Operation PowerOFF

Last updated
Seizure message placed on DDoS websites after raid Operation PowerOFF.png
Seizure message placed on DDoS websites after raid

Operation PowerOFF is an ongoing joint operation by the FBI, EUROPOL, the Dutch National Police Corps, German Federal Criminal Police Office , Poland Cybercrime Police and the UK National Crime Agency to close "booter/stresser" services offering DDoS attack services for hire. [1] Beginning in 2022, the operation shut down 48 websites offering DDoS services, and six people were arrested in the United States. [2] Multiple companies, including Cloudflare, PayPal, and DigitalOcean provided information to the FBI to assist in the seizure.[ citation needed ]

Contents

History

In 2018, the FBI closed down 15 DDoS websites with the Dutch National Police Corps. [3] On December 14, resuming this collaboration, the FBI and Department of Justice announced that they had closed multiple websites offering DDoS-for-hire services. [4] The FBI claimed that these websites offered services designed to slow down websites relating to gaming. [5] The FBI also noted that these services had heavy use, claiming that "Quantum", one of the seized services, was used to launch 50,000 attacks. After the shutdown, multiple law enforcement agencies collaborating with the FBI declared they would place advertisements on search engines, such as Google, that would educate the public on the legality of DDoS services. [6]

Aftermath

Six US citizens were indicted by FBI offices in California and Alaska. Three of the people arrested were from Florida, one from Texas, one from Hawaii, and one from New York. [7] The FBI asks that users with information related to the attacks contact their offices for tips and information related to the seized sites. [8]

Ongoing activity

As of May 2023, Operation PowerOFF activities were still ongoing, with further websites being seized and prosecutions continuing. [9]

Related Research Articles

<span class="mw-page-title-main">Denial-of-service attack</span> Type of cyber-attack

In computing, a denial-of-service attack is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to a network. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled. The range of attacks varies widely, spanning from inundating a server with millions of requests to slow its performance, overwhelming a server with a substantial amount of invalid data, to submitting requests with an illegitimate IP address.

Rizon is a large Internet Relay Chat (IRC) network with an average of around 20,000 users. The IRC network itself ranks number 5 among the largest IRC networks. Rizon is popular with many anime fansubbing groups who work online, many of whom provide their content through XDCC via IRC bots in their distribution channels. It is also used by many users of eRepublik as a means of communication. File sharing of other copyrighted material such as Warez is also common in some channels on the network.

Joe Byrd was the Principal Chief of the Cherokee Nation from 1995 to 1999. Byrd is bilingual, with an ability to communicate in both Cherokee and English. He ran for re-election in 1999, but lost to Chad "Corntassel" Smith. He ran again in 2003, but again lost to the incumbent Smith.

<span class="mw-page-title-main">Timeline of Internet conflicts</span>

The Internet has a long history of turbulent relations, major maliciously designed disruptions, and other conflicts. This is a list of known and documented Internet, Usenet, virtual community and World Wide Web related conflicts, and of conflicts that touch on both offline and online worlds with possibly wider reaching implications.

<span class="mw-page-title-main">Anonymous (hacker group)</span> Decentralized hacktivist group

Anonymous is a decentralized international activist and hacktivist collective and movement primarily known for its various cyberattacks against several governments, government institutions and government agencies, corporations and the Church of Scientology.

<span class="mw-page-title-main">Low Orbit Ion Cannon</span> Open source network stress testing and denial-of-service attack application

Low Orbit Ion Cannon (LOIC) is an open-source network stress testing and denial-of-service attack application written in C#. LOIC was initially developed by Praetox Technologies, however it was later released into the public domain and is currently available on several open-source platforms.

<span class="mw-page-title-main">Operation Payback</span> Series of cyberattacks conducted by Anonymous

Operation Payback was a coordinated, decentralized group of attacks on high-profile opponents of Internet piracy by Internet activists using the "Anonymous" moniker. Operation Payback started as retaliation to distributed denial of service (DDoS) attacks on torrent sites; piracy proponents then decided to launch DDoS attacks on piracy opponents. The initial reaction snowballed into a wave of attacks on major pro-copyright and anti-piracy organizations, law firms, and individuals. The Motion Picture Association of America, the Pirate Party UK and United States Pirate Party criticised the attacks.

<span class="mw-page-title-main">Silk Road (marketplace)</span> 2011–2013 darknet market known for the sale of illegal drugs

Silk Road was an online black market and the first modern darknet market. It was launched in 2011 by its American founder Ross Ulbricht under the pseudonym "Dread Pirate Roberts." As part of the dark web, Silk Road operated as a hidden service on the Tor network, allowing users to buy and sell products and services between each other anonymously. All transactions were conducted with bitcoin, a cryptocurrency which aided in protecting user identities. The website was known for its illegal drug marketplace, among other illegal and legal product listings. Between February 2011 and July 2013, the site facilitated sales amounting to 9,519,664 Bitcoins.

Anonymous is a decentralized virtual community. They are commonly referred to as an internet-based collective of hacktivists whose goals, like its organization, are decentralized. Anonymous seeks mass awareness and revolution against what the organization perceives as corrupt entities, while attempting to maintain anonymity. Anonymous has had a hacktivist impact. This is a timeline of activities reported to be carried out by the group.

