The US Department of Justice today announced the seizure of nine internet domains linked to major distributed denial-of-service (DDoS)-for-hire operations, in a coordinated international crackdown that highlights the growing role of Alaska in global cybercrime enforcement.
Federal authorities partnered with international counterparts, including Poland’s Central Cybercrime Bureau, which simultaneously announced the arrest of four administrators behind some of the seized websites.
These criminal enterprises offered illegal “booter” or “stresser” services that allowed paying users to launch DDoS attacks, flooding systems with traffic to crash websites, servers, or even entire networks. The US seized nine domains associated with platforms such as Cfxapi, Cfxsecurity, Neostress, Jetstress, Quickdown, and Zapcut. The platforms facilitated widespread DDoS attacks, including targeting schools, government agencies, and other entities worldwide, with services offered for as little as $10 per attack.
The takedown is part of Operation PowerOFF, an ongoing multinational effort to dismantle DDoS-for-hire infrastructure.
Notably, the District of Alaska has emerged as a key partner in these cybercrime investigations. According to the Justice Department, over the past four years, more than 11 individuals have been charged in Los Angeles and Anchorage for operating or facilitating such services.
“DDoS for hire criminal booter services impact internet services for victims in every corner of the United States, including Alaska,” said US Attorney Michael J. Heyman for the District of Alaska. “This threat highlights the continued need to pursue cybercrime services like booter providers. We remain committed to bolstering our collaborative partnerships in the U.S. and abroad to address threats to critical internet infrastructure and services.”
The US Attorney’s Office for the District of Alaska has been involved in charging defendants related to these DDoS-for-hire services. For instance, in December, a defendant was charged federally in Anchorage, for being an administrator of significant booter services. The indictment remains under seal, but it is part of the broader effort to dismantle these illegal platforms.
In 2018, the US Attorney’s Office in Alaska charged David Bukoski for operating Quantum Stresser, a major DDoS-for-hire service responsible for over 50,000 attacks worldwide, including targets in Alaska.
In one case tied to a previous sweep, a Palmer-based individual was indicted for offering access to stresser tools that disrupted services across the country, impacting everything from public schools to gaming platforms. Law enforcement officials say Alaska’s growing digital infrastructure, especially in rural and underserved areas, makes it particularly vulnerable to internet-based attacks that can cut off essential communications.
The domains seized in the current action were involved in hundreds of thousands of DDoS attacks worldwide. Although many advertised themselves as legitimate testing tools, federal investigators with the Defense Criminal Investigative Service found ample evidence, such as thousands of incriminating communications, demonstrating that both providers and users knew the attacks were illegal.
“Booter services facilitate cyberattacks that harm victims and compromise everyone’s ability to access the internet,” said U.S. Attorney Bill Essayli for the Central District of California. “This week’s sweeping law enforcement activity is a major step in our ongoing efforts to eradicate criminal conduct that threatens the internet’s infrastructure and our ability to function in a digital world.”
To further prevent future misuse, authorities have launched an online advertising campaign to reach individuals searching for DDoS tools. The campaign, spearheaded by Homeland Security Investigations, DCIS, and Dutch authorities, uses keyword-triggered ads to deter potential offenders and educate the public on the legal risks of DDoS activity.
The seizures were authorized by the court and carried out by DCIS’s Cyber-West Resident Agency. Other major contributors who were credited to the takedown effort included the FBI field offices in Anchorage and Los Angeles.
Let me get this right, they seized some electrons? That’s it? Pretty weak sauce if you ask me.
Not when those “electrons” are blocking people from using web sites.
No, they seized the command and control servers for botnets that were comprised of compromised computers belonging to normal folks. Those computers would be used to ruin people’s internet experience. They also arrested the system administrators who’re operating and selling these services.
What, the FBI actually did something right? I’m not so sure.