KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS

https://krebsonsecurity.com/2025/05/krebsonsecurity-hit-with-near-record-6-3-tbps-ddos/

#U.S.DepartmentofJustice #InternetofThings(IoT) #KaikeSouthierLeite #Ne'er-Do-WellNews #ALittleSunshine #TheComingStorm #DamianMenscher #DDoS-for-Hire #ProjectShield #Aisurubotnet #Breadcrumbs #QiAnXinXLab #CloudFlare #stresser #Akamai #booter #Jigsaw #Forky #mirai #yfork #DDoS #fbi

It's interesting how the operation #PowerOff regularly dominates the #DDoS timeline for their take down of #booter / #stresser services.

It needs to happen, I agree, and it is great work done by the authorities. But it really leaves an aftertaste, since a couple of weeks later the landscape is back to normal with new services, new domains, same old business model.

#infosec #operationpoweroff

Most people who operate DDoS-for-hire businesses attempt to hide their true identities and location. Proprietors of these so-called “booter” or “stresser” services — designed to knock websites and users offline — have long operated in a legally murky area of cybercrime law. But until recently, their biggest concern wasn’t avoiding capture or shutdown by the feds: It was minimizing harassment from unhappy customers or victims, and insulating themselves against incessant attacks from competing DDoS-for-hire services.

And then there are booter store operators like John Dobbs, a 32-year-old computer science graduate student living in Honolulu, Hawaii. For at least a decade until late last year, Dobbs openly operated IPStresser[.]com, a popular and powerful attack-for-hire service that he registered with the state of Hawaii using his real name and address. Likewise, the domain was registered in Dobbs’s name and hometown in Pennsylvania.

https://krebsonsecurity.com/2023/01/thinking-of-hiring-or-running-a-booter-service-think-again/

Saved the best quote till the end, from @nixonnixoff :

"“When a booter service claims they don’t share logs, they’re lying because logs are legal leverage for when the booter service operator gets arrested,” Nixon said. “And when they do, you’re going to be the first people they throw under the bus.”

#booter #stresser #ddosforhire #ddos #Dobbs #IPStresser

The U.S. Department of Justice (DOJ) today seized four-dozen domains that sold “#booter” or “#stresser” services — businesses that make it easy and cheap for even non-technical users to launch powerful Distributed Denial of Service (#DDoS) attacks designed knock targets offline. The DOJ also charged six U.S. men with computer crimes related to their alleged ownership of the popular DDoS-for-hire services.

The DOJ said the 48 domains it seized helped paying customers launch millions of digital sieges capable of knocking Web sites and even entire network providers offline.

One of the defendants has allegedly been peddling DDoS for more than a decade. John M. Dobbs, 32, of Honolulu, HI is charged with aiding and abetting violations of the CFAA related to the operation of IPStresser[.]com, which he allegedly operated for nearly 13 years until last month. During that time, IPstresser launched approximately 30 million DDoS attacks and garnered more than two million registered users.

https://krebsonsecurity.com/2022/12/six-charged-in-mass-takedown-of-ddos-for-hire-sites/