Four Men Plead Guilty as US Justice Department Shut Down 13 DDoS-for-Hire Websites

The U.S. Justice Department has today (May 8) announced the court-authorised seizure of 13 internet domains associated with DDoS-for-hire services. 

It comes as part of an ongoing initiative targeting computer attack "booter" services, with U.S. law enforcement actions cracking down on websites that allow paying users to launch powerful distributed denial-of-service, or DDoS, attacks. 

These attacks typically flood targeted computers with information and prevent them from using the internet. While this can happen to individuals,  enterprises, financial institutions, schools and even government websites are among the millions of victims in the United States and beyond. 

“Victims who are attacked by such services, or those providing Internet services to the victims, often have to ‘overprovision,’ that is, pay for increased Internet bandwidth in order to absorb the attacks, or subscribe to DDoS protection services, or purchase specialized hardware designed to mitigate the effects of DDoS attacks,” according to the affidavit in support of the seizure warrants filed this week. “The prices of such overprovision or DDoS protection services are usually significantly more expensive than the cost of a given booter service.

Four men plead guilty to DDoS-for-hire websites

In conjunction with the domain seizures, the Justice Department announced today that four defendants charged in Los Angeles late 2022 pleaded guilty earlier this year to federal charges and admitted that they operated or participated in the operation of booter services. Those defendants are:

• Jeremiah Sam Evans Miller, aka “John The Dev,” 23, of San Antonio, Texas, who pleaded guilty on April 6 to conspiracy and violating the computer fraud and abuse act related to the operation of a booter service named RoyalStresser.com (formerly known as Supremesecurityteam.com);
• Angel Manuel Colon Jr., aka “Anonghost720” and “Anonghost1337,” 37, of Belleview, Florida, who pleaded guilty on February 13 to conspiracy and violating the computer fraud and abuse act related to the operation of a booter service named SecurityTeam.io;
• Shamar Shattock, 19, of Margate, Florida, who pleaded guilty on March 22 to conspiracy to violate the computer fraud and abuse act related to the operation of a booter service known as Astrostress.com; and
• Cory Anthony Palmer, 23, of Lauderhill, Florida, who pleaded guilty on February 16 to conspiracy to violate the computer fraud and abuse act related to the operation of a booter service known as Booter.sx.

All four defendants are set to be sentenced this summer. 

Cracking down on cybercrime

Assistant United States Attorneys Cameron L. Schroeder, Chief of the Cyber and Intellectual Property Crimes Section, and Aaron Frumkin, also of the Cyber and Intellectual Property Crimes Section, are prosecuting the criminal cases. Assistant United States Attorney James E. Dochterman of the Asset Forfeiture and Recovery Section is handling the seizure of the domains.

Dr. Ilia Kolochenko, Founder of ImmuniWeb, and a member of Europol Data Protection Experts Network, told EM360: “The DOJ and other U.S. law enforcement agencies, in collaboration with their European colleagues, demonstrate a rapidly intensifying success in combatting cybercrime around the globe.

"That being said, there are many challenges that remain unaddressed and hinder the most complicated and important cyber investigations. First, most government agencies have very limited funds for their cyber units and struggle to hire tech talents, who rather go to the private sector or even join cyber gangs that can afford to pay literally millions of dollars as a base salary.

"Second, even when perpetrators are identified, they may be located in an extradition-proof country and will eventually never stand trial for their crimes. Third, even when cybercriminals are apprehended, they usually have no assets to compensate their victims despite the growing success of law enforcement agencies to intercept and seize stolen money converted into cryptocurrencies.

"Finally, once one illicit website disappears thanks to a joint operation of international law enforcement agencies or the DOJ, a successor will rapidly emerge offering similar illicit goods or services: modern cybercrime resembles an immortal hydra.”