UK’s NCA infiltrates cybercrime market with fake DDoS sites

The agency set up several fake DDoS sites offering DDoS-for-hire services to infiltrate the online criminal marketplace.

Remember when the Dutch police sent letters to those who bought “booters” from DDoS sites? The National Crime Agency (NCA) of the United Kingdom is doing something similar but in a tricky way.

The agency has launched a sting operation as part of Operation Power Off, a collaboration between international law enforcement agencies to take down DDoS (distributed denial of service) infrastructure.

The operation involved the NCA setting up several fake DDoS sites and offering DDoS-for-hire or booter services to infiltrate the online criminal marketplace. It is important to note that DDoS attacks are illegal in the UK under the Computer Misuse Act 1990.

The NCA designed all these sites to appear authentic, giving the visitor the impression that the tools and services offered would allow them to launch DDoS attacks.

The agency claims that several thousand people have visited these sites, but upon registering on the site, instead of getting the services, users are shown a splash page informing them that their data has been collected, and law enforcement agencies will contact them.

This is what is shown once a user registers an account (Image: NCA)

For foreign visitors (users outside the United Kingdom), their data is transferred to international agencies. For instance, if a user from the United States has registered on one of the fake DDoS sites, their details would be forwarded to the FBI.

According to the NCA‘s National Cyber Crime Unit’s Alan Merrett, booter services are currently under the agency’s radar because they serve as a potent enabler of cybercrime in the country and elsewhere.

Merrett noted that the perceived anonymity and ease of use provided by these services make DDoS an attractive entry-level crime, allowing individuals with little technical ability to commit cyber offences with ease.

The perceived anonymity and ease of use afforded by these services mean that DDoS has become an attractive entry-level crime, allowing individuals with little technical ability to commit cyber offences with ease.”

Merrett added that the agency would not reveal the number of fake DDoS sites it is currently operating or how long the sting operation will last. Therefore, people looking for these services should be cautious as they might not know who is operating them.

RELATED NEWS