Booter boss behind millions of DDoS-for-hire attacks jailed
The US has sentenced a 21-year-old man from the US state of Illinois to 13 months in prison for running multiple distributed denial of service (DDoS) services with names that sound like somebody squeezed them out of a London youth subculture: ExoStresser, QuezStresser, Betabooter, Databooter, Instabooter, Polystress, and Zstress.
A profitable set of snazzily named services, at that: Sergiy P. Usatyuk has also been ordered to forfeit the more than half a million – $542,925 – that he made from the DDoS-for-hire scheme. That money came both from renting out his services and from space he sold to his brethren booter operators so they could advertise on his sites.
Also up for forfeiture: all the gear Usatyuk used to run his site-jamming floods, or which he bought with his ill-gotten loot – namely, dozens of servers and other computer equipment.
Usatyuk was convicted on one count of conspiracy to cause damage to internet-connected computers.
He and an unnamed buddy developed and ran the so-called booter services and related websites from around August 2015 through November 2017. They were behind the launch of millions of DDoS attacks against targeted victim computers that rendered targeted websites slow or completely zombified, and that discombobulated normal business operations. During just the first 13 months of the scheme, the users of the booters launched 3,829,812 attacks.
The bragging rights went up as advertising collateral: As of 12 September 2017, ExoStresser advertised on its website that the one booter service alone had launched 1,367,610 DDoS attacks and caused targets to suffer 109,186.4 hours of network downtime: some 4,549 days.
Booters – also known as stressers or DDoS-for-hire – are publicly available, web-based services that launch these server-clogger-upper attacks for a small fee or, sometimes, none at all.
As befits the “stresser this” and “stresser that” brand names for Usatyuk’s offerings, DDoS-for-hire sites sell high-bandwidth internet attack services under the guise of “stress testing.” DDoS attacks are blunt instruments that work by overwhelming targeted sites with so much traffic that nobody can reach them. They can be used to render competitor or enemy websites temporarily inoperable out of malice, lulz or profit: some attackers extort site owners into paying for attacks to stop.
One example is Lizard Squad, which, until its operators were busted in 2016, rented out its LizardStresser attack service. An attack service that was, suitably enough, given a dose of its own medicine when it was hacked in 2015.