Rewterz Threat Advisory – ICS: Rockwell Automation ThinManager ThinServer Vulnerability
March 27, 2023Rewterz Threat Alert – Bitter APT Group – Active IOCs
March 28, 2023Rewterz Threat Advisory – ICS: Rockwell Automation ThinManager ThinServer Vulnerability
March 27, 2023Rewterz Threat Alert – Bitter APT Group – Active IOCs
March 28, 2023Severity
High
Analysis Summary
The UK National Crime Agency (NCA) has taken an innovative approach to combat cybercrime by setting up several fake DDoS-for-hire or ‘booter’ services. These services allow users to rent or purchase the use of a network of compromised devices to launch DDoS attacks on targeted websites or networks.
By infiltrating the online criminal marketplace in this way, the NCA is attempting to gather intelligence on the individuals and groups involved in this type of criminal activity. This information could be used to identify and prosecute those responsible for launching DDoS attacks and disrupt the networks that support these activities.
The ease of use of DDoS-for-hire services and the availability of these services on the dark web has made it accessible to anyone, including those with no specific knowledge of hacking. This has led to an increase in DDoS attacks, causing significant disruption and financial loss to businesses and organizations worldwide.
“All of the NCA-run sites, which have so far been accessed by around several thousand people, have been created to look like they offer the tools and services that enable cyber criminals to execute these attack. However, after users register, rather than being given access to cyber crime tools, their data is collated by investigators.” according to the statement published
The initiative is part of an ongoing international joint effort named Operation PowerOFF, which is being carried out in collaboration with authorities from the United States, the Netherlands, Germany, Poland, and Europol to dismantle criminal DDoS-for-hire infrastructures throughout the world.
In the context of “Operation PowerOFF,” the US Department of Justice and the FBI announced the seizure of 48 domains that sold “booter” services in December 2022.
According to the NCA’s Cyber Crime Unit’s member Alan Merrett, “Booter services are a key enabler of cyber crime. The perceived anonymity and ease of use afforded by these services means that DDoS has become an attractive entry-level crime, allowing individuals with little technical ability to commit cyber offences with ease.”
As a consequence of that action, the authorities accused six people with direct involvement in these illicit activities.
While takedowns and arrests remain important components of the fight against the threat, the agency reveals that its current strategies expand the impact of their operations to weaken trust in illegal marketplaces and halt DDoS attacks at their source.
The NCA’s initiative to set up fake DDoS-for-hire services is an innovative approach to combat this problem. However, it is important to ensure that innocent individuals or businesses are not caught up in the investigation and that the use of such tactics is weighed carefully against the potential benefits and risks involved.