FBI seizes domains that were linked to 48 DDoS for-hire platforms

Six suspects were charged by the US Department of Justice for running “Booter” or “Stresser” platforms, which allow anyone to conduct distributed denial of services attacks. They have been seized 48 domains.

Online platforms that allow threat actors to purchase distributed denial of service attacks against websites or Internet-connected devices from booters. They are basically “booting” their target from the Internet.

While stressers provide the same DDoS capabilities, they claim that they are used to legitimately test the reliability and availability of web services.

“Some websites use the term stresser in order to suggest that it could be used for testing the resilience of one’s infrastructure. However, as described below I believe that this is a façade and that these services exist only to attack victim computers that are not controlled or authorized by the attacker.” This was written by FBI Special Agent Elliott Peterson from the Alaska field office.

Threat actors must register for an account to deposit cryptocurrency. This is used to purchase the service.

DDoS testing by Special Agent Peterson using one of the seized domains

Source: FBI

Although almost all booter/stresser websites require subscribers to consent not to use their services for attacks, there are many services that can be promoted via hacker forums or the criminal marketplace.

Many times, platforms owners promote coupons and deals on cybercrime websites or employ affiliates to earn commissions.

Worldwide DDoS platform targeting

The US Attorney’s Office for the Central District of California (US Attorney’s Office) and the US Attorney’s Office for the District of Alaska that six people were charged with operating booter/stressor websites.

United States Attorney Martin Estrada stated that “these booter services enable anyone to launch cyberattacks which harm individuals and compromise everybody’s ability to use the internet.” This week’s broad law enforcement activities are a significant step in our continuing efforts to eliminate criminal conduct that compromises the internet infrastructure.

The suspects include a person from Texas, three from Florida, one from New York, and another from Hawaii who allegedly operated various stressor/booter sites, including,,,,, and

Operation PowerOFF is a larger operation by the FBI and other international law enforcement to take 48 Internet addresses (see complete list at end of this article) from DDoS and booter sites around the world.

After domains are officially seized, and DNS is used by law enforcement to transfer them, the servers will show a seizure warning message that they are illegal.

Seizure message to be added to seized domains

Source: DOJ

Thom Mrozek is the US Attorney’s Office Central District’s Media Relations Director. He told BleepingComputer the FBI was currently working with domain authorities in order to apply seizure messages, but the platforms have stopped functioning.

In order to show ads on search engines for people searching for booter service, the FBI has teamed up with the United Kingdom’s National Crime Agency (UK) and the Netherlands Police.

Google’s booter service search returned an advert that said, “Looking to find DDoS tools?” Booting is illegal. The advertisement is linked to the Cyber Choices page that provides information about how individuals can make informed decisions and use their cyber skills legally.

Google ad was taken out by UK’s NCA

Source: BleepingComputer

Below is a complete listing of domains that were seized by FBI agents: United States France Namecheap 1