<span class="mw-page-title-main">Civil forfeiture in the United States</span> Aspect of U.S. law enforcement

In the United States, civil forfeiture is a process in which law enforcement officers take assets from people who are suspected of involvement with crime or illegal activity without necessarily charging the owners with wrongdoing. While civil procedure, as opposed to criminal procedure, generally involves a dispute between two private citizens, civil forfeiture involves a dispute between law enforcement and property such as a pile of cash or a house or a boat, such that the thing is suspected of being involved in a crime. To get back the seized property, owners must prove it was not involved in criminal activity. Sometimes it can mean a threat to seize property as well as the act of seizure itself. Civil forfeiture is not considered to be an example of a criminal justice financial obligation.

<span class="mw-page-title-main">Operation Onymous</span> International police operation targeting darknet markets

Operation Onymous was an international law enforcement operation targeting darknet markets and other hidden services operating on the Tor network.

Lizard Squad Hacker group

Lizard Squad was a black hat hacking group, mainly known for their claims of distributed denial-of-service (DDoS) attacks primarily to disrupt gaming-related services.

<span class="mw-page-title-main">High Orbit Ion Cannon</span> Denial-of-service attack tool

High Orbit Ion Cannon (HOIC) is an open-source network stress testing and denial-of-service attack application designed to attack as many as 256 URLs at the same time. It was designed to replace the Low Orbit Ion Cannon which was developed by Praetox Technologies and later released into the public domain. The security advisory for HOIC was released by Prolexic Technologies in February 2012.

Lazarus Group is a hacker group made up of an unknown number of individuals, alleged to be run by the government of North Korea. While not much is known about the Lazarus Group, researchers have attributed many cyberattacks to them between 2010 and 2021. Originally a criminal group, the group has now been designated as an advanced persistent threat due to intended nature, threat, and wide array of methods used when conducting an operation. Names given by cybersecurity organizations include Hidden Cobra and ZINC or Diamond Sleet. According to North Korean defector Kim Kuk-song, the unit is internally known in North Korea as 414 Liaison Office.

Mirai is malware that turns networked devices running Linux into remotely controlled bots that can be used as part of a botnet in large-scale network attacks. It primarily targets online consumer devices such as IP cameras and home routers. The Mirai botnet was first found in August 2016 by MalwareMustDie, a white hat malware research group, and has been used in some of the largest and most disruptive distributed denial of service (DDoS) attacks, including an attack on 20 September 2016 on computer security journalist Brian Krebs' website, an attack on French web host OVH, and the October 2016 Dyn cyberattack. According to a chat log between Anna-senpai and Robert Coelho, Mirai was named after the 2011 TV anime series Mirai Nikki.

Stresser services provide denial-of-service attack as a service, usually as a criminal enterprise.

<span class="mw-page-title-main">Dread (forum)</span> Online discussion forum hosted on the dark web

Dread is a Reddit-like dark web discussion forum featuring news and discussions around darknet markets. The site's administrators go by the alias of Paris and HugBunter.

Killnet is a pro-Russia hacker group known for its DoS and DDoS attacks towards government institutions and private companies in several countries during the 2022 Russian invasion of Ukraine. The group is thought to have been formed sometime around March 2022.

BlackCat, also known as ALPHV and Noberus, is a ransomware family written in Rust. It made its first appearance in November 2021. By extension, it is also the name of the threat actor(s) who exploit it.

Operation Lobos (, also known as Operation Wolves, was a Brazilian-centered 12-country, multinational operation, to target operations of a TOR onion service known as Baby Heart. Additional objectives/targets of the joint operation were the deanonymization of the TOR host server, TOR administrator and TOR users associated with the Target Website and several other targeted websites/chat-sites that were alleged to contain or be used to traffic illegal images of child sexual abuse materials and other categories of legal nude and non-nude images of persons under 18. As of February 2024, the complete list of target websites/chat-sites involved in this operation have not been released by any government, however, the primary targets appeared to be the following: Baby-Heart, Hurt-meh, Boyvids 4.0, Anjos Prohibidos /Forbidden-Angels, and Loli Lust. Court documents have indicated that there were at least two other websites/chat-sites that were targeted, however the names of the websites/chat-sites have not been made public.

References

  1. "Federal Prosecutors in Los Angeles and Alaska Charge 6 Defendants with Operating Websites that Offered Computer Attack Services". www.justice.gov. December 14, 2022.
  2. Paganini, Pierluigi (December 15, 2022). "FBI seized 48 domains linked to DDoS-for-Hire service platforms". Security Affairs.
  3. "Criminal Charges Filed in Los Angeles and Alaska in Conjunction with Seizures Of 15 Websites Offering DDoS-For-Hire Services". www.justice.gov. December 20, 2018.
  4. Muncaster, Phil (December 15, 2022). "Feds Hit DDoS-for-Hire Services with 48 Domain Seizures". Infosecurity Magazine.
  5. "Six Charged in Mass Takedown of DDoS-for-Hire Sites – Krebs on Security". 14 December 2022.
  6. "US seizes 48 websites used for DDoS attacks". My Broad Band. Bloomberg. 15 December 2022.
  7. Jessica Lyons (7 December 2022). "Microsoft: (Cyber) winter is coming as DDoS attack disrupts Russian bank". MSN. Retrieved 15 December 2022.
  8. "The FBI and International Law Enforcement Partners Intensify Efforts to Combat Illegal DDoS Attacks". Federal Bureau of Investigation.
  9. Muncaster, Phil (2023-05-09). "Operation Power Off: 13 More Booter Sites Seized". Infosecurity Magazine. Retrieved 2023-05-12.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.