the period of the conspiracy.

DDoS attacks too large for their targets

The investigators found that the DDoS attacks launched by his customers with the help Usatyuk's booters were also able to harm networks and servers not directly targeted in the attacks.

For instance, one of Betabooter's customers attacked a Pittsburgh, Pennsylvania, school district that affected its computing systems together with another 17 organizations sharing the same computer infrastructure.

In that single attack, the Betabooter subscriber's DDoS siege inadvertently impacted other school districts, the county's government, the county’s career and technology centers, as well as a Catholic Diocese from the same area as the investigators discovered.

"The defendant made hundreds of thousands of dollars by launching countless indiscriminate cyber-attacks that victimized various segments of American society," Justice Department’s Criminal Division Assistant Attorney General Brian A. Benczkowski said. 

"The operation and use of these services to disrupt the operations of our businesses and other institutions cannot be tolerated.  Anyone who weaponizes web traffic in this manner will be vigorously pursued and prosecuted by my office," U.S. Attorney Robert J. Higdon Jr. also stated.

Reporting DDoS attacks to the FBI

As the FBI's Internet Crime Complaint Center (IC3) explains, using booter services to launch DDoS attacks is punishable under the Computer Fraud and Abuse Act.

Involvement in this type of illegal activity may result in the seizure of computers and other electronic devices, arrest and criminal prosecution, significant prison sentence, as well as penalties or fines.

Information on how to report DDoS attacks to the FBI is available at the end of this IC3 public service announcement [ic3.gov] from October 2017.

Original Submission