The Dutch police took down 15 DDoS-for-hire services in a week

Dutch authorities have taken down 15 DDoS-for-hire services in a week, this is another success of law enforcement in the fight against cybercrime.

An operation conducted by Dutch authorities last week has shut down 15 DDoS-for-hire services (aka DDoS booters or DDoS stressor), states a press release published by Dutch police. The operation was conducted with the support of Europol, Interpol, and the FBI along with web hosting providers and domain registrars.

The DDoS-for-hire services allowed users to sign up and launch DDoS attacks against any system exposed online.

“The cybercrime team in the Central Netherlands uses innovative methods to detect such booters. Last week, 15 booters were blacked out at the request of the police.” reads the press release published by the Dutch Police. “We work together with external parties such as hosters, registrars for international police forces, Europol, Interpol and the FBI.”

“With preventive actions, we want to protect people as much as possible against DDoS attacks. By taking booters and their domain names offline, we make it difficult for cyber criminals. We have now put quite a few on black. If they pop up elsewhere, we will immediately work on it again. Our goal is to seize more and more booters, ”said Jeroen Niessen of the police. 

Authorities did not reveal the name of the 15 DDoS services.

On April 10, 2020, Dutch police also arrested a 19-year-old man from Breda, he is suspected of having shut down the websites MijnOverheid.nl and Overheid.nl by carrying out DDoS attacks on March 19.

“On March 19, the above sites were unavailable for several hours. In a DDoS attack, servers of a website are bombarded with data traffic. This could cause the servers to fail. Visitors can then (almost) no longer reach the website.” continues the press release. “Especially in these times where many emergency regulations and other emergency regulations are made accessible via this site. The arrested man is formally suspected of having compromised vital reporting that would compromise safety.”

 The Overheid.nl is a very important website in this period because it includes information on the Coronavirus outbreak and the initiatives of the Dutch government to protect the population.

MijnOverheid is a kind of digital letter-box used by Dutch citizens to receive messages from the government, it also provides personal information to the population, including the registration with the municipality or the date of the MOT. 

“By flattening a website like this, you are denying citizens access to their personal data and important government information. We take this very high, especially now that the corona crisis is causing additional uncertainty and a great need for information for many people. We want to protect people and companies and make it increasingly difficult for cyber criminals to carry out a DDoS attack, “said Jeroen Niessen, head of the cyber crime team of the Central Netherlands police.”

In October, a joint operation conducted by the Netherlands’ National Criminal Investigation Department and National Cyber Security Center allowed to track down and seize five servers that were composing a cybercrime underground bulletproof hosting service.

The servers were hosted at an unnamed data center in Amsterdam, it was used by tens of IoT botnets involved in DDoS attacks worldwide. The bulletproof hosting service was used to host malware and command and control systems of several DDoS botnets.

In December 2018, Dutch police also participated in an international operation against DDoS-for-hire services.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – DDoS-for-hire service, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]