U.S. law enforcement authorities have arrested a 20-year-old cyber criminal who ran as many as eight DDoS booter services and even offered them for hire on a popular hacking forum. Those who hired these services carried out 3,829,812 DDoS attacks between 2015 and 2017.
Sergiy Usatyuk, the cyber criminal, ran several DDoS booter services such as ExoStress.in, QuezStresser.com, Betabooter.com, Databooter.com, Instabooter.com, Polystress.com, Zstress.net, and Decafestresser aside from a couple of booter-affiliated websites Bestipstressers.com and Ipstressers.org that promoted the booters online and also advertised other booter services.
The DDoS booter services run by Usatyuk and a Canadian co-conspirator were immensely popular on hacker forums, so much so that Exostresser alone was used to carry out as many as 1,367,610 DDoS attacks on organisations, inflicting over 4,500 days of downtime on targeted organisations.
Among the most talked-about DDoS attacks carried out using Exostresser was one carried out against a video game manufacturer who had to bear an estimated cost of $164,000 to remediate the harm caused by the attack.
Usatyuk ran a well-organised DDoS business for 27 months
According to court documents, Usatyuk earned over $550,000 and 10.74 Bitcoin by offering such DDoS booter services for hire over a 27-month period and he also exploited third-party “amplification servers” without their owners’ consent to amplify unauthorised web traffic against targeted organisations.
The documents also revealed that Usatyuk’s scheme involved “registering and maintaining domains used by the Subject Boaters, creating and maintaining web hosting and colocation service accounts used by boaters to process and launch DDoS attacks, purchasing and maintaining computers and servers used for the same and opening and maintaining bank, payment processing, and cryptocurrency accounts needed to process and collect the payments of subscribers to the Subject Boaters.”
“It was further a part of the conspiracy that Usatyuk and Co-Conspirator A administered, managed and controlled the Subject Boaters including developing and maintaining the Subject Boaters websites software and computer infrastructure, advertising the Subject Boaters on public forums the Subject Booter Websites and other boater-related websites, providing customer
service to the Subject Boaters subscribers, communicating with third-parties who provided services to the Subject Boaters, fielding and responding to abuse complaints, identifying third-party amplification servers to unwittingly participate in DDoS attacks, and facilitating the exchange of the Subject Boaters’ gains into Bitcoin,” the documents added.
Arrests of DDoS masterminds signifies the scale of cyber threats
The arrest of Usatyuk is the second-such arrest carried out by law enforcement authorities this year. In January, the Blackfriars Crown Court sentenced a Surrey-based hacker Daniel Kaye to 32 months in prison for launching a devastating DDoS attack on Liberian mobile network Lonestar that cost the company millions of pounds in lost revenue between October 2016 and February 2017.
Kaye developed a unique variant of the Mirai botnet, named it Mirai £14, and used the new botnet to scan for thousands of internet-connected Lonestar devices. Once the botnet infiltrated the devices, Lonestar’s server crashed and the company’s revenue dipped from USD 84 million in October 2016 to just USD 17 million in February 2017.
Aside from taking down Lonestar’s network, Kaye is also accused of launching DDoS attacks using the Mirai £14 botnet on Lloyds, Halifax, Bank of Scotland and Barclays banks in 2017. He was arrested and extradited from Germany in September last year following a detailed investigation carried out by the National Crime Agency, and was subsequently slapped with nine charges under the Computer Misuse Act and other charges for blackmailing and possessing criminal property.
In April 2017, a 20-year old hacker named Adam Mudd was jailed for 2 years for orchestrating as many as 1.7 million cyber-attacks on the likes of Xbox Live, Minecraft and TeamSpeak. He admitted to creating a software named Titanium Stresser using which he launched as many as 600 DDoS attacks on 181 victims.
He used to loan out the software to other hackers who used it extensively on 650,000 users including on Xbox Live and Runescape users, culminating to a total of 1.7 million hacking attempts. In just two years, Titanium Stresser earned Mudd close to £400,000 in bitcoins and cash.